Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qnhrGMAjOxSu4niIFyYzspqnWgU.roa
File: qnhrGMAjOxSu4niIFyYzspqnWgU.roa (raw, json)
Hash identifier: bq2pDyTGX4NjU/wuaV/SARUGZmZpziCyZjulfaGJ9wE=
Subject key identifier: AA:78:6B:18:C0:23:3B:14:AE:E2:78:88:17:26:33:B2:9A:A7:5A:05
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7A3FEAF5067D8D5F1656AD4D8F134
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qnhrGMAjOxSu4niIFyYzspqnWgU.roa
Signing time: Mon 02 Jan 2023 05:15:07 +0000
ROA not before: Mon 02 Jan 2023 05:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201197
IP address blocks: 2a0e:97c0:c80::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:a3:fe:af:50:67:d8:d5:f1:65:6a:d4:d8:f1:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa786b18c0233b14aee27888172633b29aa75a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d2:8a:02:c4:b0:36:d4:ed:44:4b:19:dd:4c:
03:a0:fb:c1:77:70:08:9f:e1:1a:f4:ef:e9:79:1b:
69:64:3c:37:7a:67:ba:c6:22:c2:68:f2:98:f7:40:
d0:b5:f0:45:cc:f0:3d:0c:c3:b6:04:59:d6:17:84:
b9:03:0e:0e:05:0b:e0:55:7b:c6:44:57:bb:cd:3d:
9d:94:3b:8b:0c:20:4d:f2:50:6e:9d:a8:4e:fe:e9:
ce:47:9a:b9:9d:d9:e3:48:57:ab:4a:fd:c7:87:e7:
5f:77:73:e9:49:24:04:3b:14:89:bf:e5:0a:b8:66:
b7:59:cc:c9:4a:34:b2:30:99:cd:b5:41:12:dc:a4:
a2:36:5b:2f:e1:5c:3d:a0:50:d1:c4:35:a6:a8:c9:
66:2f:65:97:13:2c:f7:95:fe:25:3d:ae:47:16:f6:
10:56:24:9b:e4:56:8a:1c:a9:72:5c:c1:c0:db:23:
8c:90:8c:55:a6:06:71:ec:37:d8:63:15:f5:84:2e:
e4:e2:5e:79:86:6e:bb:f8:5c:57:ca:a7:ac:af:f4:
6b:9c:1f:fa:d6:12:32:6b:4f:0c:6e:e5:05:47:48:
ac:b0:32:c6:7c:45:41:b0:a3:19:fc:8c:5f:78:56:
c2:de:28:89:a6:a0:a8:c2:be:83:90:02:5e:8d:c1:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:78:6B:18:C0:23:3B:14:AE:E2:78:88:17:26:33:B2:9A:A7:5A:05
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qnhrGMAjOxSu4niIFyYzspqnWgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c80::/44
Signature Algorithm: sha256WithRSAEncryption
8d:10:0c:f3:54:84:86:d9:50:38:df:d0:98:d4:13:ca:12:62:
48:05:af:4b:dd:ef:9e:2b:aa:c3:a1:18:15:f4:4a:84:fa:4e:
85:82:92:a5:26:c3:6a:ca:31:da:c6:f7:8a:b1:05:22:7a:5c:
24:61:14:ee:8e:0b:fd:79:88:39:bb:e1:ec:3f:42:2b:d7:ab:
9e:bb:88:82:e2:96:b6:91:70:82:9d:8d:b4:97:14:fb:86:23:
4f:ae:60:93:1b:86:ea:90:54:fd:3c:ed:56:24:26:ae:f6:22:
98:a2:8d:64:18:a7:f3:83:66:b7:52:84:f6:9f:40:48:10:bb:
80:d7:90:af:93:80:06:06:07:11:16:d7:9e:60:5c:09:12:b0:
a3:bd:9a:8b:30:94:70:b6:f6:c0:80:3a:58:e5:9e:42:9a:22:
53:fc:e2:f9:e5:ea:46:c9:06:b2:21:f9:c6:0a:80:a9:e5:6e:
a8:35:81:3f:1a:76:fd:ab:41:cd:63:70:6f:ae:6c:c1:79:e2:
e7:0a:86:e4:78:d7:0e:d9:b4:0b:79:27:94:5c:8b:5a:74:41:
d2:87:4b:a3:4b:9e:a8:fb:73:cc:29:b2:5f:3b:fb:4e:76:e0:
af:eb:ca:24:ed:7d:0c:fd:ca:a5:ce:1d:a2:c7:6b:92:63:c7:
95:02:6a:98
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw56P+r1Bn2NXxZWrU2PE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc4NmIxOGMwMjMzYjE0YWVlMjc4ODgxNzI2MzNiMjlhYTc1YTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNKKAsSwNtTtREsZ3UwDoPvBd3AI
n+Ea9O/peRtpZDw3eme6xiLCaPKY90DQtfBFzPA9DMO2BFnWF4S5Aw4OBQvgVXvG
RFe7zT2dlDuLDCBN8lBunahO/unOR5q5ndnjSFerSv3Hh+dfd3PpSSQEOxSJv+UK
uGa3WczJSjSyMJnNtUES3KSiNlsv4Vw9oFDRxDWmqMlmL2WXEyz3lf4lPa5HFvYQ
ViSb5FaKHKlyXMHA2yOMkIxVpgZx7DfYYxX1hC7k4l55hm67+FxXyqesr/RrnB/6
1hIya08MbuUFR0issDLGfEVBsKMZ/IxfeFbC3iiJpqCowr6DkAJejcEUSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKp4axjAIzsUruJ4iBcmM7Kap1oFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcW5ockdNQWpPeFN1NG5pSUZ5WXpzcHFuV2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAyA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNEAzzVISG2VA439CY1BPKEmJIBa9L3e+eK6rD
oRgV9EqE+k6FgpKlJsNqyjHaxveKsQUielwkYRTujgv9eYg5u+HsP0Ir16ueu4iC
4pa2kXCCnY20lxT7hiNPrmCTG4bqkFT9PO1WJCau9iKYoo1kGKfzg2a3UoT2n0BI
ELuA15Cvk4AGBgcRFteeYFwJErCjvZqLMJRwtvbAgDpY5Z5CmiJT/OL55epGyQay
IfnGCoCp5W6oNYE/Gnb9q0HNY3BvrmzBeeLnCobkeNcO2bQLeSeUXItadEHSh0uj
S56o+3PMKbJfO/tOduCv68ok7X0M/cqlzh2ix2uSY8eVAmqY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org