Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/QaqIsgGjcHCn9KS1_cFXGKONuIo.roa
File: QaqIsgGjcHCn9KS1_cFXGKONuIo.roa (raw, json)
Hash identifier: 3vtK7r2wsb7JKsyVWZ7iNbUkA93nnzWoRKOLgtCvABw=
Subject key identifier: 41:AA:88:B2:01:A3:70:70:A7:F4:A4:B5:FD:C1:57:18:A3:8D:B8:8A
Certificate issuer: /CN=ed64691c31892cc991ad4e9a9671147759e417ab
Certificate serial: 018FA557C033B1C3EDC43723BCC5B3F2C5C3
Authority key identifier: ED:64:69:1C:31:89:2C:C9:91:AD:4E:9A:96:71:14:77:59:E4:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/QaqIsgGjcHCn9KS1_cFXGKONuIo.roa
Signing time: Thu 23 May 2024 12:05:42 +0000
ROA not before: Thu 23 May 2024 12:05:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34689
IP address blocks: 2a13:9401::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Jun 2024 08:17:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:57:c0:33:b1:c3:ed:c4:37:23:bc:c5:b3:f2:c5:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed64691c31892cc991ad4e9a9671147759e417ab
Validity
Not Before: May 23 12:05:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41aa88b201a37070a7f4a4b5fdc15718a38db88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:14:78:1e:1b:e1:bf:cb:f2:a0:ae:49:db:de:
8f:51:d9:88:45:9f:c1:71:ae:df:ff:9f:64:32:c4:
31:3f:2b:a3:96:90:b7:59:e8:67:d9:82:10:c0:43:
6c:35:90:4e:3e:a6:69:23:67:61:dd:3b:69:68:a0:
ad:f7:1f:81:c6:63:d6:ed:81:85:5f:73:eb:c1:dc:
b8:7b:87:9f:b1:2c:8a:0d:c3:de:7b:7d:14:27:12:
9e:1b:28:e0:0c:9a:ce:3e:28:2f:58:b6:e0:fb:e2:
7c:38:07:bd:7e:9e:53:dc:db:14:c8:38:c0:74:5b:
87:4f:d9:c3:07:47:31:4f:37:b2:4d:53:b0:aa:f8:
b3:2e:8f:8d:18:43:e3:49:2a:b2:c2:0a:02:d1:56:
6f:7a:89:fc:da:4c:b1:ec:e8:eb:77:2d:7d:cf:2a:
ed:c9:27:ff:4b:94:f6:dc:09:9b:9c:72:68:27:28:
62:5e:4c:63:72:05:e0:dc:dc:97:e7:d3:f8:43:00:
7f:da:ad:b5:c6:a3:51:37:54:8c:dd:d0:da:5d:57:
24:15:fc:42:ac:75:9a:05:14:3b:cb:06:14:18:49:
f1:1f:36:c1:c6:b2:af:9b:2d:a9:b8:6f:22:a8:6f:
f6:10:a0:06:7a:70:1f:df:9f:49:5d:6a:3f:b6:87:
3e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AA:88:B2:01:A3:70:70:A7:F4:A4:B5:FD:C1:57:18:A3:8D:B8:8A
X509v3 Authority Key Identifier:
keyid:ED:64:69:1C:31:89:2C:C9:91:AD:4E:9A:96:71:14:77:59:E4:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/QaqIsgGjcHCn9KS1_cFXGKONuIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/7WRpHDGJLMmRrU6alnEUd1nkF6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9401::/32
Signature Algorithm: sha256WithRSAEncryption
28:62:18:bc:aa:15:6c:97:21:41:27:07:87:be:3d:9a:3f:53:
36:ae:3c:a5:20:b0:77:c9:56:cd:b4:cc:35:d1:fe:84:2e:57:
f8:d4:a3:d3:a7:1f:8e:c4:8b:0a:0a:d9:34:ef:f3:66:a9:a9:
77:26:3a:4a:d9:be:b7:5f:57:e2:d0:67:51:a6:75:8b:2b:01:
e6:f9:ff:c4:99:3c:47:a5:15:13:fd:14:97:74:99:2b:41:b5:
e7:ef:a3:9f:86:40:ad:67:0c:93:2c:60:9e:f3:43:d8:08:c6:
d1:4f:4b:d9:c1:f5:a4:2e:5c:8a:d8:c4:f3:68:25:8b:c6:8a:
fa:5e:64:c1:37:0c:8e:4c:ef:68:f4:35:0c:54:b8:2f:c5:87:
5b:68:41:65:1e:94:97:4b:6a:83:6d:85:fe:70:f8:61:22:4a:
08:cb:d2:dc:86:f5:e7:f1:68:0a:57:83:82:89:67:6b:43:bf:
75:67:a6:86:6b:e0:86:c8:b1:8a:b1:34:39:4a:94:63:b9:68:
49:d9:4e:b4:52:42:55:63:6e:4e:69:c8:ff:06:8e:ca:65:4a:
a4:b3:3f:1c:42:24:27:cc:00:1a:23:d6:c3:eb:3e:1c:66:70:
d6:f7:fd:cf:c6:73:f1:49:63:51:6b:8c:75:0a:f2:1d:16:0a:
d2:0a:29:d9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+lV8AzscPtxDcjvMWz8sXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjQ2OTFjMzE4OTJjYzk5MWFkNGU5YTk2NzExNDc3NTll
NDE3YWIwHhcNMjQwNTIzMTIwNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFhODhiMjAxYTM3MDcwYTdmNGE0YjVmZGMxNTcxOGEzOGRiODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxR4Hhvhv8vyoK5J296PUdmIRZ/B
ca7f/59kMsQxPyujlpC3Wehn2YIQwENsNZBOPqZpI2dh3TtpaKCt9x+BxmPW7YGF
X3Prwdy4e4efsSyKDcPee30UJxKeGyjgDJrOPigvWLbg++J8OAe9fp5T3NsUyDjA
dFuHT9nDB0cxTzeyTVOwqvizLo+NGEPjSSqywgoC0VZveon82kyx7Ojrdy19zyrt
ySf/S5T23AmbnHJoJyhiXkxjcgXg3NyX59P4QwB/2q21xqNRN1SM3dDaXVckFfxC
rHWaBRQ7ywYUGEnxHzbBxrKvmy2puG8iqG/2EKAGenAf359JXWo/toc+NwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEGqiLIBo3Bwp/Sktf3BVxijjbiKMB8GA1UdIwQY
MBaAFO1kaRwxiSzJka1OmpZxFHdZ5BerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dScEhER0pMTW1SclU2YWxuRVVkMW5rRjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mNjdkMDktODkyMy00MTUyLTk1ZjIt
N2M3ZGIyMTIzMGEzLzEvUWFxSXNnR2pjSENuOUtTMV9jRlhHS09OdUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mNjdkMDktODkyMy00MTUyLTk1ZjItN2M3ZGIyMTIzMGEz
LzEvN1dScEhER0pMTW1SclU2YWxuRVVkMW5rRjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOUATAN
BgkqhkiG9w0BAQsFAAOCAQEAKGIYvKoVbJchQScHh749mj9TNq48pSCwd8lWzbTM
NdH+hC5X+NSj06cfjsSLCgrZNO/zZqmpdyY6Stm+t19X4tBnUaZ1iysB5vn/xJk8
R6UVE/0Ul3SZK0G15++jn4ZArWcMkyxgnvND2AjG0U9L2cH1pC5citjE82gli8aK
+l5kwTcMjkzvaPQ1DFS4L8WHW2hBZR6Ul0tqg22F/nD4YSJKCMvS3Ib15/FoCleD
golna0O/dWemhmvghsixirE0OUqUY7loSdlOtFJCVWNuTmnI/waOymVKpLM/HEIk
J8wAGiPWw+s+HGZw1vf9z8Zz8UljUWuMdQryHRYK0gop2Q==
-----END CERTIFICATE-----
Generated at Wed Jun 26 11:54:50 2024 by rpki-client on console-fra.rpki-client.org