Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QzkLWZ9w8miUgjdDjn7DfDXPzb8.roa
File: QzkLWZ9w8miUgjdDjn7DfDXPzb8.roa (raw, json)
Hash identifier: THYfE++vcdii2oRsfhlkU8Upn7CCwKs3Uck+fhdFc7w=
Subject key identifier: 43:39:0B:59:9F:70:F2:68:94:82:37:43:8E:7E:C3:7C:35:CF:CD:BF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E82DC1CC41D9ECF5DD0475C8EBB21A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QzkLWZ9w8miUgjdDjn7DfDXPzb8.roa
Signing time: Mon 02 Jan 2023 05:15:42 +0000
ROA not before: Mon 02 Jan 2023 05:15:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398355
IP address blocks: 2a0e:b107:14ff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:2d:c1:cc:41:d9:ec:f5:dd:04:75:c8:eb:b2:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43390b599f70f268948237438e7ec37c35cfcdbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:81:ae:59:82:6b:97:c1:5f:4f:7b:41:ef:f1:
8e:d0:c7:ea:fe:99:99:9a:59:a8:c5:a1:06:f0:13:
94:b6:fe:82:56:93:54:25:f5:e5:3d:3e:51:c1:b5:
e0:ca:99:22:d5:cd:21:fb:d1:ca:6c:54:3d:09:d8:
be:a5:d8:81:57:b2:a0:c6:21:76:b0:23:1e:4f:61:
4f:39:f0:4c:b9:be:b6:4b:62:85:16:dc:fa:80:86:
06:01:4e:7b:d8:32:06:2b:4d:71:1d:55:c7:a5:e8:
08:87:19:e5:c7:5d:31:5b:14:8c:2b:74:4f:a8:53:
5f:c0:2b:2d:0d:4f:72:ce:80:c1:6c:59:b0:97:dc:
08:1f:ce:1d:de:c8:82:51:eb:ea:c9:2a:5e:b7:a2:
b8:48:6f:e3:e6:b7:22:f1:7c:05:e9:8a:ae:37:c7:
0e:42:8b:c3:1c:4b:b5:8d:21:73:06:70:b1:cf:9f:
0f:04:a6:da:93:33:96:90:14:58:00:9c:4e:16:f8:
55:cc:8c:21:de:93:24:0f:d1:1e:dc:42:20:fc:df:
4e:3b:93:d2:d9:27:e4:ab:c8:20:3e:19:db:03:5a:
b8:fa:fe:83:16:d4:e4:74:88:5f:e4:5d:6b:ae:dd:
69:c3:08:cf:35:bd:e0:d1:db:fa:f8:cd:6d:24:67:
2d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:39:0B:59:9F:70:F2:68:94:82:37:43:8E:7E:C3:7C:35:CF:CD:BF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QzkLWZ9w8miUgjdDjn7DfDXPzb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:14ff::/48
Signature Algorithm: sha256WithRSAEncryption
48:e9:37:64:79:3b:03:72:2a:59:11:8b:f8:a4:ca:a9:1b:5e:
ca:fa:78:5e:d0:bb:b3:4b:95:59:8c:45:06:58:92:58:20:2d:
f5:2e:2f:44:46:34:7f:bb:2f:16:8b:f9:0b:f4:55:62:d2:6e:
6d:5c:5c:be:df:36:95:f5:2f:1b:df:87:39:22:42:ba:01:ef:
5f:61:de:82:b5:86:fe:2a:04:6d:4c:de:37:6a:cd:7a:e9:3b:
cf:8d:53:b3:38:ad:5e:68:c0:4f:68:16:e9:cc:49:d5:b6:ad:
5b:b5:9e:9d:74:f9:41:52:4f:21:8a:80:a0:f0:13:08:ce:72:
5c:f7:63:76:f6:c5:69:ae:6c:85:70:3c:cf:9d:c1:60:09:0f:
e0:cd:d4:3e:ba:8c:9a:33:b8:25:b1:e2:99:0a:9b:f7:5a:b3:
96:bf:1e:78:91:ae:08:d8:81:75:86:5c:01:cf:3d:b8:2e:cb:
66:d4:bc:17:38:0e:63:db:0d:9d:a6:03:15:c7:f0:9a:f7:3a:
3b:c9:02:d0:d4:71:06:44:2e:2f:31:9e:b3:eb:f1:a6:15:bc:
91:a0:54:d4:b4:1f:2c:92:96:e4:9b:2a:a1:bd:8a:f5:8e:3b:
88:a9:72:cd:2c:e7:61:ad:67:f8:b1:ce:1a:a8:e7:d8:25:e7:
b2:8c:a4:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6C3BzEHZ7PXdBHXI67IaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM5MGI1OTlmNzBmMjY4OTQ4MjM3NDM4ZTdlYzM3YzM1Y2ZjZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIGuWYJrl8FfT3tB7/GO0Mfq/pmZ
mlmoxaEG8BOUtv6CVpNUJfXlPT5RwbXgypki1c0h+9HKbFQ9Cdi+pdiBV7KgxiF2
sCMeT2FPOfBMub62S2KFFtz6gIYGAU572DIGK01xHVXHpegIhxnlx10xWxSMK3RP
qFNfwCstDU9yzoDBbFmwl9wIH84d3siCUevqySpet6K4SG/j5rci8XwF6YquN8cO
QovDHEu1jSFzBnCxz58PBKbakzOWkBRYAJxOFvhVzIwh3pMkD9Ee3EIg/N9OO5PS
2Sfkq8ggPhnbA1q4+v6DFtTkdIhf5F1rrt1pwwjPNb3g0dv6+M1tJGctjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEM5C1mfcPJolII3Q45+w3w1z82/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUXprTFdaOXc4bWlVZ2pkRGpuN0RmRFhQemI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxT/
MA0GCSqGSIb3DQEBCwUAA4IBAQBI6TdkeTsDcipZEYv4pMqpG17K+nhe0LuzS5VZ
jEUGWJJYIC31Li9ERjR/uy8Wi/kL9FVi0m5tXFy+3zaV9S8b34c5IkK6Ae9fYd6C
tYb+KgRtTN43as166TvPjVOzOK1eaMBPaBbpzEnVtq1btZ6ddPlBUk8hioCg8BMI
znJc92N29sVprmyFcDzPncFgCQ/gzdQ+uoyaM7glseKZCpv3WrOWvx54ka4I2IF1
hlwBzz24Lstm1LwXOA5j2w2dpgMVx/Ca9zo7yQLQ1HEGRC4vMZ6z6/GmFbyRoFTU
tB8skpbkmyqhvYr1jjuIqXLNLOdhrWf4sc4aqOfYJeeyjKRY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org