Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/Q4BtWrZVZeUJ5VJFWmrDZ9Lylbg.roa
File: Q4BtWrZVZeUJ5VJFWmrDZ9Lylbg.roa (raw, json)
Hash identifier: yz4EXiAHBfZLQyhRtWRyvx0XY5tlFRc5MoTM2GVkM4M=
Subject key identifier: 43:80:6D:5A:B6:55:65:E5:09:E5:52:45:5A:6A:C3:67:D2:F2:95:B8
Certificate issuer: /CN=f1f4609d0d053aec0307da44b0e678c388f641a4
Certificate serial: 01856F9DF7C38556A4279E2B28D556446E43
Authority key identifier: F1:F4:60:9D:0D:05:3A:EC:03:07:DA:44:B0:E6:78:C3:88:F6:41:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/Q4BtWrZVZeUJ5VJFWmrDZ9Lylbg.roa
Signing time: Sun 01 Jan 2023 23:15:01 +0000
ROA not before: Sun 01 Jan 2023 23:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a13:2c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:f7:c3:85:56:a4:27:9e:2b:28:d5:56:44:6e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f4609d0d053aec0307da44b0e678c388f641a4
Validity
Not Before: Jan 1 23:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43806d5ab65565e509e552455a6ac367d2f295b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3f:4e:a0:3d:01:55:0b:00:24:ae:a7:d5:1c:
00:15:13:57:fb:34:e2:30:36:21:d7:b5:31:62:65:
ac:36:cd:88:02:3b:23:fe:2b:64:5a:ea:ab:95:fd:
6d:82:92:7a:2a:be:d4:1c:41:1b:ac:78:cf:6d:e3:
23:fe:f4:10:cb:cf:36:2f:78:8c:89:ec:9a:48:f2:
8a:d4:17:38:51:c7:d9:30:dd:af:c0:ba:e2:52:02:
bd:25:0e:53:7e:6d:82:33:3f:da:93:17:be:2f:6d:
d1:09:8d:5a:1a:09:cb:16:cb:ae:3c:dd:3a:3b:3b:
ab:5b:24:e2:71:2a:1a:89:80:07:bb:92:81:74:d6:
54:71:5e:a0:9d:a9:7b:28:32:a3:36:d8:4a:21:f8:
02:1c:76:40:fb:d9:b8:2f:6c:68:a8:6f:56:32:8c:
1e:06:32:09:a7:e6:dd:98:87:18:b8:be:50:e9:9d:
75:b8:04:6c:7e:47:34:ce:78:46:9f:82:4f:fe:b5:
cc:fb:f8:2d:6e:42:fa:05:b1:b9:0f:91:6a:38:16:
44:1f:b1:a5:d4:a1:f7:fd:cb:6d:5e:69:da:e9:48:
24:58:3e:5d:c3:18:9f:76:2e:6a:1f:84:19:7f:43:
5a:ab:d9:b9:f9:2e:f1:b8:14:7c:2c:39:04:37:36:
e1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:80:6D:5A:B6:55:65:E5:09:E5:52:45:5A:6A:C3:67:D2:F2:95:B8
X509v3 Authority Key Identifier:
keyid:F1:F4:60:9D:0D:05:3A:EC:03:07:DA:44:B0:E6:78:C3:88:F6:41:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/Q4BtWrZVZeUJ5VJFWmrDZ9Lylbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/9a18ad-087b-4d12-9f69-8cbf903e91cd/1/8fRgnQ0FOuwDB9pEsOZ4w4j2QaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
45:f9:00:a4:32:22:1d:76:bf:d0:c1:1a:60:7d:fe:bb:0f:20:
9c:04:f2:29:d4:e1:78:cd:ed:79:4b:3c:13:c9:56:05:b7:f4:
aa:2a:dd:de:56:bf:ef:36:3e:43:ea:44:98:30:9a:8b:02:4e:
42:62:e1:44:54:f3:b0:48:82:dc:52:b7:c7:1f:25:5d:01:a3:
4a:85:58:d0:12:58:a3:af:57:7e:03:62:19:0f:9f:e2:36:2d:
58:78:4a:8d:a2:7a:5e:75:05:35:01:a8:b6:81:d1:0a:4c:4b:
b7:d4:5a:4d:1f:c5:7a:fa:10:2e:c6:5c:f8:2a:1a:de:1f:f1:
c6:3f:4f:92:90:5f:2f:29:01:13:3f:2a:85:a2:df:a1:fb:d2:
7d:41:7d:bd:d4:81:f8:10:e2:74:31:db:39:a6:69:89:21:c6:
17:20:02:78:ff:01:19:df:fa:d7:32:60:8d:d9:51:55:05:e7:
2a:dd:60:0a:26:40:e3:37:ca:26:3d:e0:c7:84:09:0b:86:02:
7b:70:69:59:a3:e0:6f:c4:d3:ee:18:11:f7:39:c3:ee:fc:0f:
7d:16:78:3c:db:5d:5f:bd:76:22:10:71:fc:ab:24:82:69:f6:
b8:6f:cf:72:19:0d:81:8e:31:0d:47:e8:b9:44:75:7c:56:8a:
2f:f6:6f:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvnffDhVakJ54rKNVWRG5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjQ2MDlkMGQwNTNhZWMwMzA3ZGE0NGIwZTY3OGMzODhm
NjQxYTQwHhcNMjMwMTAxMjMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzgwNmQ1YWI2NTU2NWU1MDllNTUyNDU1YTZhYzM2N2QyZjI5NWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj9OoD0BVQsAJK6n1RwAFRNX+zTi
MDYh17UxYmWsNs2IAjsj/itkWuqrlf1tgpJ6Kr7UHEEbrHjPbeMj/vQQy882L3iM
ieyaSPKK1Bc4UcfZMN2vwLriUgK9JQ5Tfm2CMz/akxe+L23RCY1aGgnLFsuuPN06
OzurWyTicSoaiYAHu5KBdNZUcV6gnal7KDKjNthKIfgCHHZA+9m4L2xoqG9WMowe
BjIJp+bdmIcYuL5Q6Z11uARsfkc0znhGn4JP/rXM+/gtbkL6BbG5D5FqOBZEH7Gl
1KH3/cttXmna6UgkWD5dwxifdi5qH4QZf0Naq9m5+S7xuBR8LDkENzbheQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEOAbVq2VWXlCeVSRVpqw2fS8pW4MB8GA1UdIwQY
MBaAFPH0YJ0NBTrsAwfaRLDmeMOI9kGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZSZ25RMEZPdXdEQjlwRXNPWjR3NGoyUWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85YTE4YWQtMDg3Yi00ZDEyLTlmNjkt
OGNiZjkwM2U5MWNkLzEvUTRCdFdyWlZaZVVKNVZKRldtckRaOUx5bGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85YTE4YWQtMDg3Yi00ZDEyLTlmNjktOGNiZjkwM2U5MWNk
LzEvOGZSZ25RMEZPdXdEQjlwRXNPWjR3NGoyUWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhMCwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBF+QCkMiIddr/QwRpgff67DyCcBPIp1OF4ze15
SzwTyVYFt/SqKt3eVr/vNj5D6kSYMJqLAk5CYuFEVPOwSILcUrfHHyVdAaNKhVjQ
Elijr1d+A2IZD5/iNi1YeEqNonpedQU1Aai2gdEKTEu31FpNH8V6+hAuxlz4Khre
H/HGP0+SkF8vKQETPyqFot+h+9J9QX291IH4EOJ0Mds5pmmJIcYXIAJ4/wEZ3/rX
MmCN2VFVBecq3WAKJkDjN8omPeDHhAkLhgJ7cGlZo+BvxNPuGBH3OcPu/A99Fng8
211fvXYiEHH8qySCafa4b89yGQ2BjjENR+i5RHV8Voov9m8v
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:54 2024 by rpki-client on console-fra.rpki-client.org