Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/Qg-2k-lxQS1cwjAWMypDtBQF_Ug.roa
File: Qg-2k-lxQS1cwjAWMypDtBQF_Ug.roa (raw, json)
Hash identifier: 1svY2M4xyPcaRDw27lzXy2skkgPC7WfsI+LCEyJnS6o=
Subject key identifier: 42:0F:B6:93:E9:71:41:2D:5C:C2:30:16:33:2A:43:B4:14:05:FD:48
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 0188F78570108E0AD255A2ADB9F49A323D59
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/Qg-2k-lxQS1cwjAWMypDtBQF_Ug.roa
Signing time: Mon 26 Jun 2023 11:44:57 +0000
ROA not before: Mon 26 Jun 2023 11:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31004
IP address blocks: 2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
2a00:4bc0:2300::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:85:70:10:8e:0a:d2:55:a2:ad:b9:f4:9a:32:3d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jun 26 11:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=420fb693e971412d5cc23016332a43b41405fd48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:af:c3:48:34:33:85:18:c4:da:ec:64:e9:e4:
4a:10:68:c4:64:dd:87:df:08:b6:1b:b9:24:cd:09:
c4:5b:ee:de:7b:a6:87:a3:4c:e9:6b:71:7e:fe:9a:
03:37:10:e0:6d:df:50:77:97:1a:ee:11:29:55:0c:
18:8d:1c:a9:4e:79:11:a4:29:0f:0c:11:65:dd:77:
9b:5b:dc:a4:66:4b:68:be:99:d0:b5:1d:cb:a8:b8:
cb:2a:f1:42:76:a3:0e:22:ac:0c:9f:a0:0a:e5:be:
78:53:e3:2f:44:91:40:e6:2d:e1:93:a2:0a:c6:73:
a1:83:69:a7:a4:79:ce:6d:f2:92:b0:84:ad:49:a8:
0a:dd:63:bc:bf:7a:cc:a4:4b:99:0a:88:15:94:3c:
42:d4:b0:e5:84:9a:74:32:73:85:9b:ca:a9:06:20:
c4:3d:a0:a9:86:fd:27:86:6d:e2:35:c2:ed:88:44:
7b:e3:ff:9a:02:2f:51:f1:37:94:d0:47:54:44:cf:
e3:98:24:29:90:dd:65:f3:80:af:2d:37:a8:5d:0c:
52:7e:e0:39:f5:1b:ea:d4:a1:80:52:34:d0:69:e1:
a8:7a:2f:9f:bf:4f:39:56:76:c0:9e:d7:44:dc:b0:
a8:77:7b:3a:cb:58:bf:05:34:ad:ce:f3:a0:60:fd:
2d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0F:B6:93:E9:71:41:2D:5C:C2:30:16:33:2A:43:B4:14:05:FD:48
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/Qg-2k-lxQS1cwjAWMypDtBQF_Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2300::-2a00:4bc0:24ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:78:e3:67:95:c3:e0:a0:2f:09:ac:49:95:c8:75:ab:b5:23:
10:96:5d:0f:6a:44:aa:f3:b4:09:a9:93:ee:1e:0b:fb:f8:5f:
a3:cf:f0:58:41:c7:f5:83:9c:ce:ba:1d:a5:4b:52:d7:2e:96:
20:73:b5:9d:f6:d0:ec:28:2c:54:44:b9:4d:80:66:66:30:10:
c5:af:94:c8:de:ed:bc:b1:ee:7d:62:29:d8:ca:15:8d:4f:c0:
cf:bd:c7:9c:bf:80:c1:8c:4e:af:e5:8d:06:b9:10:24:ed:03:
88:bb:42:6e:99:96:8c:a8:df:73:9a:61:36:52:d5:c7:20:c8:
8e:1a:80:04:d6:64:bf:8d:0d:17:13:01:64:ea:bf:40:cc:66:
4c:f6:6b:9a:08:6a:9e:46:18:d9:9e:15:f8:b8:da:ab:70:69:
5e:f2:b8:a7:85:d7:bb:a6:0b:7e:d3:fc:04:2a:f9:68:9b:28:
68:d5:d7:a9:94:5d:21:da:19:ff:5a:bd:c6:ef:ef:49:dd:c1:
0e:59:1c:b9:bd:60:63:8e:3c:ed:3c:50:40:6f:50:44:7d:48:
09:aa:82:71:bd:02:3c:5b:de:c4:bf:95:08:25:53:9b:07:9f:
77:7c:b2:de:4b:04:f6:e6:14:1a:e7:2b:46:2c:3b:24:48:2e:
10:25:8a:76
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYj3hXAQjgrSVaKtufSaMj1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMwNjI2MTE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjBmYjY5M2U5NzE0MTJkNWNjMjMwMTYzMzJhNDNiNDE0MDVmZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq/DSDQzhRjE2uxk6eRKEGjEZN2H
3wi2G7kkzQnEW+7ee6aHo0zpa3F+/poDNxDgbd9Qd5ca7hEpVQwYjRypTnkRpCkP
DBFl3XebW9ykZktovpnQtR3LqLjLKvFCdqMOIqwMn6AK5b54U+MvRJFA5i3hk6IK
xnOhg2mnpHnObfKSsIStSagK3WO8v3rMpEuZCogVlDxC1LDlhJp0MnOFm8qpBiDE
PaCphv0nhm3iNcLtiER74/+aAi9R8TeU0EdURM/jmCQpkN1l84CvLTeoXQxSfuA5
9Rvq1KGAUjTQaeGoei+fv085VnbAntdE3LCod3s6y1i/BTStzvOgYP0t6QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEIPtpPpcUEtXMIwFjMqQ7QUBf1IMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvUWctMmstbHhRUzFjd2pBV015cER0QlFGX1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwcEKgBLwCAA
AwYAKgBLwCEwEAMGACoAS8AjAwYAKgBLwCQwDQYJKoZIhvcNAQELBQADggEBAE94
42eVw+CgLwmsSZXIdau1IxCWXQ9qRKrztAmpk+4eC/v4X6PP8FhBx/WDnM66HaVL
UtculiBztZ320OwoLFREuU2AZmYwEMWvlMje7byx7n1iKdjKFY1PwM+9x5y/gMGM
Tq/ljQa5ECTtA4i7Qm6Zloyo33OaYTZS1ccgyI4agATWZL+NDRcTAWTqv0DMZkz2
a5oIap5GGNmeFfi42qtwaV7yuKeF17umC37T/AQq+WibKGjV16mUXSHaGf9avcbv
70ndwQ5ZHLm9YGOOPO08UEBvUER9SAmqgnG9Ajxb3sS/lQglU5sHn3d8st5LBPbm
FBrnK0YsOyRILhAlinY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:20 2024 by rpki-client on console-ams.rpki-client.org