Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/QFXruYI7sdvnRnMFdqwLCIFinak.roa
File: QFXruYI7sdvnRnMFdqwLCIFinak.roa (raw, json)
Hash identifier: z3SNvIu+QOM055TBxCaH+nFSM4txDp34tCpV0aTUvVo=
Subject key identifier: 40:55:EB:B9:82:3B:B1:DB:E7:46:73:05:76:AC:0B:08:81:62:9D:A9
Certificate issuer: /CN=9a26657e6b25449425b748645e7420c76ac2b3a4
Certificate serial: 018EBEAB2B01754D550D0B8431DBD5860A01
Authority key identifier: 9A:26:65:7E:6B:25:44:94:25:B7:48:64:5E:74:20:C7:6A:C2:B3:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miZlfmslRJQlt0hkXnQgx2rCs6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/QFXruYI7sdvnRnMFdqwLCIFinak.roa
Signing time: Mon 08 Apr 2024 17:04:32 +0000
ROA not before: Mon 08 Apr 2024 17:04:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a12:be00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Apr 2024 11:25:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:ab:2b:01:75:4d:55:0d:0b:84:31:db:d5:86:0a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a26657e6b25449425b748645e7420c76ac2b3a4
Validity
Not Before: Apr 8 17:04:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4055ebb9823bb1dbe746730576ac0b0881629da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:96:21:00:a3:4c:a8:4c:4e:02:5f:c3:23:d2:
ab:6f:95:8b:8f:12:f5:cd:7c:82:1e:16:30:d1:29:
bd:79:23:e0:2b:54:05:95:b1:a2:e2:85:f5:f3:fa:
46:4d:96:d9:17:e7:f5:44:f0:df:c1:c9:df:43:07:
a7:71:19:04:47:07:68:cf:7f:ca:c5:b1:e3:6c:6c:
97:e2:56:00:ea:af:c4:af:62:e4:a4:1c:93:71:ee:
38:a9:ff:53:7a:69:ad:18:74:29:47:a2:5e:49:8d:
c1:fc:cf:7a:f9:9b:d1:2b:e4:97:2a:30:81:c8:29:
24:3d:97:6c:54:35:d7:8c:d2:13:89:54:c4:b8:e2:
2e:41:f2:21:ac:21:9e:14:b5:92:29:16:8e:e9:4f:
6b:fc:29:7c:79:69:50:1d:a5:f3:c2:30:4c:4f:fd:
b1:67:9f:c2:1b:a9:c0:f3:2a:d1:2e:7c:0f:1c:8d:
07:db:6f:2a:4d:e8:2d:d9:76:51:2a:75:59:2d:f0:
01:e8:75:91:38:75:21:7b:ca:32:6c:bf:4f:7b:55:
23:bd:98:f5:b5:2f:84:f5:ee:2f:50:ef:86:1b:d5:
ca:7e:4e:d2:b2:9a:35:23:88:3d:f5:d3:c7:b0:a8:
fc:0e:50:e9:2e:29:d1:ee:a1:06:54:2f:23:d9:a3:
8f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:55:EB:B9:82:3B:B1:DB:E7:46:73:05:76:AC:0B:08:81:62:9D:A9
X509v3 Authority Key Identifier:
keyid:9A:26:65:7E:6B:25:44:94:25:B7:48:64:5E:74:20:C7:6A:C2:B3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miZlfmslRJQlt0hkXnQgx2rCs6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/QFXruYI7sdvnRnMFdqwLCIFinak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8eddf2-7d7c-44a3-b0fd-110b768bf4c0/1/miZlfmslRJQlt0hkXnQgx2rCs6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:be00::/29
Signature Algorithm: sha256WithRSAEncryption
49:50:27:78:0b:92:25:a5:d9:f1:ab:4d:b6:dd:b5:6c:1c:a2:
dd:f5:29:09:e3:b5:b5:56:87:a9:17:d0:8f:28:8d:1b:67:03:
ab:53:57:69:b3:af:0b:a3:82:b5:52:23:c3:08:f2:83:7c:1c:
1a:85:dd:ce:f0:57:1d:1a:20:59:48:ef:4c:f0:78:56:3c:ad:
fe:ab:70:bb:cf:f9:e9:9e:80:01:14:a0:8c:34:77:7c:55:5f:
61:45:92:77:d9:08:70:86:86:1d:95:e1:2b:a9:b3:97:aa:c7:
ae:52:f1:68:18:9f:e2:3b:d4:cf:c7:f0:ad:39:cd:56:16:b3:
8f:e7:c6:b8:07:de:51:cc:0a:5e:3b:7f:22:20:57:ff:04:71:
88:73:93:73:a5:8a:a1:f1:e7:35:97:9b:05:dc:60:aa:e8:31:
53:b1:f8:7c:c0:e5:6f:d1:b0:a4:7a:19:f6:21:cd:69:e2:4c:
3a:8a:3d:1a:01:b7:f8:60:e9:78:d7:e5:d2:0e:78:a5:03:25:
0f:d5:2f:30:65:e9:35:cb:5d:60:2a:72:76:fd:bf:da:df:a4:
e5:aa:39:1d:13:9e:87:20:c4:df:00:fc:88:d7:d1:4a:08:61:
6d:a4:bf:03:c4:2c:3b:b3:3e:e0:34:3e:d0:a9:53:b3:e1:9b:
4f:bc:ef:87
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY6+qysBdU1VDQuEMdvVhgoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjY2NTdlNmIyNTQ0OTQyNWI3NDg2NDVlNzQyMGM3NmFj
MmIzYTQwHhcNMjQwNDA4MTcwNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDU1ZWJiOTgyM2JiMWRiZTc0NjczMDU3NmFjMGIwODgxNjI5ZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpYhAKNMqExOAl/DI9Krb5WLjxL1
zXyCHhYw0Sm9eSPgK1QFlbGi4oX18/pGTZbZF+f1RPDfwcnfQwencRkERwdoz3/K
xbHjbGyX4lYA6q/Er2LkpByTce44qf9TemmtGHQpR6JeSY3B/M96+ZvRK+SXKjCB
yCkkPZdsVDXXjNITiVTEuOIuQfIhrCGeFLWSKRaO6U9r/Cl8eWlQHaXzwjBMT/2x
Z5/CG6nA8yrRLnwPHI0H228qTegt2XZRKnVZLfAB6HWROHUhe8oybL9Pe1UjvZj1
tS+E9e4vUO+GG9XKfk7Sspo1I4g99dPHsKj8DlDpLinR7qEGVC8j2aOPRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEBV67mCO7Hb50ZzBXasCwiBYp2pMB8GA1UdIwQY
MBaAFJomZX5rJUSUJbdIZF50IMdqwrOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlabGZtc2xSSlFsdDBoa1huUWd4MnJDczZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZWRkZjItN2Q3Yy00NGEzLWIwZmQt
MTEwYjc2OGJmNGMwLzEvUUZYcnVZSTdzZHZuUm5NRmRxd0xDSUZpbmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZWRkZjItN2Q3Yy00NGEzLWIwZmQtMTEwYjc2OGJmNGMw
LzEvbWlabGZtc2xSSlFsdDBoa1huUWd4MnJDczZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhK+ADAN
BgkqhkiG9w0BAQsFAAOCAQEASVAneAuSJaXZ8atNtt21bByi3fUpCeO1tVaHqRfQ
jyiNG2cDq1NXabOvC6OCtVIjwwjyg3wcGoXdzvBXHRogWUjvTPB4Vjyt/qtwu8/5
6Z6AARSgjDR3fFVfYUWSd9kIcIaGHZXhK6mzl6rHrlLxaBif4jvUz8fwrTnNVhaz
j+fGuAfeUcwKXjt/IiBX/wRxiHOTc6WKofHnNZebBdxgqugxU7H4fMDlb9GwpHoZ
9iHNaeJMOoo9GgG3+GDpeNfl0g54pQMlD9UvMGXpNctdYCpydv2/2t+k5ao5HROe
hyDE3wD8iNfRSghhbaS/A8QsO7M+4DQ+0KlTs+GbT7zvhw==
-----END CERTIFICATE-----
Generated at Tue Apr 9 14:36:29 2024 by rpki-client on console-fra.rpki-client.org