Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QH2pVufPcWso0XaHbaitur_qxI4.roa
File: QH2pVufPcWso0XaHbaitur_qxI4.roa (raw, json)
Hash identifier: NyW7ipthPChIWIIpmok558+fT1LnLLbk4gjLnLlO6Iw=
Subject key identifier: 40:7D:A9:56:E7:CF:71:6B:28:D1:76:87:6D:A8:AD:BA:BF:EA:C4:8E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018B52820C2B534F92B50F46CB1B7479C002
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QH2pVufPcWso0XaHbaitur_qxI4.roa
Signing time: Sat 21 Oct 2023 13:52:16 +0000
ROA not before: Sat 21 Oct 2023 13:52:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48063
IP address blocks: 2a10:2f00:196::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:52:82:0c:2b:53:4f:92:b5:0f:46:cb:1b:74:79:c0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 21 13:52:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=407da956e7cf716b28d176876da8adbabfeac48e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:82:28:97:73:c9:7b:96:5e:7f:ec:3d:21:02:
02:ef:45:72:f7:96:1a:e0:19:22:0a:28:dd:01:a6:
b6:89:bd:4f:b2:47:73:ff:2a:07:b9:03:b6:6c:aa:
da:81:ad:04:70:d1:b0:14:df:be:75:5d:8d:60:56:
e6:b2:87:75:cf:a6:76:da:98:e8:bc:50:ad:ad:b0:
fb:f5:b7:b6:4d:5c:19:24:99:ed:ed:93:51:ea:4d:
ce:c4:27:3d:b0:8b:42:2e:bd:c9:53:b2:2e:2c:67:
74:67:b0:10:30:5e:f3:4e:39:fb:1e:85:65:24:0f:
20:58:bc:71:d5:6d:b6:77:8f:f5:66:8c:73:0f:ba:
ad:30:f2:00:d1:88:b0:81:99:37:e0:99:68:e0:47:
21:63:16:11:a3:58:e8:88:45:5e:62:f6:6e:d2:81:
53:bb:de:51:8a:9d:9f:a6:92:6e:b1:9c:08:19:bf:
5c:d6:08:94:1c:45:17:50:6c:67:5e:58:78:85:a0:
07:0c:ee:60:3f:c3:83:47:1d:f5:ef:b3:70:06:66:
55:de:69:b0:e5:b1:50:8c:37:3a:f4:77:ba:61:03:
85:ee:94:fa:b8:7f:9e:1e:d1:95:22:c9:0f:70:74:
cb:9a:76:65:a8:27:ff:ad:5c:29:a8:ed:a9:dd:24:
50:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7D:A9:56:E7:CF:71:6B:28:D1:76:87:6D:A8:AD:BA:BF:EA:C4:8E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QH2pVufPcWso0XaHbaitur_qxI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:196::/48
Signature Algorithm: sha256WithRSAEncryption
c6:13:84:28:50:f1:58:61:9c:b6:84:6c:c9:3e:b1:50:ff:7b:
01:06:b8:59:0a:64:70:56:66:54:20:0e:d2:35:a9:73:03:7b:
f4:28:57:31:f1:ef:be:8d:ed:32:15:7d:23:d9:1b:74:1b:ed:
9b:e1:c2:f6:68:03:f1:b3:c4:ac:00:69:f6:0c:89:7e:4e:2f:
be:50:18:57:01:85:a8:66:b0:31:fa:25:15:71:a7:53:15:ab:
b1:8e:54:fb:71:a1:82:b9:ad:d7:41:5d:15:24:4a:5c:f2:25:
1a:0e:77:dc:79:25:a1:b0:f7:84:cb:56:c5:c7:6b:bb:79:23:
f8:8c:5c:f3:58:3f:9d:b3:e7:5d:ae:c6:6a:14:c0:37:c7:1c:
1e:c5:dc:e5:bb:f3:6d:df:94:6b:c0:1e:83:10:d7:c9:3a:c8:
56:86:a3:40:d7:25:a7:12:d6:76:59:3f:eb:fd:19:e5:5f:c5:
e1:9f:86:27:85:0b:16:eb:e4:12:81:e3:64:62:3e:ef:49:e4:
68:6f:8b:15:7f:d4:10:cf:a0:e2:9c:e2:33:4b:41:84:ee:b6:
3f:82:69:7b:0f:dc:6b:79:ee:4e:8b:c4:b8:d1:21:f2:a5:74:
2e:a4:fd:7a:ea:9e:01:b7:39:af:07:4f:b7:2c:fd:39:5b:ef:
4b:5c:70:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtSggwrU0+StQ9Gyxt0ecACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDIxMTM1MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdkYTk1NmU3Y2Y3MTZiMjhkMTc2ODc2ZGE4YWRiYWJmZWFjNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYIol3PJe5Zef+w9IQIC70Vy95Ya
4BkiCijdAaa2ib1Pskdz/yoHuQO2bKraga0EcNGwFN++dV2NYFbmsod1z6Z22pjo
vFCtrbD79be2TVwZJJnt7ZNR6k3OxCc9sItCLr3JU7IuLGd0Z7AQMF7zTjn7HoVl
JA8gWLxx1W22d4/1ZoxzD7qtMPIA0YiwgZk34Jlo4EchYxYRo1joiEVeYvZu0oFT
u95Rip2fppJusZwIGb9c1giUHEUXUGxnXlh4haAHDO5gP8ODRx3177NwBmZV3mmw
5bFQjDc69He6YQOF7pT6uH+eHtGVIskPcHTLmnZlqCf/rVwpqO2p3SRQKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEB9qVbnz3FrKNF2h22orbq/6sSOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUUgycFZ1ZlBjV3NvMFhhSGJhaXR1cl9xeEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGW
MA0GCSqGSIb3DQEBCwUAA4IBAQDGE4QoUPFYYZy2hGzJPrFQ/3sBBrhZCmRwVmZU
IA7SNalzA3v0KFcx8e++je0yFX0j2Rt0G+2b4cL2aAPxs8SsAGn2DIl+Ti++UBhX
AYWoZrAx+iUVcadTFauxjlT7caGCua3XQV0VJEpc8iUaDnfceSWhsPeEy1bFx2u7
eSP4jFzzWD+ds+ddrsZqFMA3xxwexdzlu/Nt35RrwB6DENfJOshWhqNA1yWnEtZ2
WT/r/RnlX8Xhn4YnhQsW6+QSgeNkYj7vSeRob4sVf9QQz6DinOIzS0GE7rY/gml7
D9xree5Oi8S40SHypXQupP166p4BtzmvB0+3LP05W+9LXHDs
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:50 2024 by rpki-client on console-ams.rpki-client.org