Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5d6fdd-6d41-4125-8bb5-8f32d03194b0/1/qalPO8-g61yFH1RSbM0Legny5Ro.roa
File: qalPO8-g61yFH1RSbM0Legny5Ro.roa (raw, json)
Hash identifier: /9sR0Unj8Bg5UntMsZ3VIJaEgV9krObZ7Rqs4w6kqXk=
Subject key identifier: A9:A9:4F:3B:CF:A0:EB:5C:85:1F:54:52:6C:CD:0B:7A:09:F2:E5:1A
Certificate issuer: /CN=f41180a7c51667ec3875e765f245f90938612571
Certificate serial: 018CC56EFAC52F120F1315EAF5F9FED5852F
Authority key identifier: F4:11:80:A7:C5:16:67:EC:38:75:E7:65:F2:45:F9:09:38:61:25:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9BGAp8UWZ-w4dedl8kX5CThhJXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5d6fdd-6d41-4125-8bb5-8f32d03194b0/1/qalPO8-g61yFH1RSbM0Legny5Ro.roa
Signing time: Mon 01 Jan 2024 14:30:33 +0000
ROA not before: Mon 01 Jan 2024 14:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35332
IP address blocks: 2001:67c:a3c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fa:c5:2f:12:0f:13:15:ea:f5:f9:fe:d5:85:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f41180a7c51667ec3875e765f245f90938612571
Validity
Not Before: Jan 1 14:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9a94f3bcfa0eb5c851f54526ccd0b7a09f2e51a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9a:6e:f6:1e:99:85:c7:d1:ad:82:02:72:30:
e6:ad:97:f1:26:4f:53:7a:95:ff:de:d1:c5:ab:05:
21:2b:6a:ee:e4:26:16:b2:dd:5d:e5:0d:64:08:cd:
68:1c:af:75:52:2c:e1:2b:77:7e:bc:17:76:ec:ad:
8d:06:3f:e7:80:21:9e:d0:60:e2:05:68:f9:31:40:
5e:f2:c3:e7:dd:5f:01:ae:e0:c9:4e:fb:12:ac:fd:
89:c4:94:20:19:31:27:4b:22:1c:54:51:be:d8:32:
12:6e:84:99:b0:60:35:50:be:87:2b:c8:35:40:f9:
cf:ac:72:85:92:20:90:5e:1d:8a:f4:ab:6e:ca:5b:
0e:d1:df:e6:9b:10:e0:20:c0:44:f4:09:72:7f:5b:
0b:11:04:ce:87:1e:88:88:25:61:33:18:82:47:53:
b6:fd:21:6f:e1:71:fd:98:a3:a3:e5:15:ff:02:63:
fd:b7:f6:9b:7e:e9:76:52:98:6b:bf:85:b7:2f:b1:
57:90:41:68:10:f4:fb:14:96:e8:3f:64:c3:e4:78:
ed:31:43:c3:db:f6:7d:1d:91:dd:ff:55:c6:c6:e0:
04:a9:60:46:65:ca:94:c1:d7:5c:4b:d8:d9:d0:72:
1c:91:a1:9d:5e:1d:51:31:e4:12:ef:18:77:04:5e:
de:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A9:4F:3B:CF:A0:EB:5C:85:1F:54:52:6C:CD:0B:7A:09:F2:E5:1A
X509v3 Authority Key Identifier:
keyid:F4:11:80:A7:C5:16:67:EC:38:75:E7:65:F2:45:F9:09:38:61:25:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9BGAp8UWZ-w4dedl8kX5CThhJXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5d6fdd-6d41-4125-8bb5-8f32d03194b0/1/qalPO8-g61yFH1RSbM0Legny5Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5d6fdd-6d41-4125-8bb5-8f32d03194b0/1/9BGAp8UWZ-w4dedl8kX5CThhJXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a3c::/48
Signature Algorithm: sha256WithRSAEncryption
27:28:ca:18:f2:15:1d:db:69:55:a3:5f:26:ed:c6:72:9d:93:
b3:d5:8d:ce:9b:47:1a:d6:3c:dd:e5:3e:19:a5:1f:be:f9:65:
c1:73:e0:9b:c3:cf:3d:69:a3:0d:fe:0b:80:0b:80:d8:cc:c5:
8b:47:21:94:82:c2:09:63:62:f9:ba:b1:b6:bf:ac:ea:79:ab:
1e:4c:4d:62:45:fb:8e:e8:09:78:72:e8:ab:96:c2:76:f6:07:
d0:61:86:37:f9:c5:7a:92:7e:f3:1c:9a:05:2b:3c:f2:e2:e8:
3c:3f:cf:58:3e:31:68:42:18:bd:55:76:9b:e2:63:42:9e:9b:
a5:9b:b7:15:63:f8:e1:d5:8e:b2:47:f8:81:1b:4f:fc:c6:9f:
44:85:6f:70:4e:a5:04:0b:09:f5:49:ea:27:8a:1c:a9:8e:6a:
8d:3c:67:f4:66:08:54:03:42:11:fb:2e:80:08:45:eb:0a:af:
e9:36:73:84:9c:a0:0c:39:59:cb:01:d6:17:52:9a:39:0e:91:
f8:1c:18:57:b3:51:fd:cf:ad:81:86:2b:c1:53:d2:8d:d0:21:
d6:02:90:ed:c4:94:0b:ae:d5:b5:15:61:11:97:a0:bc:88:44:
df:ae:df:84:b0:43:5b:b6:5b:25:ad:ef:53:a6:09:55:43:c9:
6c:99:b9:35
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFbvrFLxIPExXq9fn+1YUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MTE4MGE3YzUxNjY3ZWMzODc1ZTc2NWYyNDVmOTA5Mzg2
MTI1NzEwHhcNMjQwMTAxMTQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE5NGYzYmNmYTBlYjVjODUxZjU0NTI2Y2NkMGI3YTA5ZjJlNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJpu9h6ZhcfRrYICcjDmrZfxJk9T
epX/3tHFqwUhK2ru5CYWst1d5Q1kCM1oHK91UizhK3d+vBd27K2NBj/ngCGe0GDi
BWj5MUBe8sPn3V8BruDJTvsSrP2JxJQgGTEnSyIcVFG+2DISboSZsGA1UL6HK8g1
QPnPrHKFkiCQXh2K9KtuylsO0d/mmxDgIMBE9Alyf1sLEQTOhx6IiCVhMxiCR1O2
/SFv4XH9mKOj5RX/AmP9t/abful2Uphrv4W3L7FXkEFoEPT7FJboP2TD5HjtMUPD
2/Z9HZHd/1XGxuAEqWBGZcqUwddcS9jZ0HIckaGdXh1RMeQS7xh3BF7eZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKmpTzvPoOtchR9UUmzNC3oJ8uUaMB8GA1UdIwQY
MBaAFPQRgKfFFmfsOHXnZfJF+Qk4YSVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUJHQXA4VVdaLXc0ZGVkbDhrWDVDVGhoSlhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZDZmZGQtNmQ0MS00MTI1LThiYjUt
OGYzMmQwMzE5NGIwLzEvcWFsUE84LWc2MXlGSDFSU2JNMExlZ255NVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81ZDZmZGQtNmQ0MS00MTI1LThiYjUtOGYzMmQwMzE5NGIw
LzEvOUJHQXA4VVdaLXc0ZGVkbDhrWDVDVGhoSlhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAo8
MA0GCSqGSIb3DQEBCwUAA4IBAQAnKMoY8hUd22lVo18m7cZynZOz1Y3Om0ca1jzd
5T4ZpR+++WXBc+Cbw889aaMN/guAC4DYzMWLRyGUgsIJY2L5urG2v6zqeaseTE1i
RfuO6Al4cuirlsJ29gfQYYY3+cV6kn7zHJoFKzzy4ug8P89YPjFoQhi9VXab4mNC
npulm7cVY/jh1Y6yR/iBG0/8xp9EhW9wTqUECwn1SeonihypjmqNPGf0ZghUA0IR
+y6ACEXrCq/pNnOEnKAMOVnLAdYXUpo5DpH4HBhXs1H9z62BhivBU9KN0CHWApDt
xJQLrtW1FWERl6C8iETfrt+EsENbtlslre9TpglVQ8lsmbk1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:11 2025 by rpki-client