Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/Q9BXkxBizAOfx4L-ymRVwTZk3fg.roa
File: Q9BXkxBizAOfx4L-ymRVwTZk3fg.roa (raw, json)
Hash identifier: o8ePr4Tqx7hIz4PiVV89EhiFPM+PMoJnciiMCT9te4k=
Subject key identifier: 43:D0:57:93:10:62:CC:03:9F:C7:82:FE:CA:64:55:C1:36:64:DD:F8
Certificate issuer: /CN=76ce637d47b78004d0ccfae371e6818768ac3fa5
Certificate serial: 01856D81BDF26BBA9D5FA00742FC6DB4A75B
Authority key identifier: 76:CE:63:7D:47:B7:80:04:D0:CC:FA:E3:71:E6:81:87:68:AC:3F:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ds5jfUe3gATQzPrjceaBh2isP6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/Q9BXkxBizAOfx4L-ymRVwTZk3fg.roa
Signing time: Sun 01 Jan 2023 13:24:57 +0000
ROA not before: Sun 01 Jan 2023 13:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15440
IP address blocks: 2001:67c:2ffc::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:bd:f2:6b:ba:9d:5f:a0:07:42:fc:6d:b4:a7:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ce637d47b78004d0ccfae371e6818768ac3fa5
Validity
Not Before: Jan 1 13:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43d057931062cc039fc782feca6455c13664ddf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:57:41:64:0c:d6:a1:c5:6f:18:92:5e:e0:bc:
3f:c6:db:1b:0c:9b:ea:c2:ac:e4:24:c8:51:c0:ec:
25:b1:51:78:20:a3:a9:81:d2:e3:91:73:96:e7:eb:
82:2a:7b:ba:17:12:75:f5:44:cb:86:53:56:16:4f:
32:6e:08:49:a8:24:0e:bb:f5:fa:e2:e8:eb:30:07:
02:8e:49:62:0c:f4:be:7a:af:f5:ce:21:57:1d:06:
6c:a0:07:0a:79:66:3d:78:77:52:86:4e:fd:b5:b1:
0f:32:67:5d:c6:f8:ea:ee:af:ec:b0:c9:59:ff:ea:
cf:a5:a2:5d:51:c6:78:44:0f:30:a8:f8:68:e1:44:
cb:38:e6:55:b4:7a:c6:4b:4d:f1:56:42:75:66:ab:
35:ea:a7:63:47:1f:a9:91:b1:dc:22:1f:ee:9a:39:
ca:45:b5:3b:a1:c1:04:72:cb:95:b4:71:4f:ce:37:
b3:71:eb:8d:e1:87:da:a8:3e:5e:43:ec:95:01:b0:
bc:9f:ad:ad:68:44:23:be:8d:48:d8:40:ea:f5:90:
91:0c:fc:0f:42:d6:ea:3a:94:ef:b4:b1:41:b5:09:
d9:dd:2e:e6:42:9e:06:22:21:29:46:fe:46:b4:63:
fe:07:3a:70:bd:a7:8c:ac:ad:2b:33:95:26:60:08:
26:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D0:57:93:10:62:CC:03:9F:C7:82:FE:CA:64:55:C1:36:64:DD:F8
X509v3 Authority Key Identifier:
keyid:76:CE:63:7D:47:B7:80:04:D0:CC:FA:E3:71:E6:81:87:68:AC:3F:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ds5jfUe3gATQzPrjceaBh2isP6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/Q9BXkxBizAOfx4L-ymRVwTZk3fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/ds5jfUe3gATQzPrjceaBh2isP6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ffc::/48
Signature Algorithm: sha256WithRSAEncryption
4b:4e:99:0d:f7:fb:07:96:13:ff:d3:4d:ba:cd:60:bd:4e:04:
b2:f0:0a:21:ac:73:0e:d0:1b:e3:5b:ca:3c:02:2e:aa:2c:d2:
97:75:f1:1c:6c:8a:c9:af:f2:e4:24:01:1f:43:f6:bf:6a:0a:
29:30:6b:4e:7e:fd:66:85:c3:29:af:78:79:ac:bd:22:82:40:
27:f7:2c:60:85:58:77:ec:bc:8a:c3:99:18:8e:0e:ac:87:25:
31:78:29:66:7c:5d:d2:55:db:6c:88:18:2c:00:6a:c2:fc:f1:
ad:59:f4:df:dc:ba:56:cf:b6:87:5a:ac:da:1a:d3:46:80:31:
16:38:be:72:ad:cc:0d:00:cd:ce:2a:9a:44:7c:3a:fd:31:8d:
8a:93:36:f2:6d:d1:9d:29:18:07:da:8b:ad:98:37:e7:fe:a4:
0f:62:da:26:32:ef:51:a1:3b:ca:87:8c:46:5b:72:7b:44:93:
55:2b:09:bf:d6:d9:c4:6c:08:71:35:64:c6:be:67:8b:5c:e4:
e3:41:44:2f:27:ef:f1:d8:f6:4b:0a:08:f4:d7:64:9e:29:d2:
49:b1:c9:44:35:44:c6:75:2b:0e:69:b0:ff:b4:46:5c:e4:3b:
e3:49:d5:ef:de:b0:b3:f3:02:fe:7e:12:57:4e:a6:99:14:db:
e7:37:f1:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtgb3ya7qdX6AHQvxttKdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2Y2U2MzdkNDdiNzgwMDRkMGNjZmFlMzcxZTY4MTg3Njhh
YzNmYTUwHhcNMjMwMTAxMTMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2QwNTc5MzEwNjJjYzAzOWZjNzgyZmVjYTY0NTVjMTM2NjRkZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVdBZAzWocVvGJJe4Lw/xtsbDJvq
wqzkJMhRwOwlsVF4IKOpgdLjkXOW5+uCKnu6FxJ19UTLhlNWFk8ybghJqCQOu/X6
4ujrMAcCjkliDPS+eq/1ziFXHQZsoAcKeWY9eHdShk79tbEPMmddxvjq7q/ssMlZ
/+rPpaJdUcZ4RA8wqPho4UTLOOZVtHrGS03xVkJ1Zqs16qdjRx+pkbHcIh/umjnK
RbU7ocEEcsuVtHFPzjezceuN4YfaqD5eQ+yVAbC8n62taEQjvo1I2EDq9ZCRDPwP
QtbqOpTvtLFBtQnZ3S7mQp4GIiEpRv5GtGP+BzpwvaeMrK0rM5UmYAgmFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEPQV5MQYswDn8eC/spkVcE2ZN34MB8GA1UdIwQY
MBaAFHbOY31Ht4AE0Mz643HmgYdorD+lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHM1amZVZTNnQVRRelByamNlYUJoMmlzUDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83MzA5YTktNDZjOC00MjQwLWFmZWYt
ODQwODgxYTRkMzBkLzEvUTlCWGt4Qml6QU9meDRMLXltUlZ3VFprM2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83MzA5YTktNDZjOC00MjQwLWFmZWYtODQwODgxYTRkMzBk
LzEvZHM1amZVZTNnQVRRelByamNlYUJoMmlzUDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC/8
MA0GCSqGSIb3DQEBCwUAA4IBAQBLTpkN9/sHlhP/0026zWC9TgSy8AohrHMO0Bvj
W8o8Ai6qLNKXdfEcbIrJr/LkJAEfQ/a/agopMGtOfv1mhcMpr3h5rL0igkAn9yxg
hVh37LyKw5kYjg6shyUxeClmfF3SVdtsiBgsAGrC/PGtWfTf3LpWz7aHWqzaGtNG
gDEWOL5yrcwNAM3OKppEfDr9MY2KkzbybdGdKRgH2outmDfn/qQPYtomMu9RoTvK
h4xGW3J7RJNVKwm/1tnEbAhxNWTGvmeLXOTjQUQvJ+/x2PZLCgj012SeKdJJsclE
NUTGdSsOabD/tEZc5DvjSdXv3rCz8wL+fhJXTqaZFNvnN/HY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:13 2024 by rpki-client on console-ams.rpki-client.org