Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/QPiXaqwud5-Pm1DDoioMbNyZd-E.roa
File: QPiXaqwud5-Pm1DDoioMbNyZd-E.roa (raw, json)
Hash identifier: ZHLDer5Q4ejlDgfH6uaIzigxVa2PLHvdMo879uWa4gw=
Subject key identifier: 40:F8:97:6A:AC:2E:77:9F:8F:9B:50:C3:A2:2A:0C:6C:DC:99:77:E1
Certificate issuer: /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial: 018E615E2ADBCC4BD1CE80777AA2E01CF660
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/QPiXaqwud5-Pm1DDoioMbNyZd-E.roa
Signing time: Thu 21 Mar 2024 14:15:45 +0000
ROA not before: Thu 21 Mar 2024 14:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60504
IP address blocks: 2a13:82c0::/32 maxlen: 32
2a13:82c1::/32 maxlen: 32
2a13:82c2::/32 maxlen: 32
2a13:82c4:1::/48 maxlen: 48
2a13:82c4:2::/48 maxlen: 48
2a13:82c4:3::/48 maxlen: 48
2a13:82c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Apr 2024 09:35:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:5e:2a:db:cc:4b:d1:ce:80:77:7a:a2:e0:1c:f6:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Validity
Not Before: Mar 21 14:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40f8976aac2e779f8f9b50c3a22a0c6cdc9977e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:55:3b:9b:61:73:49:ba:97:d8:ec:77:3e:9c:
65:c2:91:0b:65:9a:c7:aa:8a:42:be:18:d2:90:f1:
14:86:06:02:6c:1f:a5:1f:c1:c4:4e:02:7f:b9:19:
6a:c3:ee:0f:cd:3f:59:f1:f3:97:7f:32:91:cc:c0:
1b:02:75:66:d1:87:02:8a:f1:29:3e:06:f4:71:bf:
1c:db:76:82:d3:8c:8d:99:68:4c:cb:f7:9a:33:bd:
88:87:9f:4d:2d:05:a8:f0:4f:68:29:ba:b7:f4:dd:
6c:86:a2:c1:58:a5:25:b8:4b:19:5e:da:30:5a:64:
6a:fc:74:c0:c9:21:94:42:ce:a8:aa:fc:5b:b7:53:
cd:ae:f7:37:87:38:95:94:66:6a:af:63:6c:83:0c:
56:a9:a9:27:6b:48:d7:23:c3:51:88:a6:8d:ae:a2:
fe:df:01:29:52:41:4d:f9:f6:d1:2e:28:37:9b:ec:
fa:b9:b2:59:12:d4:58:a7:0f:a0:7d:2b:cc:b5:87:
48:e9:aa:d6:1b:4b:53:e3:8c:64:51:ae:0c:23:47:
29:c5:85:20:eb:6f:03:e0:da:f1:b3:b2:ce:fe:b5:
7a:ab:93:38:bc:60:f0:08:9e:38:9b:19:72:67:e0:
33:a6:c4:78:74:74:20:3f:50:b4:fa:b3:ad:36:25:
2b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F8:97:6A:AC:2E:77:9F:8F:9B:50:C3:A2:2A:0C:6C:DC:99:77:E1
X509v3 Authority Key Identifier:
keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/QPiXaqwud5-Pm1DDoioMbNyZd-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:82c0::-2a13:82c2:ffff:ffff:ffff:ffff:ffff:ffff
2a13:82c4:1::-2a13:82c4:3:ffff:ffff:ffff:ffff:ffff
2a13:82c7::/32
Signature Algorithm: sha256WithRSAEncryption
76:89:f8:6a:b3:52:97:b2:62:50:bb:8a:4e:d8:a3:b6:a1:f7:
83:6f:15:40:90:06:ad:ea:23:79:f7:e6:36:65:27:bb:15:a1:
03:e3:dd:f4:ac:54:71:75:0f:bf:8d:14:2f:0f:5e:fd:e4:7d:
43:d6:00:44:ce:72:25:57:81:fe:15:64:0d:54:15:f9:4b:bb:
e7:f8:53:82:55:48:ee:a9:8a:3b:c1:8b:7a:7f:2d:61:ca:b6:
7c:9a:1a:12:6b:75:12:5a:4b:dd:19:3d:d5:25:01:64:f2:39:
f5:1d:fc:c4:08:36:67:8b:f1:81:ad:a0:3a:41:11:68:5d:e4:
dc:da:f4:13:61:49:2f:ac:71:d9:da:fb:97:11:4b:3e:29:04:
91:b6:1a:7d:bb:84:ee:a0:d7:9d:be:97:eb:1e:88:a5:32:e9:
a7:78:1c:d6:aa:26:0f:82:45:75:d5:8b:28:6f:f4:00:43:81:
9d:ed:8b:05:6d:39:4c:0e:8e:e4:a3:3b:97:2d:db:6f:83:ea:
12:47:0c:40:0f:d4:05:a7:fc:1a:cb:47:62:08:f0:7a:d6:e1:
42:9c:4d:b9:e6:6c:1d:24:ea:0b:86:b4:f2:75:5a:db:bf:ab:
db:25:76:7b:dc:83:bf:9d:d4:0c:99:f7:f8:93:ec:e7:49:cc:
f2:08:15:92
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY5hXirbzEvRzoB3eqLgHPZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjQwMzIxMTQxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGY4OTc2YWFjMmU3NzlmOGY5YjUwYzNhMjJhMGM2Y2RjOTk3N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVU7m2FzSbqX2Ox3PpxlwpELZZrH
qopCvhjSkPEUhgYCbB+lH8HETgJ/uRlqw+4PzT9Z8fOXfzKRzMAbAnVm0YcCivEp
Pgb0cb8c23aC04yNmWhMy/eaM72Ih59NLQWo8E9oKbq39N1shqLBWKUluEsZXtow
WmRq/HTAySGUQs6oqvxbt1PNrvc3hziVlGZqr2NsgwxWqakna0jXI8NRiKaNrqL+
3wEpUkFN+fbRLig3m+z6ubJZEtRYpw+gfSvMtYdI6arWG0tT44xkUa4MI0cpxYUg
628D4Nrxs7LO/rV6q5M4vGDwCJ44mxlyZ+AzpsR4dHQgP1C0+rOtNiUrVwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFED4l2qsLnefj5tQw6IqDGzcmXfhMB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvUVBpWGFxd3VkNS1QbTFERG9pb01iTnlaZC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAAjArMA4DBQYqE4LA
AwUAKhOCwjASAwcAKhOCxAABAwcCKhOCxAAAAwUAKhOCxzANBgkqhkiG9w0BAQsF
AAOCAQEAdon4arNSl7JiULuKTtijtqH3g28VQJAGreojeffmNmUnuxWhA+Pd9KxU
cXUPv40ULw9e/eR9Q9YARM5yJVeB/hVkDVQV+Uu75/hTglVI7qmKO8GLen8tYcq2
fJoaEmt1ElpL3Rk91SUBZPI59R38xAg2Z4vxga2gOkERaF3k3Nr0E2FJL6xx2dr7
lxFLPikEkbYafbuE7qDXnb6X6x6IpTLpp3gc1qomD4JFddWLKG/0AEOBne2LBW05
TA6O5KM7ly3bb4PqEkcMQA/UBaf8GstHYgjwetbhQpxNueZsHSTqC4a08nVa27+r
2yV2e9yDv53UDJn3+JPs50nM8ggVkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org