Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/QwnobyMnYlkoNgW27-p9AQZslpM.roa
File: QwnobyMnYlkoNgW27-p9AQZslpM.roa (raw, json)
Hash identifier: /Gy2Ylpon4TU05MwPATHA3wcs8lffPLj9e7RwAWTe28=
Subject key identifier: 43:09:E8:6F:23:27:62:59:28:36:05:B6:EF:EA:7D:01:06:6C:96:93
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0192DD079EBCF0D9776AB29DCE98297A3DF3
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/QwnobyMnYlkoNgW27-p9AQZslpM.roa
Signing time: Wed 30 Oct 2024 10:45:17 +0000
ROA not before: Wed 30 Oct 2024 10:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213943
IP address blocks: 2a12:7a40:4200::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 31 Oct 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:07:9e:bc:f0:d9:77:6a:b2:9d:ce:98:29:7a:3d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Oct 30 10:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4309e86f23276259283605b6efea7d01066c9693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b1:97:ba:e6:d2:08:21:39:1f:b7:70:68:99:
a3:c7:65:f0:4f:9e:b9:25:c0:0d:33:ad:57:5e:ca:
6c:5c:f6:47:a0:44:8b:3e:16:c5:ae:47:82:b7:3e:
1b:fb:6d:a9:4b:d3:19:10:47:8b:01:5c:8a:c5:89:
b6:cf:f7:f5:9c:50:f3:13:87:c0:7e:5e:e7:4e:c1:
a1:62:13:3f:be:10:d0:b3:8e:2e:12:a6:b5:4c:39:
df:66:60:06:6c:47:25:10:bd:62:a3:50:98:2b:47:
3c:3d:04:fe:58:c5:e9:06:67:bf:6b:e2:2a:64:43:
3a:6a:74:d1:00:c6:44:74:d0:98:55:8d:32:27:ef:
c3:d0:11:cc:1f:28:2e:3e:6d:b3:ae:d1:cb:1e:2a:
a2:f0:29:fb:ce:20:c2:f9:c9:8e:af:f1:74:9e:3c:
c7:bb:9f:eb:1d:8b:18:d6:7a:07:a0:a6:3e:54:c0:
3f:bd:4d:8e:bc:01:83:5f:30:e0:d2:a5:df:40:e2:
67:f8:d5:2c:3a:89:c4:ba:d1:27:a4:c2:62:92:a0:
59:0b:92:06:fa:c2:c3:0e:36:e1:db:92:4f:7e:ab:
20:ef:fb:93:09:99:48:61:90:d2:27:e5:f2:5c:a6:
7e:95:cb:0e:06:79:5c:34:09:10:4a:96:71:82:64:
b5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:09:E8:6F:23:27:62:59:28:36:05:B6:EF:EA:7D:01:06:6C:96:93
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/QwnobyMnYlkoNgW27-p9AQZslpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:4200::/44
Signature Algorithm: sha256WithRSAEncryption
41:22:bf:4a:66:f5:8d:62:3f:19:48:c3:29:88:3c:b3:26:7e:
5e:06:72:ab:65:4c:dc:ed:b9:c8:09:bf:d4:57:bd:3c:50:1f:
dd:42:fe:9c:33:0f:9a:65:34:aa:45:30:fe:ef:19:a4:cc:a1:
83:9c:f7:af:72:07:92:72:a8:b9:84:c0:cc:9f:13:71:93:b8:
c9:92:f6:fe:fe:d7:8a:de:46:32:ef:6f:c8:3f:f6:36:bd:9f:
93:58:ae:7a:83:4c:9c:8f:f1:21:a1:ed:d9:1f:05:a0:81:03:
b3:41:06:7a:ee:fd:6d:88:d8:c4:5d:f1:51:4c:0f:02:23:23:
17:a2:cd:85:06:a0:a7:ec:e8:32:13:25:af:78:14:4b:88:f5:
d4:ff:9e:56:62:de:67:91:c8:80:e4:e8:12:03:c7:c1:29:9e:
b8:a3:33:bd:0f:61:0e:3f:b8:4d:cb:c6:b4:3f:fc:65:7a:8a:
16:10:97:34:8e:4a:f0:61:cd:e8:a3:5d:88:b3:64:4b:67:b0:
6e:38:9e:24:a5:08:a9:70:03:a9:de:da:b9:d2:52:56:cc:45:
43:1e:24:99:2a:3b:ec:4e:63:49:1f:6c:d0:18:6c:ab:ef:87:
cb:d9:c9:3e:1b:3c:b2:9f:4e:b9:6f:f4:6f:f8:c4:aa:34:8c:
87:ef:0a:4b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZLdB5688Nl3arKdzpgpej3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMDMwMTA0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzA5ZTg2ZjIzMjc2MjU5MjgzNjA1YjZlZmVhN2QwMTA2NmM5NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLGXuubSCCE5H7dwaJmjx2XwT565
JcANM61XXspsXPZHoESLPhbFrkeCtz4b+22pS9MZEEeLAVyKxYm2z/f1nFDzE4fA
fl7nTsGhYhM/vhDQs44uEqa1TDnfZmAGbEclEL1io1CYK0c8PQT+WMXpBme/a+Iq
ZEM6anTRAMZEdNCYVY0yJ+/D0BHMHyguPm2zrtHLHiqi8Cn7ziDC+cmOr/F0njzH
u5/rHYsY1noHoKY+VMA/vU2OvAGDXzDg0qXfQOJn+NUsOonEutEnpMJikqBZC5IG
+sLDDjbh25JPfqsg7/uTCZlIYZDSJ+XyXKZ+lcsOBnlcNAkQSpZxgmS1BwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEMJ6G8jJ2JZKDYFtu/qfQEGbJaTMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvUXdub2J5TW5ZbGtvTmdXMjctcDlBUVpzbHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhJ6QEIA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBIr9KZvWNYj8ZSMMpiDyzJn5eBnKrZUzc7bnI
Cb/UV708UB/dQv6cMw+aZTSqRTD+7xmkzKGDnPevcgeScqi5hMDMnxNxk7jJkvb+
/teK3kYy72/IP/Y2vZ+TWK56g0ycj/Ehoe3ZHwWggQOzQQZ67v1tiNjEXfFRTA8C
IyMXos2FBqCn7OgyEyWveBRLiPXU/55WYt5nkciA5OgSA8fBKZ64ozO9D2EOP7hN
y8a0P/xleooWEJc0jkrwYc3oo12Is2RLZ7BuOJ4kpQipcAOp3tq50lJWzEVDHiSZ
KjvsTmNJH2zQGGyr74fL2ck+Gzyyn065b/Rv+MSqNIyH7wpL
-----END CERTIFICATE-----
Generated at Thu Oct 31 19:17:34 2024 by rpki-client on console-ams.rpki-client.org