Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/qKd7aA-vRDT4sadPHss-f1F8k0E.roa
File: qKd7aA-vRDT4sadPHss-f1F8k0E.roa (raw, json)
Hash identifier: H9+e2v4bI8VqCYy5APsckLWSqpBUfukEbwDuJoppUN0=
Subject key identifier: A8:A7:7B:68:0F:AF:44:34:F8:B1:A7:4F:1E:CB:3E:7F:51:7C:93:41
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018E9BA76EF57822B4511D01BD86A1B2FD85
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/qKd7aA-vRDT4sadPHss-f1F8k0E.roa
Signing time: Mon 01 Apr 2024 21:53:45 +0000
ROA not before: Mon 01 Apr 2024 21:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215281
IP address blocks: 2a12:bec4:110::/44 maxlen: 44
Validation: Failed, certificate revoked on Tue 23 Apr 2024 07:34:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9b:a7:6e:f5:78:22:b4:51:1d:01:bd:86:a1:b2:fd:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Apr 1 21:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8a77b680faf4434f8b1a74f1ecb3e7f517c9341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d2:ba:d1:6d:35:85:21:2d:6a:4f:05:d1:98:
6b:11:25:5c:27:db:00:2b:0a:44:1b:f8:a0:3c:3d:
46:08:7a:b4:72:8e:5b:ef:df:c1:54:3f:8f:4c:63:
3e:fc:e3:55:4c:ac:7e:a2:64:7f:dd:8f:20:3d:6d:
07:67:f1:d6:6d:af:76:a3:08:0e:d9:5f:cf:1a:19:
a2:84:a7:98:35:cc:29:e5:63:56:26:d0:54:63:41:
6b:d7:69:f5:00:27:b8:7c:93:6e:aa:5a:ec:2d:3c:
80:a7:b1:f0:05:16:fd:db:0f:c9:2a:d4:36:db:31:
2c:c3:90:d3:99:17:32:8f:54:20:6e:a1:d6:fe:d6:
24:d8:bf:a6:99:af:db:86:cd:b8:f5:5d:00:aa:96:
46:a9:a9:a0:81:3b:6f:22:78:36:9a:ef:24:e1:6e:
33:22:f1:26:7c:1f:d9:3a:9d:98:e5:8b:a4:d5:ee:
71:b6:fb:3c:9b:61:3b:98:61:33:97:ce:a2:7c:66:
69:c6:8f:4a:23:9a:54:99:79:18:5f:01:87:b0:c1:
f4:9f:04:02:82:9d:db:e1:ac:44:02:29:45:b7:a6:
5f:f8:2f:71:5a:7f:1a:fd:30:a8:1e:13:22:0a:09:
4f:a4:85:87:5a:5b:05:ed:1f:11:20:5c:94:b0:19:
df:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A7:7B:68:0F:AF:44:34:F8:B1:A7:4F:1E:CB:3E:7F:51:7C:93:41
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/qKd7aA-vRDT4sadPHss-f1F8k0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:110::/44
Signature Algorithm: sha256WithRSAEncryption
b0:3a:56:1b:53:24:46:03:de:65:4e:00:20:a7:42:e5:da:d1:
c6:45:d3:3b:f8:68:dc:82:b1:83:6f:ce:76:df:97:6e:bf:ce:
81:9d:50:ce:c0:61:06:f7:76:de:73:1b:b6:4e:61:98:1e:ff:
49:f4:24:da:8c:0f:3f:82:b9:01:a2:0c:e0:36:05:47:9a:85:
09:8b:c8:44:92:13:a5:34:13:bb:3a:da:29:c4:7a:04:5c:90:
61:b1:b2:59:2c:e3:1c:ae:df:13:09:df:54:3f:c6:92:bf:f5:
40:86:31:2f:4c:e3:e0:a6:77:b4:96:9e:15:ef:f2:80:7c:79:
25:03:55:1e:47:df:22:d0:5c:54:da:01:1b:0a:7c:03:9c:7b:
72:a9:1d:e1:53:c0:d6:8d:6a:ef:41:cc:e3:2a:e0:79:b6:04:
fb:1e:26:91:67:d1:7b:b3:7a:de:fc:4d:df:c8:b8:53:fa:aa:
66:e1:32:20:0a:85:ed:ef:c2:d5:8c:dc:f0:9b:e5:20:2f:e0:
b4:4b:82:36:ba:bc:e5:09:54:11:d9:30:e7:2a:05:3f:71:4a:
86:d6:4a:67:c5:3e:fe:de:99:8c:98:20:4f:b2:bb:e0:f3:48:
4e:cb:ee:c1:40:5d:85:50:f6:68:2f:ea:23:42:1d:eb:f5:2c:
15:a9:ed:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY6bp271eCK0UR0BvYahsv2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwNDAxMjE1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE3N2I2ODBmYWY0NDM0ZjhiMWE3NGYxZWNiM2U3ZjUxN2M5MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtK60W01hSEtak8F0ZhrESVcJ9sA
KwpEG/igPD1GCHq0co5b79/BVD+PTGM+/ONVTKx+omR/3Y8gPW0HZ/HWba92owgO
2V/PGhmihKeYNcwp5WNWJtBUY0Fr12n1ACe4fJNuqlrsLTyAp7HwBRb92w/JKtQ2
2zEsw5DTmRcyj1QgbqHW/tYk2L+mma/bhs249V0AqpZGqamggTtvIng2mu8k4W4z
IvEmfB/ZOp2Y5Yuk1e5xtvs8m2E7mGEzl86ifGZpxo9KI5pUmXkYXwGHsMH0nwQC
gp3b4axEAilFt6Zf+C9xWn8a/TCoHhMiCglPpIWHWlsF7R8RIFyUsBnf7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKine2gPr0Q0+LGnTx7LPn9RfJNBMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvcUtkN2FBLXZSRFQ0c2FkUEhzcy1mMUY4azBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xAEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCwOlYbUyRGA95lTgAgp0Ll2tHGRdM7+GjcgrGD
b85235duv86BnVDOwGEG93becxu2TmGYHv9J9CTajA8/grkBogzgNgVHmoUJi8hE
khOlNBO7OtopxHoEXJBhsbJZLOMcrt8TCd9UP8aSv/VAhjEvTOPgpne0lp4V7/KA
fHklA1UeR98i0FxU2gEbCnwDnHtyqR3hU8DWjWrvQczjKuB5tgT7HiaRZ9F7s3re
/E3fyLhT+qpm4TIgCoXt78LVjNzwm+UgL+C0S4I2urzlCVQR2TDnKgU/cUqG1kpn
xT7+3pmMmCBPsrvg80hOy+7BQF2FUPZoL+ojQh3r9SwVqe3A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org