Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/_QA-lcKGxBLbp6ojXXXxb8_vNys.roa
File: _QA-lcKGxBLbp6ojXXXxb8_vNys.roa (raw, json)
Hash identifier: +IndUO7XBOqAr1Mtgv0TtVDS0+2OR3+ojfMI5uRbdec=
Subject key identifier: FD:00:3E:95:C2:86:C4:12:DB:A7:AA:23:5D:75:F1:6F:CF:EF:37:2B
Certificate issuer: /CN=9e94d5bf3db7d6734dcf1be622d5fdee2fec3b8f
Certificate serial: 018B4947FB2E14A28FC8EC24DC842D2C7D3C
Authority key identifier: 9E:94:D5:BF:3D:B7:D6:73:4D:CF:1B:E6:22:D5:FD:EE:2F:EC:3B:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npTVvz231nNNzxvmItX97i_sO48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/_QA-lcKGxBLbp6ojXXXxb8_vNys.roa
Signing time: Thu 19 Oct 2023 18:52:15 +0000
ROA not before: Thu 19 Oct 2023 18:52:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206292
IP address blocks: 2001:67c:994::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:47:fb:2e:14:a2:8f:c8:ec:24:dc:84:2d:2c:7d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e94d5bf3db7d6734dcf1be622d5fdee2fec3b8f
Validity
Not Before: Oct 19 18:52:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd003e95c286c412dba7aa235d75f16fcfef372b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:23:ce:7c:72:23:09:c6:e4:2a:ef:86:46:f0:
3d:17:02:64:39:be:48:cf:a2:3f:1a:68:9c:5e:21:
25:bc:7e:d0:eb:4d:9f:96:06:ac:77:b0:83:52:a9:
5b:20:30:2c:66:e4:76:47:25:13:34:a1:66:d6:35:
19:65:66:d0:3c:b6:c8:00:81:39:39:52:53:38:eb:
55:eb:46:ca:41:32:ea:f8:54:57:04:e8:e1:f4:66:
d2:70:e5:45:0a:da:ee:8f:14:30:ba:58:d7:5c:0b:
ac:71:43:ed:de:35:17:97:55:de:b4:ce:86:29:98:
62:7d:5f:81:8f:e2:18:d3:65:4e:75:13:5a:e3:0a:
89:4a:8d:41:7d:b5:2c:07:75:ef:cf:9c:ee:e1:0d:
f7:4e:51:66:bf:bc:63:ca:c2:d4:59:e7:34:c2:76:
b2:27:99:04:c6:6f:ab:97:96:67:97:72:1c:26:f7:
b9:b2:0c:af:e8:87:e6:8c:cb:79:51:b7:6e:8f:2d:
64:3d:49:ea:da:6b:b1:78:fc:a3:cc:1f:61:2d:90:
e6:eb:31:85:a5:15:7a:cd:ac:ed:c8:b8:30:ee:07:
3c:6e:cd:ab:33:95:df:e4:2e:ee:71:d0:3d:e3:75:
34:1b:9b:64:f5:31:99:5b:2d:46:12:6c:28:87:46:
6c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:00:3E:95:C2:86:C4:12:DB:A7:AA:23:5D:75:F1:6F:CF:EF:37:2B
X509v3 Authority Key Identifier:
keyid:9E:94:D5:BF:3D:B7:D6:73:4D:CF:1B:E6:22:D5:FD:EE:2F:EC:3B:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npTVvz231nNNzxvmItX97i_sO48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/_QA-lcKGxBLbp6ojXXXxb8_vNys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/npTVvz231nNNzxvmItX97i_sO48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:994::/48
Signature Algorithm: sha256WithRSAEncryption
79:44:32:0a:86:43:7f:fa:18:33:d4:11:f6:23:e3:75:df:50:
8e:ac:a3:3c:25:7d:ad:42:b8:b9:19:ca:0e:72:30:7c:90:1d:
1e:fa:3e:88:77:05:31:59:ca:c3:e9:f3:5b:34:4e:5d:31:f5:
d8:1b:32:70:ae:11:64:34:15:e6:21:84:7a:e9:e3:e6:ea:5d:
90:b3:71:3c:4a:f5:dc:02:47:0e:20:63:34:24:09:82:74:6e:
12:d1:bd:44:11:de:da:3e:5c:97:d8:63:8d:7c:6b:12:2b:95:
e1:4e:ac:69:72:ce:69:b9:9d:f3:6d:ee:67:69:af:38:e7:1b:
81:89:25:c9:29:33:69:d6:a1:01:16:2c:53:6b:ee:12:bf:8d:
30:a5:54:1a:db:4d:e9:12:84:8e:a1:2f:a7:02:bc:a9:4c:c3:
06:b1:a9:01:57:d2:1d:71:05:da:ca:e2:30:03:4f:2b:11:b3:
15:75:e8:5c:ba:02:9c:c2:8c:90:f6:1b:2d:11:42:7f:0f:3c:
9e:b2:1b:9f:1e:1e:2e:64:da:14:07:78:4d:f0:48:e6:2f:26:
9e:7b:16:a5:b6:b9:97:96:2f:82:81:1b:f7:53:dc:2d:59:b9:
15:42:1e:dd:24:52:05:81:dd:b7:4e:aa:c2:b0:9f:8a:79:b3:
07:74:3b:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtJR/suFKKPyOwk3IQtLH08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTRkNWJmM2RiN2Q2NzM0ZGNmMWJlNjIyZDVmZGVlMmZl
YzNiOGYwHhcNMjMxMDE5MTg1MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAwM2U5NWMyODZjNDEyZGJhN2FhMjM1ZDc1ZjE2ZmNmZWYzNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSPOfHIjCcbkKu+GRvA9FwJkOb5I
z6I/GmicXiElvH7Q602flgasd7CDUqlbIDAsZuR2RyUTNKFm1jUZZWbQPLbIAIE5
OVJTOOtV60bKQTLq+FRXBOjh9GbScOVFCtrujxQwuljXXAuscUPt3jUXl1XetM6G
KZhifV+Bj+IY02VOdRNa4wqJSo1BfbUsB3Xvz5zu4Q33TlFmv7xjysLUWec0wnay
J5kExm+rl5Znl3IcJve5sgyv6IfmjMt5Ubdujy1kPUnq2muxePyjzB9hLZDm6zGF
pRV6zaztyLgw7gc8bs2rM5Xf5C7ucdA943U0G5tk9TGZWy1GEmwoh0ZsewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP0APpXChsQS26eqI1118W/P7zcrMB8GA1UdIwQY
MBaAFJ6U1b89t9ZzTc8b5iLV/e4v7DuPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBUVnZ6MjMxbk5Oenh2bUl0WDk3aV9zTzQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xMzgzYWEtMTA4Yi00NmVmLWFjOWUt
OWNlZTIzYTYwNTY2LzEvX1FBLWxjS0d4QkxicDZvalhYWHhiOF92TnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8xMzgzYWEtMTA4Yi00NmVmLWFjOWUtOWNlZTIzYTYwNTY2
LzEvbnBUVnZ6MjMxbk5Oenh2bUl0WDk3aV9zTzQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAmU
MA0GCSqGSIb3DQEBCwUAA4IBAQB5RDIKhkN/+hgz1BH2I+N131COrKM8JX2tQri5
GcoOcjB8kB0e+j6IdwUxWcrD6fNbNE5dMfXYGzJwrhFkNBXmIYR66ePm6l2Qs3E8
SvXcAkcOIGM0JAmCdG4S0b1EEd7aPlyX2GONfGsSK5XhTqxpcs5puZ3zbe5naa84
5xuBiSXJKTNp1qEBFixTa+4Sv40wpVQa203pEoSOoS+nArypTMMGsakBV9IdcQXa
yuIwA08rEbMVdehcugKcwoyQ9hstEUJ/DzyeshufHh4uZNoUB3hN8EjmLyaeexal
trmXli+CgRv3U9wtWbkVQh7dJFIFgd23TqrCsJ+KebMHdDvK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:42 2024 by rpki-client on console-fra.rpki-client.org