Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Q7XgpY_IhLLfWsemSq6bYtHo8HE.roa
File: Q7XgpY_IhLLfWsemSq6bYtHo8HE.roa (raw, json)
Hash identifier: edKmZ7KdATTkaTUsmsIT9b55G7gVgSyd6ln4Mqzkg8M=
Subject key identifier: 43:B5:E0:A5:8F:C8:84:B2:DF:5A:C7:A6:4A:AE:9B:62:D1:E8:F0:71
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E773BFF1184190795067DE235269C5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Q7XgpY_IhLLfWsemSq6bYtHo8HE.roa
Signing time: Mon 02 Jan 2023 05:14:54 +0000
ROA not before: Mon 02 Jan 2023 05:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9886
IP address blocks: 2a10:2f00:12a::/48 maxlen: 48
2a0e:b107:f08::/45 maxlen: 45
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:73:bf:f1:18:41:90:79:50:67:de:23:52:69:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43b5e0a58fc884b2df5ac7a64aae9b62d1e8f071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:5b:e7:43:03:69:ef:a5:c0:12:75:ab:de:
38:e4:74:8e:c4:5d:62:60:91:14:93:50:4d:e6:5c:
39:f4:a8:1e:0f:00:c5:80:40:3a:3b:71:fa:3c:24:
86:84:d9:fb:47:7d:fe:10:36:35:1f:ee:3f:67:d5:
5f:cf:7c:91:97:be:cd:dc:2a:54:17:b2:a9:6e:2a:
6a:5e:7b:ac:c3:c1:9c:4a:11:2b:81:68:c7:7a:c2:
15:99:9d:26:81:15:57:44:df:05:b5:d2:b3:a8:ba:
96:5b:99:3c:96:45:d6:75:7d:c9:c2:15:2c:20:1b:
c9:b0:17:cf:6b:46:d7:4c:3d:50:85:9a:33:ba:31:
29:5b:cf:5f:11:38:99:62:fc:61:25:09:13:41:0a:
a8:6c:e2:36:e1:34:eb:5a:e5:c5:79:01:73:7c:c3:
c4:db:35:8b:95:2b:13:a0:0f:14:26:b8:0a:3b:5b:
a8:a1:a2:50:c3:d2:2f:d0:3f:ff:9d:10:73:6b:6e:
f6:e2:2e:31:2b:4a:ae:f9:b2:e3:c7:cd:35:5d:5e:
2c:42:8e:66:e8:ea:5b:3e:02:43:01:9d:dc:21:c7:
d8:26:ba:c3:0a:2d:b8:b5:e0:e5:d6:58:b0:11:4b:
f0:45:47:80:5e:92:86:d7:60:55:0a:f2:e2:dd:e8:
81:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B5:E0:A5:8F:C8:84:B2:DF:5A:C7:A6:4A:AE:9B:62:D1:E8:F0:71
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Q7XgpY_IhLLfWsemSq6bYtHo8HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f08::/45
2a10:2f00:12a::/48
Signature Algorithm: sha256WithRSAEncryption
b3:40:3e:a9:13:f6:9f:d8:31:02:e0:e5:53:74:aa:d6:13:af:
de:54:fb:a2:f4:d0:c2:9a:f2:80:ca:a9:6a:3a:2c:bf:e7:9f:
1f:d7:b1:66:99:61:92:55:cd:ca:e1:36:4c:66:61:af:91:37:
ed:2b:4d:02:ee:c7:56:82:54:e2:cc:1c:26:2a:f0:7d:57:2a:
04:49:d1:5d:f7:5a:87:da:ed:ac:9b:34:20:bb:45:87:39:d0:
e5:ef:32:02:59:48:ff:ec:53:58:1a:45:83:d8:32:00:9e:54:
0f:11:a0:b8:78:6e:99:8c:6f:eb:a2:bc:3b:cf:94:77:13:fe:
50:ca:0b:86:b6:06:ec:3d:d9:37:3c:53:a1:3d:4e:42:3c:4e:
0a:43:83:ae:1c:25:2c:70:00:bf:0e:92:93:a3:a2:5b:ef:64:
4d:09:ba:cf:14:26:29:15:8f:90:06:5c:41:e8:f6:d5:80:21:
8e:3e:a2:eb:bb:a3:21:51:5e:d8:9f:9f:06:33:f9:48:e2:e6:
14:47:20:bb:8c:57:35:f8:aa:00:d7:15:9e:49:4d:54:23:59:
83:33:33:1c:3a:10:9e:f6:0a:4b:c8:86:db:35:66:8a:0b:5b:
21:66:9c:40:53:a7:76:d1:b3:5a:f0:a1:63:90:da:17:da:9d:
e7:6e:22:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw53O/8RhBkHlQZ94jUmnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I1ZTBhNThmYzg4NGIyZGY1YWM3YTY0YWFlOWI2MmQxZThmMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvFb50MDae+lwBJ1q9445HSOxF1i
YJEUk1BN5lw59KgeDwDFgEA6O3H6PCSGhNn7R33+EDY1H+4/Z9Vfz3yRl77N3CpU
F7KpbipqXnusw8GcShErgWjHesIVmZ0mgRVXRN8FtdKzqLqWW5k8lkXWdX3JwhUs
IBvJsBfPa0bXTD1QhZozujEpW89fETiZYvxhJQkTQQqobOI24TTrWuXFeQFzfMPE
2zWLlSsToA8UJrgKO1uooaJQw9Iv0D//nRBza2724i4xK0qu+bLjx801XV4sQo5m
6OpbPgJDAZ3cIcfYJrrDCi24teDl1liwEUvwRUeAXpKG12BVCvLi3eiBdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEO14KWPyISy31rHpkqum2LR6PBxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUTdYZ3BZX0loTExmV3NlbVNxNmJZdEhvOEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcDKg6xBw8I
AwcAKhAvAAEqMA0GCSqGSIb3DQEBCwUAA4IBAQCzQD6pE/af2DEC4OVTdKrWE6/e
VPui9NDCmvKAyqlqOiy/558f17FmmWGSVc3K4TZMZmGvkTftK00C7sdWglTizBwm
KvB9VyoESdFd91qH2u2smzQgu0WHOdDl7zICWUj/7FNYGkWD2DIAnlQPEaC4eG6Z
jG/rorw7z5R3E/5QyguGtgbsPdk3PFOhPU5CPE4KQ4OuHCUscAC/DpKTo6Jb72RN
CbrPFCYpFY+QBlxB6PbVgCGOPqLru6MhUV7Yn58GM/lI4uYURyC7jFc1+KoA1xWe
SU1UI1mDMzMcOhCe9gpLyIbbNWaKC1shZpxAU6d20bNa8KFjkNoX2p3nbiIp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org