Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QWPKSFrrJYAJvXGIluF5P5Nz8oQ.roa
File: QWPKSFrrJYAJvXGIluF5P5Nz8oQ.roa (raw, json)
Hash identifier: SY64ELxbJKVI8AnceEUVZl483VRzioWDsE8X4Cy/dPM=
Subject key identifier: 41:63:CA:48:5A:EB:25:80:09:BD:71:88:96:E1:79:3F:93:73:F2:84
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0189640B3A248676F5E7C4D369500C83E969
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QWPKSFrrJYAJvXGIluF5P5Nz8oQ.roa
Signing time: Mon 17 Jul 2023 13:30:04 +0000
ROA not before: Mon 17 Jul 2023 13:30:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197762
IP address blocks: 2a06:de00:1330::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:0b:3a:24:86:76:f5:e7:c4:d3:69:50:0c:83:e9:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 17 13:30:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4163ca485aeb258009bd718896e1793f9373f284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c4:3e:f5:77:cc:33:43:50:9f:b1:63:56:25:
2d:5c:ee:b8:be:76:4f:86:93:ea:8d:3e:a8:12:a8:
a4:ab:3a:31:3b:f3:be:65:88:1b:c3:8a:20:72:25:
aa:d3:e2:61:e2:c2:95:bd:8e:51:ce:1e:4d:d1:26:
c6:cd:4d:ed:18:bf:e5:a3:23:55:3d:69:46:02:a2:
c0:32:ca:ef:d7:53:4d:b4:7f:46:ac:52:ba:9c:51:
12:06:4a:42:7b:1a:bd:29:48:1c:b5:eb:12:09:2d:
50:53:24:d6:01:b5:c4:b2:78:c7:90:e3:9b:98:44:
98:65:41:96:15:c4:77:89:cf:6d:5b:d6:64:b8:e7:
3b:78:9e:ae:f4:28:7c:56:3c:b4:8a:40:2c:06:a1:
9b:92:68:94:97:fb:2b:01:5c:35:db:5c:c2:45:31:
95:0b:cc:37:dc:66:f2:f6:2e:a8:19:c8:e1:8f:b9:
bd:d2:e6:84:59:5b:bf:3d:ff:5d:5b:91:06:65:87:
59:63:be:d8:95:cf:c6:39:bc:ef:2a:5a:03:6e:8c:
45:b0:f2:c8:79:06:96:59:ee:29:58:79:7a:de:a8:
d4:bf:61:2d:1a:8c:00:ef:c6:48:2e:19:34:c2:c6:
5e:5d:f8:57:d5:e7:6e:ee:96:b9:6b:b4:98:4c:21:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:63:CA:48:5A:EB:25:80:09:BD:71:88:96:E1:79:3F:93:73:F2:84
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QWPKSFrrJYAJvXGIluF5P5Nz8oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:1330::/44
Signature Algorithm: sha256WithRSAEncryption
4a:58:cc:b2:9f:e2:5a:f0:17:de:49:54:9d:98:83:8a:f6:e3:
59:54:84:e4:05:fc:e5:46:10:f1:bb:d6:43:48:18:73:09:c0:
fb:07:3f:3a:81:e8:2e:ea:e2:78:bb:49:ab:4e:9f:b1:ea:b9:
ab:fe:6c:48:50:4f:87:56:69:c4:d5:2a:11:15:41:70:1f:f8:
23:df:52:4c:84:47:1d:c8:2e:f7:f5:d4:d0:0a:b6:98:91:17:
9a:80:02:8a:97:37:06:af:bf:6d:33:14:f3:7f:08:31:c3:1e:
9a:52:13:ff:0b:84:8a:ae:65:cf:57:54:d6:cf:8f:26:71:a8:
f1:19:6e:39:95:1a:18:bf:62:89:19:6a:67:fa:ee:07:52:72:
e2:f0:14:1e:9f:15:27:88:20:ba:9d:f4:42:25:0e:1c:04:28:
7b:51:cd:03:ce:e6:03:1b:b9:0b:9f:c2:af:8d:65:6a:df:80:
73:f8:4c:b2:8d:cb:6e:f2:e9:ad:d5:51:3a:11:e3:44:a5:53:
47:82:9c:6e:97:20:35:af:20:ed:3d:41:a5:7f:25:a7:5c:92:
1e:50:34:16:ba:ca:ff:17:b6:b4:ee:43:10:e1:d8:d9:9f:77:
46:41:ab:e0:d4:8c:cd:a6:c0:94:84:6d:d6:7e:14:30:b1:47:
16:58:73:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYlkCzokhnb158TTaVAMg+lpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzE3MTMzMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTYzY2E0ODVhZWIyNTgwMDliZDcxODg5NmUxNzkzZjkzNzNmMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMQ+9XfMM0NQn7FjViUtXO64vnZP
hpPqjT6oEqikqzoxO/O+ZYgbw4ogciWq0+Jh4sKVvY5Rzh5N0SbGzU3tGL/loyNV
PWlGAqLAMsrv11NNtH9GrFK6nFESBkpCexq9KUgctesSCS1QUyTWAbXEsnjHkOOb
mESYZUGWFcR3ic9tW9ZkuOc7eJ6u9Ch8Vjy0ikAsBqGbkmiUl/srAVw121zCRTGV
C8w33Gby9i6oGcjhj7m90uaEWVu/Pf9dW5EGZYdZY77Ylc/GObzvKloDboxFsPLI
eQaWWe4pWHl63qjUv2EtGowA78ZILhk0wsZeXfhX1edu7pa5a7SYTCEpOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEFjykha6yWACb1xiJbheT+Tc/KEMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUVdQS1NGcnJKWUFKdlhHSWx1RjVQNU56OG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeABMw
MA0GCSqGSIb3DQEBCwUAA4IBAQBKWMyyn+Ja8BfeSVSdmIOK9uNZVITkBfzlRhDx
u9ZDSBhzCcD7Bz86gegu6uJ4u0mrTp+x6rmr/mxIUE+HVmnE1SoRFUFwH/gj31JM
hEcdyC739dTQCraYkReagAKKlzcGr79tMxTzfwgxwx6aUhP/C4SKrmXPV1TWz48m
cajxGW45lRoYv2KJGWpn+u4HUnLi8BQenxUniCC6nfRCJQ4cBCh7Uc0DzuYDG7kL
n8KvjWVq34Bz+Eyyjctu8umt1VE6EeNEpVNHgpxulyA1ryDtPUGlfyWnXJIeUDQW
usr/F7a07kMQ4djZn3dGQavg1IzNpsCUhG3WfhQwsUcWWHOo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org