Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/q_UZVXrUcsJnOaihMih9cXXsbhY.roa
File: q_UZVXrUcsJnOaihMih9cXXsbhY.roa (raw, json)
Hash identifier: LUIJvovUj0b+B3rHk0bDvQ+XmnPspJixbReh/cTnngc=
Subject key identifier: AB:F5:19:55:7A:D4:72:C2:67:39:A8:A1:32:28:7D:71:75:EC:6E:16
Certificate issuer: /CN=1821cc908dfa91110d1119a6de1ec41e3ecff346
Certificate serial: 0193555D2D9018383D959CE1F534AB793E07
Authority key identifier: 18:21:CC:90:8D:FA:91:11:0D:11:19:A6:DE:1E:C4:1E:3E:CF:F3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GCHMkI36kRENERmm3h7EHj7P80Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/q_UZVXrUcsJnOaihMih9cXXsbhY.roa
Signing time: Fri 22 Nov 2024 19:33:09 +0000
ROA not before: Fri 22 Nov 2024 19:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215434
IP address blocks: 2a01:f0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:5d:2d:90:18:38:3d:95:9c:e1:f5:34:ab:79:3e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1821cc908dfa91110d1119a6de1ec41e3ecff346
Validity
Not Before: Nov 22 19:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abf519557ad472c26739a8a132287d7175ec6e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3f:50:12:8d:6d:f2:36:29:98:45:c8:2b:d8:
82:26:08:36:c0:14:f4:11:f3:ce:47:f2:6c:d9:37:
03:5b:f6:b9:12:30:ce:43:84:64:47:eb:17:1f:2c:
a6:94:e2:43:5d:b9:99:dd:d8:e1:b8:01:a5:77:4e:
39:19:93:e6:01:35:47:09:64:fe:82:a5:a3:3d:f8:
94:5e:d6:25:ba:73:30:c3:df:b3:4a:c8:da:6f:8b:
55:8a:02:83:a9:81:d0:1c:a6:f7:a7:fc:08:b4:40:
0b:3f:79:22:dd:74:d7:05:76:1a:20:2b:1b:87:b1:
24:2c:93:91:8b:83:27:95:95:a2:8e:af:35:00:13:
8d:0d:2c:e5:98:85:ca:c1:eb:29:7f:78:3e:f8:d9:
ae:6a:b3:e7:f3:e3:70:c5:c5:6e:20:b8:37:de:b0:
95:82:1a:13:6c:93:97:d9:c1:21:4f:5c:64:22:10:
c7:e7:98:9a:51:16:af:ed:53:57:47:4b:3d:53:e4:
0c:f1:cf:12:c6:18:00:4a:67:7a:9e:19:c5:b8:cf:
f5:94:91:07:a8:8a:7f:bc:07:60:7b:a7:a5:00:db:
04:b5:20:b0:7a:d9:88:1f:11:51:be:dc:9f:4d:d0:
19:08:aa:c1:47:c7:c4:d5:fc:3a:13:36:9f:c6:af:
61:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F5:19:55:7A:D4:72:C2:67:39:A8:A1:32:28:7D:71:75:EC:6E:16
X509v3 Authority Key Identifier:
keyid:18:21:CC:90:8D:FA:91:11:0D:11:19:A6:DE:1E:C4:1E:3E:CF:F3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GCHMkI36kRENERmm3h7EHj7P80Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/q_UZVXrUcsJnOaihMih9cXXsbhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/456c62-4746-41e0-8044-920599f52637/1/GCHMkI36kRENERmm3h7EHj7P80Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:7a:b7:fa:8b:ad:fc:5d:e5:f2:81:31:39:64:90:d2:36:16:
fb:52:66:42:a6:65:37:72:4c:80:fa:80:88:e8:65:1b:54:02:
24:c4:80:08:c2:72:44:e3:62:e4:88:06:99:74:79:5c:89:07:
d0:87:58:f9:30:1a:b5:ae:95:0a:01:4f:01:f2:e5:72:f8:b0:
4b:b8:ec:e6:66:c0:8f:e0:1b:ef:04:b0:8b:2c:93:52:4b:fe:
5b:f4:d5:2b:f2:ee:f7:95:24:30:97:b0:9e:13:3d:20:c9:a8:
48:af:00:9a:46:25:c5:db:b4:7a:6a:ed:a9:d1:c5:41:38:51:
db:10:11:0b:c3:5f:e5:b8:15:11:65:7d:8f:81:9c:74:56:c4:
67:24:41:94:6b:39:31:fc:cf:bf:fc:83:cf:40:c9:6a:37:7d:
57:dc:d1:1c:60:07:8c:b2:6e:57:b7:68:60:99:70:bd:54:04:
ac:bf:8c:ab:f2:4a:fa:a9:4b:94:ac:eb:f1:7e:f3:19:38:f5:
f7:8a:d0:6b:45:36:46:f3:fc:35:32:88:8c:f2:79:53:aa:61:
fb:5e:f2:64:c0:9e:95:98:22:96:f6:b9:b2:82:ff:3e:7b:93:
c3:c6:06:b8:e3:c4:12:50:d9:4a:d8:a9:9d:2e:e0:a4:30:33:
26:9c:6e:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNVXS2QGDg9lZzh9TSreT4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MjFjYzkwOGRmYTkxMTEwZDExMTlhNmRlMWVjNDFlM2Vj
ZmYzNDYwHhcNMjQxMTIyMTkzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmY1MTk1NTdhZDQ3MmMyNjczOWE4YTEzMjI4N2Q3MTc1ZWM2ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD9QEo1t8jYpmEXIK9iCJgg2wBT0
EfPOR/Js2TcDW/a5EjDOQ4RkR+sXHyymlOJDXbmZ3djhuAGld045GZPmATVHCWT+
gqWjPfiUXtYlunMww9+zSsjab4tVigKDqYHQHKb3p/wItEALP3ki3XTXBXYaICsb
h7EkLJORi4MnlZWijq81ABONDSzlmIXKwespf3g++NmuarPn8+NwxcVuILg33rCV
ghoTbJOX2cEhT1xkIhDH55iaURav7VNXR0s9U+QM8c8SxhgASmd6nhnFuM/1lJEH
qIp/vAdge6elANsEtSCwetmIHxFRvtyfTdAZCKrBR8fE1fw6Ezafxq9hMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKv1GVV61HLCZzmooTIofXF17G4WMB8GA1UdIwQY
MBaAFBghzJCN+pERDREZpt4exB4+z/NGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0NITWtJMzZrUkVORVJtbTNoN0VIajdQODBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80NTZjNjItNDc0Ni00MWUwLTgwNDQt
OTIwNTk5ZjUyNjM3LzEvcV9VWlZYclVjc0puT2FpaE1paDljWFhzYmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC80NTZjNjItNDc0Ni00MWUwLTgwNDQtOTIwNTk5ZjUyNjM3
LzEvR0NITWtJMzZrUkVORVJtbTNoN0VIajdQODBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHwwDAN
BgkqhkiG9w0BAQsFAAOCAQEAF3q3+out/F3l8oExOWSQ0jYW+1JmQqZlN3JMgPqA
iOhlG1QCJMSACMJyRONi5IgGmXR5XIkH0IdY+TAata6VCgFPAfLlcviwS7js5mbA
j+Ab7wSwiyyTUkv+W/TVK/Lu95UkMJewnhM9IMmoSK8AmkYlxdu0emrtqdHFQThR
2xARC8Nf5bgVEWV9j4GcdFbEZyRBlGs5MfzPv/yDz0DJajd9V9zRHGAHjLJuV7do
YJlwvVQErL+Mq/JK+qlLlKzr8X7zGTj194rQa0U2RvP8NTKIjPJ5U6ph+17yZMCe
lZgilva5soL/PnuTw8YGuOPEElDZStipnS7gpDAzJpxulQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:03:49 2025 by rpki-client