Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/Q1E30Sp-PHTn2Qe5dVfmq-XnmuA.roa
File: Q1E30Sp-PHTn2Qe5dVfmq-XnmuA.roa (raw, json)
Hash identifier: /kTd2sdECiCHgJc5kND1g2NcuDfNlYyHa1czHHdeMe4=
Subject key identifier: 43:51:37:D1:2A:7E:3C:74:E7:D9:07:B9:75:57:E6:AB:E5:E7:9A:E0
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 018CC5013388CA2CB4A074BE95A0AB2CA91C
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/Q1E30Sp-PHTn2Qe5dVfmq-XnmuA.roa
Signing time: Mon 01 Jan 2024 12:30:39 +0000
ROA not before: Mon 01 Jan 2024 12:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a14:b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Nov 2024 12:08:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:33:88:ca:2c:b4:a0:74:be:95:a0:ab:2c:a9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Jan 1 12:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=435137d12a7e3c74e7d907b97557e6abe5e79ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0b:50:6d:22:f5:a5:09:4e:26:c5:ae:f3:4a:
dc:f7:a1:0e:e8:2d:ef:04:63:4a:bd:8c:bf:52:5b:
cb:17:2e:99:8d:d0:3d:51:e9:ea:35:97:82:6c:e4:
89:57:7d:35:65:c3:30:b4:ad:27:88:b7:4f:d3:3f:
cd:47:c9:99:aa:f0:44:6f:e1:eb:2f:4a:16:0f:43:
e6:f9:d1:25:97:2f:80:5a:c7:67:c2:00:0c:4c:5e:
53:a6:ba:c4:06:a5:fd:fb:99:17:9f:d4:0c:9c:84:
ea:b2:ac:51:71:87:dc:b5:9d:31:bc:09:58:0e:4b:
33:60:bd:86:a7:87:92:3e:97:39:6a:68:a6:07:02:
42:3e:17:25:8e:34:1e:b7:43:3b:eb:92:c5:a0:f4:
b0:ab:7c:7e:a6:01:c7:e8:a4:9b:e7:0d:50:b6:42:
b7:47:ef:90:e1:1a:40:a4:0c:5b:f9:46:42:45:97:
81:33:f3:6d:cd:71:d6:1b:25:d7:bc:0b:09:e3:8c:
9e:97:59:4f:c9:89:05:82:66:c3:97:ec:ed:f2:12:
b7:42:36:2e:59:c8:3e:e4:9c:3b:58:c0:c2:af:e8:
03:47:26:62:ba:c9:ac:5b:98:cf:88:7e:35:82:bc:
14:8c:45:e9:aa:55:3e:14:41:f2:89:76:1b:55:28:
9b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:51:37:D1:2A:7E:3C:74:E7:D9:07:B9:75:57:E6:AB:E5:E7:9A:E0
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/Q1E30Sp-PHTn2Qe5dVfmq-XnmuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b80::/32
Signature Algorithm: sha256WithRSAEncryption
07:c4:1b:39:ee:ac:d4:4e:aa:89:a3:7a:49:82:de:4f:78:93:
d0:3b:32:fe:3b:c4:e4:41:e0:15:3e:51:16:c1:d8:29:65:08:
09:a9:1d:bc:ff:dc:a0:40:4c:5e:49:0b:7e:b5:91:a3:ed:ae:
a8:43:9f:87:78:a3:8a:c5:41:d5:6c:83:2e:e6:8f:c9:80:34:
51:fd:a7:04:80:3d:ff:6e:4d:bd:a3:7d:bd:93:29:60:33:04:
8e:f6:0f:3a:5a:ef:76:09:b9:25:a6:e8:cd:a5:1d:bc:5e:93:
99:b2:35:fc:d6:92:9d:f1:c8:3a:13:a3:44:a4:e1:dc:58:8c:
83:23:40:72:47:f3:9f:e2:7a:17:27:a5:18:3b:13:71:8d:6d:
3e:39:02:f1:42:e9:15:29:92:6c:c8:50:16:a8:36:fc:4e:55:
4e:68:8a:04:98:83:15:ba:46:88:8e:05:75:22:f1:4b:69:94:
1a:9e:d3:c3:44:17:f9:21:12:64:1d:64:a6:76:21:c3:7d:d6:
e1:70:eb:5f:9d:38:c7:79:29:2b:10:2c:e1:e6:24:43:a2:4d:
81:a9:ab:59:84:34:c8:91:5d:ef:20:b6:16:a4:01:27:2d:ab:
f0:dd:5b:37:d1:fc:a0:43:74:dd:23:0a:f9:9c:cf:be:90:5e:
a1:25:d5:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFATOIyiy0oHS+laCrLKkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjQwMTAxMTIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzUxMzdkMTJhN2UzYzc0ZTdkOTA3Yjk3NTU3ZTZhYmU1ZTc5YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwtQbSL1pQlOJsWu80rc96EO6C3v
BGNKvYy/UlvLFy6ZjdA9UenqNZeCbOSJV301ZcMwtK0niLdP0z/NR8mZqvBEb+Hr
L0oWD0Pm+dElly+AWsdnwgAMTF5TprrEBqX9+5kXn9QMnITqsqxRcYfctZ0xvAlY
DkszYL2Gp4eSPpc5amimBwJCPhcljjQet0M765LFoPSwq3x+pgHH6KSb5w1QtkK3
R++Q4RpApAxb+UZCRZeBM/NtzXHWGyXXvAsJ44yel1lPyYkFgmbDl+zt8hK3QjYu
Wcg+5Jw7WMDCr+gDRyZiusmsW5jPiH41grwUjEXpqlU+FEHyiXYbVSib4QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFENRN9Eqfjx059kHuXVX5qvl55rgMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvUTFFMzBTcC1QSFRuMlFlNWRWZm1xLVhubXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhQLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAB8QbOe6s1E6qiaN6SYLeT3iT0Dsy/jvE5EHgFT5R
FsHYKWUICakdvP/coEBMXkkLfrWRo+2uqEOfh3ijisVB1WyDLuaPyYA0Uf2nBIA9
/25NvaN9vZMpYDMEjvYPOlrvdgm5JabozaUdvF6TmbI1/NaSnfHIOhOjRKTh3FiM
gyNAckfzn+J6FyelGDsTcY1tPjkC8ULpFSmSbMhQFqg2/E5VTmiKBJiDFbpGiI4F
dSLxS2mUGp7Tw0QX+SESZB1kpnYhw33W4XDrX504x3kpKxAs4eYkQ6JNgamrWYQ0
yJFd7yC2FqQBJy2r8N1bN9H8oEN03SMK+ZzPvpBeoSXVPQ==
-----END CERTIFICATE-----
Generated at Wed Nov 20 14:28:25 2024 by rpki-client on console-ams.rpki-client.org