Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/RQOO69-rU5D3WRDccdLd5sG19Nw.roa
File: RQOO69-rU5D3WRDccdLd5sG19Nw.roa (raw, json)
Hash identifier: h67WqOet1nrMC2YOY8g3HdkIq7qOaXH3C3nUlrwp6Qs=
Subject key identifier: 45:03:8E:EB:DF:AB:53:90:F7:59:10:DC:71:D2:DD:E6:C1:B5:F4:DC
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0193568E0D521CBD570861E056E67525CDBA
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/RQOO69-rU5D3WRDccdLd5sG19Nw.roa
Signing time: Sat 23 Nov 2024 01:06:10 +0000
ROA not before: Sat 23 Nov 2024 01:06:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a12:bec4:1651::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:56:8e:0d:52:1c:bd:57:08:61:e0:56:e6:75:25:cd:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Nov 23 01:06:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45038eebdfab5390f75910dc71d2dde6c1b5f4dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:80:91:33:be:1a:ca:5b:80:7a:a7:01:02:
80:8f:02:14:fb:db:44:83:94:a5:cf:97:b3:76:4a:
ff:67:cd:3e:b6:4d:dd:a3:38:33:a7:d4:e9:4c:aa:
87:30:c3:68:aa:6a:6b:fb:ce:63:82:9b:18:48:b4:
c4:db:9a:17:b8:4e:02:d2:8a:9a:98:ab:c1:87:a4:
6e:28:1f:96:fa:a2:4a:61:72:92:a6:a2:73:35:df:
5d:a3:92:5a:59:c1:14:0f:1e:d5:c7:99:e5:48:dc:
29:5b:4a:bc:41:b2:ce:73:e7:0f:f9:97:68:08:91:
7f:06:93:fa:5d:9b:37:24:25:0e:c6:da:19:2d:a1:
94:30:10:07:bf:75:89:c6:16:29:74:0f:bf:b9:af:
d9:4c:7f:4d:55:f6:05:6f:a3:16:9b:ba:5e:7d:91:
8f:93:0b:67:d4:dd:13:0a:3a:19:2b:d2:4f:29:2e:
44:56:66:e1:e9:27:fa:fe:35:76:19:78:35:f1:a3:
02:c7:bf:14:4f:0c:6a:9d:7e:1d:69:e2:41:1f:12:
e4:e4:e8:84:d4:20:01:8c:e1:e7:8a:c9:9d:ae:0c:
3e:db:a1:03:3b:d4:ed:a5:03:17:40:62:7b:59:4f:
cb:84:b4:79:66:51:80:03:89:d3:4a:05:bf:b2:ea:
c0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:03:8E:EB:DF:AB:53:90:F7:59:10:DC:71:D2:DD:E6:C1:B5:F4:DC
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/RQOO69-rU5D3WRDccdLd5sG19Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1651::/48
Signature Algorithm: sha256WithRSAEncryption
95:1e:d2:9e:c8:d1:58:f5:0d:ed:0f:17:88:85:47:b1:ab:fb:
88:5c:db:19:51:59:06:eb:52:35:49:32:bd:7e:8f:7e:5c:8d:
47:1f:5c:b6:0c:28:56:d0:3c:e8:e1:5a:71:1d:11:0a:b4:38:
18:97:7a:75:72:c4:48:c4:65:42:dd:d8:04:8e:a7:96:d8:8d:
70:89:81:39:0b:c6:1b:6b:dc:70:81:0f:c4:63:84:99:6f:79:
b6:44:e3:9e:35:9b:70:4b:fe:bc:72:60:1c:c3:1e:b2:5f:df:
e0:c6:b3:57:3f:b7:e9:4d:70:85:7b:b0:f5:34:24:33:11:d7:
c0:61:10:15:98:71:39:bc:12:a5:05:38:f7:ff:9f:67:aa:8e:
61:90:1e:32:ec:ef:9c:96:00:e2:af:44:26:70:d8:55:1b:d1:
d4:5b:0c:ba:dc:2c:e0:a6:56:da:d1:f4:d5:d7:30:e4:a3:da:
aa:6e:fe:d7:dd:de:ac:55:b7:4b:96:7b:8f:0d:ae:b1:13:86:
d5:3c:83:f9:c6:34:66:57:8b:ea:5d:d9:39:4f:8d:2e:dc:7c:
b9:03:ee:ff:20:2e:ca:79:58:ec:64:2a:51:ee:37:7a:4f:89:
e4:1c:ce:6e:66:56:6a:f8:63:f6:30:c1:5e:d2:df:a4:55:54:
9d:a3:f7:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZNWjg1SHL1XCGHgVuZ1Jc26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQxMTIzMDEwNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTAzOGVlYmRmYWI1MzkwZjc1OTEwZGM3MWQyZGRlNmMxYjVmNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGiAkTO+GspbgHqnAQKAjwIU+9tE
g5Slz5ezdkr/Z80+tk3dozgzp9TpTKqHMMNoqmpr+85jgpsYSLTE25oXuE4C0oqa
mKvBh6RuKB+W+qJKYXKSpqJzNd9do5JaWcEUDx7Vx5nlSNwpW0q8QbLOc+cP+Zdo
CJF/BpP6XZs3JCUOxtoZLaGUMBAHv3WJxhYpdA+/ua/ZTH9NVfYFb6MWm7pefZGP
kwtn1N0TCjoZK9JPKS5EVmbh6Sf6/jV2GXg18aMCx78UTwxqnX4daeJBHxLk5OiE
1CABjOHnismdrgw+26EDO9TtpQMXQGJ7WU/LhLR5ZlGAA4nTSgW/surAAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEUDjuvfq1OQ91kQ3HHS3ebBtfTcMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvUlFPTzY5LXJVNUQzV1JEY2NkTGQ1c0cxOU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhK+xBZR
MA0GCSqGSIb3DQEBCwUAA4IBAQCVHtKeyNFY9Q3tDxeIhUexq/uIXNsZUVkG61I1
STK9fo9+XI1HH1y2DChW0Dzo4VpxHREKtDgYl3p1csRIxGVC3dgEjqeW2I1wiYE5
C8Yba9xwgQ/EY4SZb3m2ROOeNZtwS/68cmAcwx6yX9/gxrNXP7fpTXCFe7D1NCQz
EdfAYRAVmHE5vBKlBTj3/59nqo5hkB4y7O+clgDir0QmcNhVG9HUWwy63Czgplba
0fTV1zDko9qqbv7X3d6sVbdLlnuPDa6xE4bVPIP5xjRmV4vqXdk5T40u3Hy5A+7/
IC7KeVjsZCpR7jd6T4nkHM5uZlZq+GP2MMFe0t+kVVSdo/dN
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:11:13 2025 by rpki-client