Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/b4ad85-16a8-487a-8a77-8852a532ad45/1/qUpOJAzC6_DqYkH1zDDTSughtx0.roa
File: qUpOJAzC6_DqYkH1zDDTSughtx0.roa (raw, json)
Hash identifier: P7gaIDySrDdU8z7zBOD2uJZvZzt7LHGXw3GtWJqveMA=
Subject key identifier: A9:4A:4E:24:0C:C2:EB:F0:EA:62:41:F5:CC:30:D3:4A:E8:21:B7:1D
Certificate issuer: /CN=a37244348e71ec1be5f5007c8d5efe7125920722
Certificate serial: 0186EEF8C4FE8903E5BF9DF88E20DADDD41F
Authority key identifier: A3:72:44:34:8E:71:EC:1B:E5:F5:00:7C:8D:5E:FE:71:25:92:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3JENI5x7Bvl9QB8jV7-cSWSByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/b4ad85-16a8-487a-8a77-8852a532ad45/1/qUpOJAzC6_DqYkH1zDDTSughtx0.roa
Signing time: Fri 17 Mar 2023 09:48:46 +0000
ROA not before: Fri 17 Mar 2023 09:48:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200617
IP address blocks: 2a13:5840::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ee:f8:c4:fe:89:03:e5:bf:9d:f8:8e:20:da:dd:d4:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a37244348e71ec1be5f5007c8d5efe7125920722
Validity
Not Before: Mar 17 09:48:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a94a4e240cc2ebf0ea6241f5cc30d34ae821b71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d1:d5:cb:43:94:58:1e:3b:dc:dd:66:52:a1:
c2:2d:44:ab:c4:a8:80:73:63:e7:a9:80:4f:58:8c:
e8:99:cd:b0:39:78:cb:bb:bb:b3:79:15:f0:47:7e:
0d:b9:4b:da:22:0b:31:1f:44:b7:b4:39:cc:e5:d6:
38:2c:ad:32:67:c4:f5:96:a5:77:36:78:5b:07:b1:
64:ce:6f:95:d5:3a:99:a4:a2:b2:4f:bf:83:a5:d7:
83:b4:f1:6a:09:cf:c9:d9:f4:2f:c0:58:51:75:8d:
67:23:3d:c8:07:ef:ab:5e:ba:52:63:15:94:b5:1f:
eb:2b:29:3e:13:5f:a1:a0:f0:eb:3c:78:c7:6e:83:
3d:02:1f:d8:9a:a6:9c:2b:a4:7f:be:d3:1b:e0:54:
37:b6:a1:f2:1a:1d:93:d6:36:e1:9a:1b:f8:d1:f1:
c2:ab:ad:c4:b9:de:b5:05:04:f1:a8:9e:5d:06:fb:
8f:cf:17:c0:bf:05:4e:22:05:1d:25:64:c1:2d:8c:
bf:3e:e9:0e:59:9e:ff:06:e9:bc:04:a1:ef:61:7a:
f0:8e:b2:cf:b8:02:33:4f:7d:b2:02:35:2f:f2:78:
7f:02:ac:e7:3e:a4:05:82:bd:90:bb:9f:c5:d5:6e:
1a:34:bf:c3:dd:0c:a5:00:16:89:e4:17:c8:87:20:
4d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4A:4E:24:0C:C2:EB:F0:EA:62:41:F5:CC:30:D3:4A:E8:21:B7:1D
X509v3 Authority Key Identifier:
keyid:A3:72:44:34:8E:71:EC:1B:E5:F5:00:7C:8D:5E:FE:71:25:92:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3JENI5x7Bvl9QB8jV7-cSWSByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b4ad85-16a8-487a-8a77-8852a532ad45/1/qUpOJAzC6_DqYkH1zDDTSughtx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b4ad85-16a8-487a-8a77-8852a532ad45/1/o3JENI5x7Bvl9QB8jV7-cSWSByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5840::/29
Signature Algorithm: sha256WithRSAEncryption
98:21:ea:e9:f3:66:71:14:80:8d:fb:15:12:cf:60:00:fc:f7:
6b:c9:53:f1:d0:53:52:48:c2:68:cb:40:e6:a4:bd:c9:18:17:
3b:ea:13:e8:13:40:f7:dc:6e:20:4f:95:81:c1:52:12:22:85:
bb:67:80:3f:6b:53:89:f5:99:93:da:7f:db:cc:6c:f5:b2:d4:
42:0c:5c:d6:18:9b:73:18:5b:92:ef:96:07:ce:6f:a6:5e:96:
a6:e4:aa:ee:63:00:82:55:1c:cc:9f:b3:b3:a0:83:a7:79:f8:
f4:a9:66:8e:80:5c:09:ac:22:94:60:73:15:bc:ae:ba:82:1a:
e0:a9:fc:2c:05:65:c5:ca:e7:8f:96:be:c0:ad:2e:81:ea:58:
2e:f0:c8:81:08:2a:46:27:35:e7:50:c1:60:d0:48:ec:47:36:
11:5e:2b:70:6f:f4:7a:1f:e1:b6:28:41:5b:be:aa:9a:61:5c:
b1:f2:3b:30:83:ed:53:b7:fd:cc:40:50:44:1a:f6:99:49:ff:
27:5c:11:7f:6e:0f:2f:7b:50:8d:3c:6a:67:4d:77:47:54:26:
4d:24:a7:c1:6d:69:f4:a0:a9:e6:af:f7:b4:b8:7d:5f:87:c0:
32:c7:64:c6:40:f0:1f:82:b5:52:75:38:46:10:72:c6:f9:de:
0a:0f:89:f1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYbu+MT+iQPlv534jiDa3dQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzI0NDM0OGU3MWVjMWJlNWY1MDA3YzhkNWVmZTcxMjU5
MjA3MjIwHhcNMjMwMzE3MDk0ODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRhNGUyNDBjYzJlYmYwZWE2MjQxZjVjYzMwZDM0YWU4MjFiNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdHVy0OUWB473N1mUqHCLUSrxKiA
c2PnqYBPWIzomc2wOXjLu7uzeRXwR34NuUvaIgsxH0S3tDnM5dY4LK0yZ8T1lqV3
NnhbB7Fkzm+V1TqZpKKyT7+DpdeDtPFqCc/J2fQvwFhRdY1nIz3IB++rXrpSYxWU
tR/rKyk+E1+hoPDrPHjHboM9Ah/YmqacK6R/vtMb4FQ3tqHyGh2T1jbhmhv40fHC
q63Eud61BQTxqJ5dBvuPzxfAvwVOIgUdJWTBLYy/PukOWZ7/Bum8BKHvYXrwjrLP
uAIzT32yAjUv8nh/AqznPqQFgr2Qu5/F1W4aNL/D3QylABaJ5BfIhyBNVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKlKTiQMwuvw6mJB9cww00roIbcdMB8GA1UdIwQY
MBaAFKNyRDSOcewb5fUAfI1e/nElkgciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNKRU5JNXg3QnZsOVFCOGpWNy1jU1dTQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iNGFkODUtMTZhOC00ODdhLThhNzct
ODg1MmE1MzJhZDQ1LzEvcVVwT0pBekM2X0RxWWtIMXpERFRTdWdodHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iNGFkODUtMTZhOC00ODdhLThhNzctODg1MmE1MzJhZDQ1
LzEvbzNKRU5JNXg3QnZsOVFCOGpWNy1jU1dTQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNYQDAN
BgkqhkiG9w0BAQsFAAOCAQEAmCHq6fNmcRSAjfsVEs9gAPz3a8lT8dBTUkjCaMtA
5qS9yRgXO+oT6BNA99xuIE+VgcFSEiKFu2eAP2tTifWZk9p/28xs9bLUQgxc1hib
cxhbku+WB85vpl6WpuSq7mMAglUczJ+zs6CDp3n49KlmjoBcCawilGBzFbyuuoIa
4Kn8LAVlxcrnj5a+wK0ugepYLvDIgQgqRic151DBYNBI7Ec2EV4rcG/0eh/htihB
W76qmmFcsfI7MIPtU7f9zEBQRBr2mUn/J1wRf24PL3tQjTxqZ013R1QmTSSnwW1p
9KCp5q/3tLh9X4fAMsdkxkDwH4K1UnU4RhByxvneCg+J8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org