Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QN1THjg91PTz7WvUpUg5rhtzoow.roa
File: QN1THjg91PTz7WvUpUg5rhtzoow.roa (raw, json)
Hash identifier: PUjkG1wHsWv4T0dCfYxOg+OW1zAqB8X5nempkyZI9wQ=
Subject key identifier: 40:DD:53:1E:38:3D:D4:F4:F3:ED:6B:D4:A5:48:39:AE:1B:73:A2:8C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E5082619618F3B0F20822BE09BC1365E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QN1THjg91PTz7WvUpUg5rhtzoow.roa
Signing time: Tue 24 Jan 2023 18:26:34 +0000
ROA not before: Tue 24 Jan 2023 18:26:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41732
IP address blocks: 2a0e:b107:1400::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Jan 2023 11:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e5:08:26:19:61:8f:3b:0f:20:82:2b:e0:9b:c1:36:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 18:26:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40dd531e383dd4f4f3ed6bd4a54839ae1b73a28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:39:43:89:80:38:7c:18:83:4a:da:34:ac:f7:
fd:fd:73:61:e3:f0:9d:57:3f:be:43:90:68:13:44:
47:b6:c1:fa:af:6c:16:37:55:f0:7a:3b:ba:b7:77:
e1:8e:52:69:d6:39:23:1f:de:22:07:01:5d:01:93:
6f:0d:d6:c2:e1:e2:e4:2a:83:dd:c4:e1:f4:16:48:
75:27:d2:84:49:e9:2d:ee:f3:5d:9f:8c:4c:d4:6c:
34:8e:9f:77:f8:40:7f:e0:86:68:31:d2:16:fe:b1:
4b:38:56:57:b4:05:82:aa:1c:4f:5c:b2:18:ee:c8:
79:7f:b5:80:07:5b:dc:7f:1a:70:02:3c:11:57:07:
e8:c6:99:91:06:f8:3e:6a:0e:0f:1d:f6:dc:e7:42:
c0:f8:8e:a2:e2:79:b2:95:d1:33:7c:8a:67:88:a0:
59:cb:ba:fa:83:c2:24:f9:e9:ff:2c:fc:7f:91:4e:
ad:81:e8:c5:ed:9d:62:4e:6e:ae:7e:03:51:61:f3:
3d:e8:e9:73:e2:28:69:57:08:27:bc:41:7a:29:ee:
45:da:0b:76:bc:ad:cb:0d:c4:85:ab:40:cf:68:7a:
f1:02:5a:e3:c5:3b:5c:b0:1b:79:e1:1b:8d:9f:f6:
f3:ff:42:c7:b7:1e:dd:a8:71:c9:ba:73:3e:a1:82:
5d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DD:53:1E:38:3D:D4:F4:F3:ED:6B:D4:A5:48:39:AE:1B:73:A2:8C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QN1THjg91PTz7WvUpUg5rhtzoow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1400::/44
Signature Algorithm: sha256WithRSAEncryption
32:1d:54:a8:5d:2b:fa:13:dc:f3:6d:99:28:b7:a7:66:77:d3:
66:a5:15:b4:8c:7d:6b:85:fd:cf:f7:3d:76:dc:b9:25:f8:f3:
9d:1f:f5:83:96:d5:07:ef:91:bf:25:66:d4:1a:77:44:e2:68:
d4:82:09:ec:63:ce:99:17:aa:a7:36:a9:58:ae:fe:16:76:09:
51:4b:56:39:db:b1:ea:10:59:27:14:1f:b5:23:6e:d9:4f:78:
6f:44:d1:bb:05:a8:0c:88:81:f3:a3:48:bf:cb:ee:65:bc:e2:
37:4d:dc:64:93:bb:c5:77:5c:91:d4:32:fe:66:bc:33:e5:41:
f2:5a:eb:cd:e9:32:b2:1e:dd:49:af:7e:4f:9f:83:b0:e8:a4:
af:0b:2e:92:54:77:40:ec:9c:5c:e6:d9:ea:99:b1:b7:b8:88:
1a:44:55:4c:70:12:14:b6:aa:47:9b:59:55:bf:8b:bc:fb:cb:
87:99:39:39:87:d6:03:66:aa:70:8c:bd:a2:15:15:6a:01:33:
2f:5f:6d:9a:e4:ce:52:78:5a:6d:1c:66:a1:ab:2c:67:5e:9b:
29:ed:1e:78:ea:44:36:ae:5f:99:7d:22:fc:67:60:e9:36:5b:
fc:81:4c:42:6f:62:17:6c:61:5e:c3:8d:bc:b0:4e:36:aa:0e:
06:ae:fe:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXlCCYZYY87DyCCK+CbwTZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTgyNjM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGRkNTMxZTM4M2RkNGY0ZjNlZDZiZDRhNTQ4MzlhZTFiNzNhMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTlDiYA4fBiDSto0rPf9/XNh4/Cd
Vz++Q5BoE0RHtsH6r2wWN1Xweju6t3fhjlJp1jkjH94iBwFdAZNvDdbC4eLkKoPd
xOH0Fkh1J9KESekt7vNdn4xM1Gw0jp93+EB/4IZoMdIW/rFLOFZXtAWCqhxPXLIY
7sh5f7WAB1vcfxpwAjwRVwfoxpmRBvg+ag4PHfbc50LA+I6i4nmyldEzfIpniKBZ
y7r6g8Ik+en/LPx/kU6tgejF7Z1iTm6ufgNRYfM96Olz4ihpVwgnvEF6Ke5F2gt2
vK3LDcSFq0DPaHrxAlrjxTtcsBt54RuNn/bz/0LHtx7dqHHJunM+oYJdtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEDdUx44PdT08+1r1KVIOa4bc6KMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUU4xVEhqZzkxUFR6N1d2VXBVZzVyaHR6b293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxQA
MA0GCSqGSIb3DQEBCwUAA4IBAQAyHVSoXSv6E9zzbZkot6dmd9NmpRW0jH1rhf3P
9z123Lkl+POdH/WDltUH75G/JWbUGndE4mjUggnsY86ZF6qnNqlYrv4WdglRS1Y5
27HqEFknFB+1I27ZT3hvRNG7BagMiIHzo0i/y+5lvOI3Tdxkk7vFd1yR1DL+Zrwz
5UHyWuvN6TKyHt1Jr35Pn4Ow6KSvCy6SVHdA7Jxc5tnqmbG3uIgaRFVMcBIUtqpH
m1lVv4u8+8uHmTk5h9YDZqpwjL2iFRVqATMvX22a5M5SeFptHGahqyxnXpsp7R54
6kQ2rl+ZfSL8Z2DpNlv8gUxCb2IXbGFew428sE42qg4Grv4j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org