Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/qWXjBW5SRCb37FFuY-yrCGrUoTc.roa
File: qWXjBW5SRCb37FFuY-yrCGrUoTc.roa (raw, json)
Hash identifier: TZWJ406O2eNaAuboN/gP7XIlFlaEo6XBefpM8Op8yYE=
Subject key identifier: A9:65:E3:05:6E:52:44:26:F7:EC:51:6E:63:EC:AB:08:6A:D4:A1:37
Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial: 018CC8DEF82D8E7B2DC124D060BD93142600
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/qWXjBW5SRCb37FFuY-yrCGrUoTc.roa
Signing time: Tue 02 Jan 2024 06:31:44 +0000
ROA not before: Tue 02 Jan 2024 06:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57797
IP address blocks: 2a12:8ac1::/32 maxlen: 48
2a12:8ac0::/29 maxlen: 48
2a12:8ac0::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f8:2d:8e:7b:2d:c1:24:d0:60:bd:93:14:26:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Validity
Not Before: Jan 2 06:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a965e3056e524426f7ec516e63ecab086ad4a137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:67:ec:40:60:24:93:c5:3d:53:60:b1:fe:18:
7d:be:25:b3:ad:75:43:13:56:c5:18:4c:49:41:83:
f9:d2:ed:86:a3:f1:17:a5:cc:82:46:ae:fa:27:45:
9c:00:26:89:b0:b9:c1:eb:fb:4b:16:d6:15:9b:0c:
35:56:10:a1:67:33:41:99:b2:79:c4:78:57:89:b4:
6b:dd:19:bf:e4:44:a6:57:75:20:e4:b4:bd:a5:f2:
f2:59:4c:6d:1b:53:cc:f2:3e:bb:26:65:fa:bd:02:
96:87:b2:e9:3a:ce:54:b9:5d:ab:8c:90:ed:67:30:
51:e1:72:3b:78:d1:ea:c3:e5:5f:7e:07:29:7b:8e:
50:8c:cb:70:f0:c5:4d:78:b8:dd:8d:83:e9:e1:7b:
cc:55:7d:45:34:ba:0a:b5:7f:06:c6:53:eb:30:b4:
1a:45:00:65:b4:f2:14:dd:d7:27:ea:3c:d6:04:a1:
69:d4:ac:29:ae:a9:2b:6f:50:f5:0f:ad:93:d8:fa:
ed:fb:ef:71:29:7f:ba:4a:db:c7:d1:9a:80:d0:38:
31:e6:f8:6d:dd:2d:93:a0:43:8d:a0:c8:ff:a1:83:
b5:74:f1:8f:2e:d3:64:a8:0c:5f:26:f3:a8:c0:58:
f3:ad:0f:a7:bb:da:6c:b5:11:57:50:5d:55:33:a4:
1a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:65:E3:05:6E:52:44:26:F7:EC:51:6E:63:EC:AB:08:6A:D4:A1:37
X509v3 Authority Key Identifier:
keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/qWXjBW5SRCb37FFuY-yrCGrUoTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
66:5c:69:66:65:26:67:11:c0:c5:7f:a7:42:fc:a7:f3:52:76:
15:0b:d9:ce:a0:d0:58:38:34:97:1c:11:02:e2:61:78:1b:83:
86:dc:08:11:54:d3:60:00:03:11:8e:0d:16:7a:2f:e8:95:aa:
3e:cd:04:db:5a:28:99:5e:aa:ea:a4:7e:e5:3a:38:aa:44:5d:
72:74:4e:f5:7d:39:0f:62:37:b1:69:8d:db:f2:04:c7:a1:27:
4c:59:d8:24:88:0d:a9:49:33:53:7d:03:dc:3f:c5:cb:bf:57:
3d:e8:88:b8:81:99:70:00:40:c4:52:37:ec:c0:1a:d1:f5:bf:
7c:33:ae:49:bf:1a:bf:6c:bf:9e:c3:b9:96:4f:bb:23:45:eb:
9d:f7:e3:5d:46:eb:99:b5:93:06:a4:ac:e8:91:80:5c:8a:59:
68:5a:1a:08:a4:46:4a:b1:ff:8e:1b:07:56:72:51:a4:08:8c:
61:c8:7e:39:bc:fd:f9:6c:49:9a:1f:73:87:97:13:34:59:7e:
00:ed:5c:22:29:9d:7a:d0:d2:b6:dc:8b:f9:0e:2e:3d:3b:4a:
7d:64:20:a7:69:67:08:d1:62:09:0b:0f:5d:64:bf:6a:7c:e5:
72:51:fc:d9:74:73:e6:92:2a:9a:dc:f3:7f:af:6d:50:72:84:
fa:25:b1:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI3vgtjnstwSTQYL2TFCYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm
MTlmN2UwHhcNMjQwMTAyMDYzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTY1ZTMwNTZlNTI0NDI2ZjdlYzUxNmU2M2VjYWIwODZhZDRhMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGfsQGAkk8U9U2Cx/hh9viWzrXVD
E1bFGExJQYP50u2Go/EXpcyCRq76J0WcACaJsLnB6/tLFtYVmww1VhChZzNBmbJ5
xHhXibRr3Rm/5ESmV3Ug5LS9pfLyWUxtG1PM8j67JmX6vQKWh7LpOs5UuV2rjJDt
ZzBR4XI7eNHqw+Vffgcpe45QjMtw8MVNeLjdjYPp4XvMVX1FNLoKtX8GxlPrMLQa
RQBltPIU3dcn6jzWBKFp1Kwprqkrb1D1D62T2Prt++9xKX+6StvH0ZqA0Dgx5vht
3S2ToEONoMj/oYO1dPGPLtNkqAxfJvOowFjzrQ+nu9pstRFXUF1VM6QaRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKll4wVuUkQm9+xRbmPsqwhq1KE3MB8GA1UdIwQY
MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt
ZGE0NTM4MDIyYWM3LzEvcVdYakJXNVNSQ2IzN0ZGdVkteXJDR3JVb1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3
LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZlxpZmUmZxHAxX+nQvyn81J2FQvZzqDQWDg0lxwR
AuJheBuDhtwIEVTTYAADEY4NFnov6JWqPs0E21oomV6q6qR+5To4qkRdcnRO9X05
D2I3sWmN2/IEx6EnTFnYJIgNqUkzU30D3D/Fy79XPeiIuIGZcABAxFI37MAa0fW/
fDOuSb8av2y/nsO5lk+7I0XrnffjXUbrmbWTBqSs6JGAXIpZaFoaCKRGSrH/jhsH
VnJRpAiMYch+Obz9+WxJmh9zh5cTNFl+AO1cIimdetDSttyL+Q4uPTtKfWQgp2ln
CNFiCQsPXWS/anzlclH82XRz5pIqmtzzf69tUHKE+iWxHQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:17 2025 by rpki-client