Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/QCdFCwTNdJdgtXv7SKCjoj2Ixd0.roa
File: QCdFCwTNdJdgtXv7SKCjoj2Ixd0.roa (raw, json)
Hash identifier: zpimYnDvS5LS81E2ex0oYagbRFX8zrBFyT3rwKolapM=
Subject key identifier: 40:27:45:0B:04:CD:74:97:60:B5:7B:FB:48:A0:A3:A2:3D:88:C5:DD
Certificate issuer: /CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Certificate serial: 01942747A0F4B111A81D09CE6C93FCFF0198
Authority key identifier: 5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/QCdFCwTNdJdgtXv7SKCjoj2Ixd0.roa
Signing time: Thu 02 Jan 2025 13:49:53 +0000
ROA not before: Thu 02 Jan 2025 13:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60802
IP address blocks: 2001:67c:bcc::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 11 Jan 2025 19:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a0:f4:b1:11:a8:1d:09:ce:6c:93:fc:ff:01:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Validity
Not Before: Jan 2 13:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4027450b04cd749760b57bfb48a0a3a23d88c5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:72:b8:cf:8d:a0:07:78:34:a5:b4:a2:6d:03:
41:11:43:98:e5:1c:5f:bc:8d:8b:00:da:bf:3d:4c:
c3:fb:ff:73:a3:12:15:42:b4:29:7a:f5:21:48:96:
4b:26:4c:55:db:88:a8:f8:4b:00:44:3b:44:c8:69:
b4:10:e4:80:7c:7a:19:1e:e8:eb:27:b6:46:fc:56:
12:88:93:25:5a:09:12:ff:ad:c1:85:9f:0a:ea:3a:
db:13:b7:7b:95:24:37:f4:18:f3:20:a1:ad:13:9e:
b3:42:bd:80:e2:87:ad:32:66:5a:a2:80:06:72:ec:
62:e2:67:f2:3b:a2:da:c2:ea:b9:39:14:39:99:3f:
ec:2a:15:86:8e:3b:c3:69:f0:8c:8a:2b:7b:f7:54:
92:ac:b3:63:7a:f8:55:37:4d:0e:59:0e:e6:f4:89:
7a:a5:cc:5b:e8:51:53:6f:29:21:ee:16:ef:fb:c2:
4a:94:4b:32:45:4d:30:2a:9d:d7:9f:4f:fd:cf:ec:
e1:bd:e8:5b:3c:b1:78:9a:ba:36:06:a9:56:a8:4a:
60:79:a5:5e:8d:b9:04:bc:c3:d4:84:c7:b7:39:d5:
12:a8:eb:9d:a5:96:8c:3b:7c:af:9f:4c:34:8b:ee:
fa:40:46:37:db:22:ca:a5:0a:8c:15:98:5f:60:8b:
b5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:27:45:0B:04:CD:74:97:60:B5:7B:FB:48:A0:A3:A2:3D:88:C5:DD
X509v3 Authority Key Identifier:
keyid:5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/QCdFCwTNdJdgtXv7SKCjoj2Ixd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:bcc::/48
Signature Algorithm: sha256WithRSAEncryption
23:fa:5e:68:82:02:d5:ad:15:7b:4c:cf:09:ef:ce:a4:29:b5:
bd:74:dd:1b:f8:c0:12:43:cf:4f:b3:42:e1:31:67:54:d3:b2:
5e:0b:be:ca:1f:32:a7:44:ae:43:85:8c:04:54:15:11:00:9f:
61:b7:45:99:b8:b3:cb:60:73:76:1d:00:89:7c:a4:54:46:df:
0b:cf:56:56:c5:43:75:6f:cb:c2:bf:be:d4:b1:30:e6:de:51:
ab:7d:7d:00:24:10:26:ad:1f:75:cc:dd:04:e7:2f:20:ac:5b:
4c:7e:d0:b3:81:c4:8e:c4:f4:b9:bd:e2:c9:b4:11:03:5f:b0:
c3:f3:37:b3:f4:4a:6c:17:fd:32:b4:d5:f7:08:91:ff:00:64:
e1:01:46:bb:52:7b:77:8e:63:f4:05:62:fc:12:46:18:53:02:
9c:bd:e6:92:e3:8c:38:62:b4:0c:76:9e:73:ea:e5:4e:59:1d:
21:92:86:64:36:6d:72:76:b5:19:ba:37:49:f5:f0:e2:02:0a:
2d:7a:66:ac:e9:52:63:8c:3e:53:0b:09:c9:b2:5f:87:87:73:
57:20:75:c4:51:4a:e6:51:18:a0:3c:2e:27:47:61:32:98:2d:
13:d1:d2:80:6d:37:16:19:d5:04:16:19:17:78:b1:f6:eb:9d:
c2:84:b8:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR6D0sRGoHQnObJP8/wGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGZkOTBkOTg3Mjk3Y2I1ZGQ0ZTA3YmU4NDBkMjgwZDFl
MmNjNGEwHhcNMjUwMTAyMTM0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI3NDUwYjA0Y2Q3NDk3NjBiNTdiZmI0OGEwYTNhMjNkODhjNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXK4z42gB3g0pbSibQNBEUOY5Rxf
vI2LANq/PUzD+/9zoxIVQrQpevUhSJZLJkxV24io+EsARDtEyGm0EOSAfHoZHujr
J7ZG/FYSiJMlWgkS/63BhZ8K6jrbE7d7lSQ39BjzIKGtE56zQr2A4oetMmZaooAG
cuxi4mfyO6Lawuq5ORQ5mT/sKhWGjjvDafCMiit791SSrLNjevhVN00OWQ7m9Il6
pcxb6FFTbykh7hbv+8JKlEsyRU0wKp3Xn0/9z+zhvehbPLF4mro2BqlWqEpgeaVe
jbkEvMPUhMe3OdUSqOudpZaMO3yvn0w0i+76QEY32yLKpQqMFZhfYIu17QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEAnRQsEzXSXYLV7+0igo6I9iMXdMB8GA1UdIwQY
MBaAFF8P2Q2YcpfLXdTge+hA0oDR4sxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjIt
N2JjZWZhOWY1OWU4LzEvUUNkRkN3VE5kSmRndFh2N1NLQ2pvajJJeGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjItN2JjZWZhOWY1OWU4
LzEvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAvM
MA0GCSqGSIb3DQEBCwUAA4IBAQAj+l5oggLVrRV7TM8J786kKbW9dN0b+MASQ89P
s0LhMWdU07JeC77KHzKnRK5DhYwEVBURAJ9ht0WZuLPLYHN2HQCJfKRURt8Lz1ZW
xUN1b8vCv77UsTDm3lGrfX0AJBAmrR91zN0E5y8grFtMftCzgcSOxPS5veLJtBED
X7DD8zez9EpsF/0ytNX3CJH/AGThAUa7Unt3jmP0BWL8EkYYUwKcveaS44w4YrQM
dp5z6uVOWR0hkoZkNm1ydrUZujdJ9fDiAgotemas6VJjjD5TCwnJsl+Hh3NXIHXE
UUrmURigPC4nR2EymC0T0dKAbTcWGdUEFhkXeLH2653ChLgZ
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:22 2025 by rpki-client