Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/wqm-KiSt-7fV7z_ymqCu8NbJE0k.roa
File: wqm-KiSt-7fV7z_ymqCu8NbJE0k.roa (raw, json)
Hash identifier: TyihScRJBAuX8P1tYKUTeYAYCzHd4z/lFbEXnFz+tOw=
Subject key identifier: C2:A9:BE:2A:24:AD:FB:B7:D5:EF:3F:F2:9A:A0:AE:F0:D6:C9:13:49
Certificate issuer: /CN=2901d76431c6e873d3c44730571e1e50d602057c
Certificate serial: 01856F8B7B038C0516CA6F46AD508CB33288
Authority key identifier: 29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/wqm-KiSt-7fV7z_ymqCu8NbJE0k.roa
Signing time: Sun 01 Jan 2023 22:54:49 +0000
ROA not before: Sun 01 Jan 2023 22:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212037
IP address blocks: 2001:67c:1680::/48 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:7b:03:8c:05:16:ca:6f:46:ad:50:8c:b3:32:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901d76431c6e873d3c44730571e1e50d602057c
Validity
Not Before: Jan 1 22:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2a9be2a24adfbb7d5ef3ff29aa0aef0d6c91349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:da:2c:59:40:5a:82:71:f7:f5:55:51:da:d0:
ab:a6:0f:cd:33:4f:66:b3:26:39:b6:47:99:5f:7e:
4e:37:42:92:c3:f6:4c:81:d1:61:31:7a:f1:f0:a4:
26:69:b8:59:6c:1a:66:a7:89:31:30:b3:ba:e1:8f:
c1:aa:d3:a8:9a:03:9d:e9:12:f6:66:be:6b:d9:68:
e0:7c:0b:f8:32:9a:e7:96:aa:7a:40:01:f5:94:c8:
47:1d:cd:12:2c:db:0e:2d:9c:ca:28:c4:a4:fc:dc:
02:af:6a:3e:62:3b:91:fc:ba:3c:c9:5a:24:cd:f6:
29:7a:e1:9c:b9:8d:a4:68:83:65:59:41:42:e1:da:
29:b1:7e:2c:00:dd:aa:01:c4:40:d3:97:2f:6d:41:
9d:fa:f0:58:79:a9:da:b9:a7:62:9f:23:52:44:3a:
2f:a6:a7:bb:c4:87:8b:60:00:b5:db:88:f1:5b:cc:
e7:25:2f:a6:7f:25:9c:47:06:98:1f:03:b6:4b:ef:
fb:84:04:88:08:2e:db:94:6a:84:23:7d:99:a9:32:
bb:95:3d:c2:e6:a5:17:5e:8c:e1:d8:56:91:1c:c1:
8c:fc:79:c1:13:aa:63:2b:c1:fe:79:9b:a1:c1:1f:
63:c2:a8:c8:72:c6:7c:72:0e:d6:c2:ec:77:d8:81:
1d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A9:BE:2A:24:AD:FB:B7:D5:EF:3F:F2:9A:A0:AE:F0:D6:C9:13:49
X509v3 Authority Key Identifier:
keyid:29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/wqm-KiSt-7fV7z_ymqCu8NbJE0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1680::/48
Signature Algorithm: sha256WithRSAEncryption
a1:ac:10:4c:01:1e:22:90:40:35:24:fc:5b:3b:16:f9:d5:91:
a9:89:4f:e2:d0:b5:91:65:e1:c0:d8:fb:a0:e5:ac:d5:20:28:
16:58:c6:12:52:a8:84:01:b5:81:17:09:a7:ec:e4:16:45:3a:
d0:60:73:c9:44:f5:06:ee:aa:29:97:2d:12:45:ba:b7:03:3a:
0c:a3:87:93:3f:24:fd:0f:9f:45:17:3c:b7:0a:03:8a:c9:29:
8b:f7:98:7d:b3:1e:b4:44:fb:d5:2d:7a:87:da:64:fe:13:12:
74:d5:d0:80:b0:8d:ee:9f:7a:a9:96:d8:39:13:81:d3:76:50:
a3:6c:15:05:ea:4c:24:b8:d8:c1:cc:51:3d:1c:2c:24:2f:7b:
39:b2:e5:14:3a:80:93:bd:4c:59:92:ef:c6:31:22:cf:39:88:
e6:df:e9:bc:63:54:00:ea:fb:cc:3c:a3:ef:55:46:f0:97:8f:
53:04:c8:23:68:3b:af:fa:17:a3:71:31:e6:e5:20:c6:72:5c:
5f:ea:1a:54:59:9c:d9:1c:49:03:5b:3d:58:81:ad:ce:3a:fa:
f1:68:cf:e1:f6:67:42:eb:dc:5b:fc:53:da:e7:8f:3e:3b:1b:
8a:32:a0:99:4d:ec:4d:47:09:d9:ac:bf:b0:1c:f0:de:22:2d:
20:d0:45:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvi3sDjAUWym9GrVCMszKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFkNzY0MzFjNmU4NzNkM2M0NDczMDU3MWUxZTUwZDYw
MjA1N2MwHhcNMjMwMTAxMjI1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmE5YmUyYTI0YWRmYmI3ZDVlZjNmZjI5YWEwYWVmMGQ2YzkxMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9osWUBagnH39VVR2tCrpg/NM09m
syY5tkeZX35ON0KSw/ZMgdFhMXrx8KQmabhZbBpmp4kxMLO64Y/BqtOomgOd6RL2
Zr5r2WjgfAv4Mprnlqp6QAH1lMhHHc0SLNsOLZzKKMSk/NwCr2o+YjuR/Lo8yVok
zfYpeuGcuY2kaINlWUFC4dopsX4sAN2qAcRA05cvbUGd+vBYeanauadinyNSRDov
pqe7xIeLYAC124jxW8znJS+mfyWcRwaYHwO2S+/7hASICC7blGqEI32ZqTK7lT3C
5qUXXozh2FaRHMGM/HnBE6pjK8H+eZuhwR9jwqjIcsZ8cg7Wwux32IEdwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMKpviokrfu31e8/8pqgrvDWyRNJMB8GA1UdIwQY
MBaAFCkB12Qxxuhz08RHMFceHlDWAgV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wNWMzYTEtYzhmZS00MGZmLTljNTIt
M2U2ZjAzMjQ0MTBhLzEvd3FtLUtpU3QtN2ZWN3pfeW1xQ3U4TmJKRTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wNWMzYTEtYzhmZS00MGZmLTljNTItM2U2ZjAzMjQ0MTBh
LzEvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBaA
MA0GCSqGSIb3DQEBCwUAA4IBAQChrBBMAR4ikEA1JPxbOxb51ZGpiU/i0LWRZeHA
2Pug5azVICgWWMYSUqiEAbWBFwmn7OQWRTrQYHPJRPUG7qoply0SRbq3AzoMo4eT
PyT9D59FFzy3CgOKySmL95h9sx60RPvVLXqH2mT+ExJ01dCAsI3un3qpltg5E4HT
dlCjbBUF6kwkuNjBzFE9HCwkL3s5suUUOoCTvUxZku/GMSLPOYjm3+m8Y1QA6vvM
PKPvVUbwl49TBMgjaDuv+hejcTHm5SDGclxf6hpUWZzZHEkDWz1Yga3OOvrxaM/h
9mdC69xb/FPa548+OxuKMqCZTexNRwnZrL+wHPDeIi0g0EVn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:29 2024 by rpki-client on console-fra.rpki-client.org