Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Q3kgCy3lgazaTOnaV11JzClGMlY.roa
File: Q3kgCy3lgazaTOnaV11JzClGMlY.roa (raw, json)
Hash identifier: RrLC+rmhjv7ueEaqTmkQKIyhz7Ef1NmLtT+C1A1T/mc=
Subject key identifier: 43:79:20:0B:2D:E5:81:AC:DA:4C:E9:DA:57:5D:49:CC:29:46:32:56
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C48C3DF0353572DA3640253FAD6A3
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Q3kgCy3lgazaTOnaV11JzClGMlY.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 2a12:bec4:1651::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 Jan 2025 10:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:48:c3:df:03:53:57:2d:a3:64:02:53:fa:d6:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4379200b2de581acda4ce9da575d49cc29463256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e5:da:d3:29:e2:d7:c7:35:a0:66:ba:c7:fe:
99:3b:db:32:b2:8f:87:04:1d:05:2a:9a:cd:51:ef:
56:68:7e:f0:c8:c4:86:9b:67:4b:75:8c:d4:9f:80:
1f:6b:6b:bb:7c:98:b2:e1:2c:df:ad:c1:b1:39:ba:
e9:4b:7e:d8:02:d8:66:58:78:96:5b:70:ae:d0:02:
29:57:be:bb:3a:a2:cb:0f:b6:f4:af:e2:25:70:30:
28:93:5e:48:f9:fa:79:de:04:3a:b3:65:3b:b5:a4:
e9:af:8c:58:91:af:87:3a:70:2f:24:af:3a:36:50:
88:2a:51:35:cf:bc:0e:dc:d7:ff:93:57:2a:b8:9b:
03:56:bb:a7:2a:64:58:4b:a2:51:ae:77:b2:01:d7:
61:3e:e0:11:50:75:03:31:eb:b9:82:92:53:6d:67:
af:7e:b1:c4:c3:75:f8:2d:02:74:61:58:c2:19:96:
d5:b2:24:74:c3:93:1a:11:cf:c6:07:c2:45:88:15:
66:8d:35:b4:e0:85:4d:f6:4f:03:97:0e:73:7a:66:
a1:ef:53:30:f8:06:cd:f8:68:8a:4e:0d:90:22:4f:
7d:f2:2e:55:a5:e6:c5:b2:38:46:55:19:d6:72:d4:
c1:f9:2d:1a:5d:c7:c3:8e:b7:47:63:e6:17:12:ec:
56:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:79:20:0B:2D:E5:81:AC:DA:4C:E9:DA:57:5D:49:CC:29:46:32:56
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Q3kgCy3lgazaTOnaV11JzClGMlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1651::/48
Signature Algorithm: sha256WithRSAEncryption
1b:a8:8f:20:9d:20:5a:ba:1e:9e:ee:e4:9e:fd:3b:b0:fe:73:
9f:e0:ef:1d:21:df:79:0e:b4:30:ea:b5:d1:44:8b:7c:3a:86:
df:0a:44:9a:0c:d8:09:64:4c:7e:e4:f6:bd:c0:13:40:8c:99:
c8:34:a7:8d:02:99:3f:91:d9:d4:e4:fd:4a:b6:6d:41:40:4d:
a1:98:1c:fb:6c:fe:25:28:62:d6:56:ca:5e:4a:74:ce:20:36:
17:cb:79:cb:bb:cb:d7:18:83:37:62:c7:a9:f5:d0:49:90:92:
73:b1:f0:22:f0:e1:b2:6a:7c:6b:be:c9:af:c9:54:e5:d3:3b:
9a:67:28:12:b5:86:38:1c:59:e7:d0:91:e9:7d:e4:df:e2:3b:
22:78:6b:67:47:be:bd:d9:83:98:bb:aa:17:50:50:43:6d:bf:
0e:3b:38:62:0d:06:1d:81:77:63:f7:8d:d9:a2:23:73:2a:c3:
85:18:45:75:06:17:36:54:00:c5:6d:93:56:7d:2b:60:fa:d6:
ce:24:61:94:d5:dc:54:9b:50:59:d5:3a:90:01:8f:64:90:84:
5e:47:b9:84:26:51:3a:68:a8:c5:a0:27:7c:9c:7c:18:c9:bb:
d7:c4:a8:53:fa:c5:d2:78:3a:3d:79:b4:46:8c:52:a3:ff:5f:
ef:be:fe:fe
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjEjD3wNTVy2jZAJT+tajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc5MjAwYjJkZTU4MWFjZGE0Y2U5ZGE1NzVkNDljYzI5NDYzMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOXa0yni18c1oGa6x/6ZO9syso+H
BB0FKprNUe9WaH7wyMSGm2dLdYzUn4Afa2u7fJiy4SzfrcGxObrpS37YAthmWHiW
W3Cu0AIpV767OqLLD7b0r+IlcDAok15I+fp53gQ6s2U7taTpr4xYka+HOnAvJK86
NlCIKlE1z7wO3Nf/k1cquJsDVrunKmRYS6JRrneyAddhPuARUHUDMeu5gpJTbWev
frHEw3X4LQJ0YVjCGZbVsiR0w5MaEc/GB8JFiBVmjTW04IVN9k8Dlw5zemah71Mw
+AbN+GiKTg2QIk998i5VpebFsjhGVRnWctTB+S0aXcfDjrdHY+YXEuxW3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEN5IAst5YGs2kzp2lddScwpRjJWMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvUTNrZ0N5M2xnYXphVE9uYVYxMUp6Q2xHTWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhK+xBZR
MA0GCSqGSIb3DQEBCwUAA4IBAQAbqI8gnSBauh6e7uSe/Tuw/nOf4O8dId95DrQw
6rXRRIt8OobfCkSaDNgJZEx+5Pa9wBNAjJnINKeNApk/kdnU5P1Ktm1BQE2hmBz7
bP4lKGLWVspeSnTOIDYXy3nLu8vXGIM3Ysep9dBJkJJzsfAi8OGyanxrvsmvyVTl
0zuaZygStYY4HFnn0JHpfeTf4jsieGtnR7692YOYu6oXUFBDbb8OOzhiDQYdgXdj
943ZoiNzKsOFGEV1Bhc2VADFbZNWfStg+tbOJGGU1dxUm1BZ1TqQAY9kkIReR7mE
JlE6aKjFoCd8nHwYybvXxKhT+sXSeDo9ebRGjFKj/1/vvv7+
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:41:03 2025 by rpki-client