Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qMqBBQEKZZgmg83Jq-4AZRI4teo.roa
File: qMqBBQEKZZgmg83Jq-4AZRI4teo.roa (raw, json)
Hash identifier: Xq00g9QqQLcbH6o/+Yo1lIG7YTxlK3rjiwIGjFKOaGg=
Subject key identifier: A8:CA:81:05:01:0A:65:98:26:83:CD:C9:AB:EE:00:65:12:38:B5:EA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCC07ECE9E7B7E511CC37B42F15150
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qMqBBQEKZZgmg83Jq-4AZRI4teo.roa
Signing time: Tue 02 Jan 2024 10:33:59 +0000
ROA not before: Tue 02 Jan 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a0e:b107:19a0::/48 maxlen: 48
2a06:de00:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Jan 2024 13:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c0:7e:ce:9e:7b:7e:51:1c:c3:7b:42:f1:51:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8ca8105010a65982683cdc9abee00651238b5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:01:87:fc:28:63:cd:f0:24:72:66:19:ea:3a:
2c:cb:05:fd:c8:34:91:c8:33:06:94:78:92:b0:25:
16:b0:e2:97:eb:83:8b:c1:6e:c2:20:ca:b3:ed:a1:
e1:8a:11:99:24:f4:2f:1f:94:69:1b:b7:01:56:4e:
f5:99:59:34:6b:b4:9d:b0:20:2e:87:d5:b1:48:0c:
81:40:3e:13:c6:c9:74:be:11:fe:6d:1e:f9:68:67:
cd:ea:a7:67:5f:7a:36:66:25:1d:ee:66:3c:4c:31:
f0:77:ef:83:76:f6:42:49:1f:e3:a8:4d:9c:e6:3a:
07:b0:69:43:56:a5:6c:cf:2a:55:e8:0e:da:49:f7:
90:fa:5d:f2:a8:44:06:89:97:65:21:5f:ee:8e:de:
ce:d8:42:f3:e2:12:a2:f8:ee:b0:ac:36:bc:22:20:
d3:d9:42:99:8d:da:3d:80:1d:03:af:46:5e:31:1d:
d1:28:c9:d9:96:7c:bb:d2:34:ef:1b:bc:eb:76:b0:
6d:f2:4e:8a:be:e9:2c:56:53:5e:3a:cd:fb:cd:89:
87:22:c4:d3:d0:45:44:4a:ce:2b:d1:51:ab:bc:4c:
2d:70:90:9d:81:ee:5f:4a:dc:45:af:ab:04:b7:77:
78:19:17:15:75:a9:fa:2c:38:6f:83:ae:84:87:2e:
06:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CA:81:05:01:0A:65:98:26:83:CD:C9:AB:EE:00:65:12:38:B5:EA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qMqBBQEKZZgmg83Jq-4AZRI4teo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:b107:19a0::/48
Signature Algorithm: sha256WithRSAEncryption
29:d6:89:f7:d7:1a:76:0b:67:69:e5:15:58:7c:55:88:41:67:
72:b9:1f:3f:10:39:f7:ad:26:5a:6d:8f:ff:fe:57:38:4b:eb:
17:97:2e:cc:cc:b0:86:e1:99:d5:e3:13:2e:69:3a:1e:88:1f:
51:ff:6e:3c:00:65:28:38:b5:8d:df:fe:6c:53:ca:5e:d1:1c:
f5:da:8e:7d:45:42:9c:ee:14:b5:56:13:28:10:f4:f9:dc:8c:
ef:ce:ea:5b:38:3c:b6:2a:c6:08:6b:cc:f3:f8:97:0c:5b:c1:
8e:2d:bc:99:4c:f1:6b:d3:3f:7b:cf:2c:4b:22:28:94:60:ad:
5e:98:3c:d1:fd:f5:e1:75:a2:cc:35:72:02:ee:a9:72:ab:ad:
3e:1d:4f:8d:db:14:7d:a8:d6:4c:b0:b2:26:3f:58:54:02:41:
04:e5:8e:5c:00:b3:4a:c4:06:cd:87:de:b6:8f:ac:d7:0c:ba:
90:ba:9d:05:d5:32:2e:04:84:9f:22:f5:1c:2c:33:5e:85:66:
e1:7c:4d:5a:8c:98:53:bd:00:14:35:13:f3:a5:39:24:5d:48:
36:3b:47:07:7f:00:43:2a:64:9b:a6:4c:22:04:39:37:89:b4:
96:9b:bb:4f:25:06:a1:ab:55:53:68:23:00:f9:f2:63:12:a1:
8a:7b:66:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvMB+zp57flEcw3tC8VFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNhODEwNTAxMGE2NTk4MjY4M2NkYzlhYmVlMDA2NTEyMzhiNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwGH/ChjzfAkcmYZ6josywX9yDSR
yDMGlHiSsCUWsOKX64OLwW7CIMqz7aHhihGZJPQvH5RpG7cBVk71mVk0a7SdsCAu
h9WxSAyBQD4Txsl0vhH+bR75aGfN6qdnX3o2ZiUd7mY8TDHwd++DdvZCSR/jqE2c
5joHsGlDVqVszypV6A7aSfeQ+l3yqEQGiZdlIV/ujt7O2ELz4hKi+O6wrDa8IiDT
2UKZjdo9gB0Dr0ZeMR3RKMnZlny70jTvG7zrdrBt8k6KvuksVlNeOs37zYmHIsTT
0EVESs4r0VGrvEwtcJCdge5fStxFr6sEt3d4GRcVdan6LDhvg66Ehy4GYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKjKgQUBCmWYJoPNyavuAGUSOLXqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcU1xQkJRRUtaWmdtZzgzSnEtNEFaUkk0dGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgbeAAAQ
AwcAKg6xBxmgMA0GCSqGSIb3DQEBCwUAA4IBAQAp1on31xp2C2dp5RVYfFWIQWdy
uR8/EDn3rSZabY///lc4S+sXly7MzLCG4ZnV4xMuaToeiB9R/248AGUoOLWN3/5s
U8pe0Rz12o59RUKc7hS1VhMoEPT53IzvzupbODy2KsYIa8zz+JcMW8GOLbyZTPFr
0z97zyxLIiiUYK1emDzR/fXhdaLMNXIC7qlyq60+HU+N2xR9qNZMsLImP1hUAkEE
5Y5cALNKxAbNh962j6zXDLqQup0F1TIuBISfIvUcLDNehWbhfE1ajJhTvQAUNRPz
pTkkXUg2O0cHfwBDKmSbpkwiBDk3ibSWm7tPJQahq1VTaCMA+fJjEqGKe2aP
-----END CERTIFICATE-----
Generated at Sun Jan 14 16:39:06 2024 by rpki-client on console-ams.rpki-client.org