Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QNAc_RTr9_H6C5SCPZnrF7YniZU.roa
File: QNAc_RTr9_H6C5SCPZnrF7YniZU.roa (raw, json)
Hash identifier: SgFe5Yn5l8RbEVB3+Q0bP/AKIgbzmPmMRH0r2qgeEFY=
Subject key identifier: 40:D0:1C:FD:14:EB:F7:F1:FA:0B:94:82:3D:99:EB:17:B6:27:89:95
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019095B34DDB66F71C725D40E4A07EC4D265
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QNAc_RTr9_H6C5SCPZnrF7YniZU.roa
Signing time: Tue 09 Jul 2024 04:14:34 +0000
ROA not before: Tue 09 Jul 2024 04:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jul 2024 05:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:95:b3:4d:db:66:f7:1c:72:5d:40:e4:a0:7e:c4:d2:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 9 04:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40d01cfd14ebf7f1fa0b94823d99eb17b6278995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7e:45:66:62:4e:15:56:8a:54:5b:69:64:83:
7f:ef:2a:59:81:77:72:3b:15:8b:f1:38:05:3a:76:
b7:f3:58:e5:95:65:85:5c:f3:80:06:8c:21:2e:75:
c4:f8:aa:0b:4d:c5:9c:3b:12:05:3b:10:fc:c9:c6:
1d:3b:24:1b:a7:ef:df:1d:10:48:2e:47:7e:a5:f3:
05:83:ac:1e:cc:a1:ea:87:cb:46:59:7e:f5:92:01:
a6:6f:f1:7b:54:13:a6:f1:d3:2d:4e:69:d7:de:d5:
ad:66:c3:c3:2c:90:28:ff:19:54:3c:6d:c0:6a:b9:
41:8d:32:a4:eb:fd:49:7d:07:6e:11:d9:4f:af:0d:
72:d5:e8:4e:49:9c:ce:0b:6f:49:88:f9:ba:fa:48:
e3:70:71:30:c3:fc:b5:ed:5a:a1:0e:03:03:e4:13:
5e:00:99:e3:7d:e6:a9:6b:c5:f3:98:79:e2:1b:b6:
a2:7b:c4:f1:9a:04:90:12:b7:55:5f:d2:72:2a:f9:
47:c9:24:f8:82:fd:cb:6f:3e:6e:2b:19:db:71:2c:
dd:3f:b7:87:1b:4f:0f:d5:a6:62:a5:f9:0c:14:1e:
bf:40:37:99:02:4b:4a:46:c8:0d:d3:1a:aa:1b:7d:
8a:ed:29:c8:86:a6:21:0f:2a:7d:3f:47:21:88:71:
4d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D0:1C:FD:14:EB:F7:F1:FA:0B:94:82:3D:99:EB:17:B6:27:89:95
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QNAc_RTr9_H6C5SCPZnrF7YniZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:23:4b:b0:1d:dd:5f:e2:2a:be:15:47:b1:e9:e1:dc:dc:a5:
a5:4f:07:81:bf:52:8d:c4:dd:b7:29:15:37:2f:6a:75:1c:2c:
98:54:c0:98:3e:b3:00:60:9a:d7:d8:f6:ba:f6:df:8f:ad:39:
8d:41:0b:89:f3:89:af:c9:39:8e:8d:5e:57:ce:61:fa:e3:1a:
00:8a:fb:1e:e4:e0:88:be:c6:45:dc:42:95:b6:1e:c3:f9:0a:
2d:61:fc:96:42:8a:d8:9b:3a:59:e7:06:79:71:aa:b3:eb:43:
d4:7b:67:53:e4:8e:09:fb:b7:24:14:9d:32:2e:57:e8:79:cc:
ad:9b:35:8f:4e:1d:13:ae:26:59:7a:6a:b8:60:a3:df:38:ff:
45:36:68:68:01:e2:55:68:52:d4:c5:5b:4f:97:25:a0:38:af:
dc:3c:a9:67:d5:6f:82:f6:ae:5f:01:c9:02:58:95:ac:1a:35:
cc:66:70:4a:26:dd:e0:09:59:fc:d6:b4:31:26:2a:6e:59:78:
a2:4c:c7:78:01:2c:92:17:a1:df:1a:ec:cc:f0:7a:52:b7:2a:
f8:29:0d:49:5a:61:14:b2:bf:0d:3b:dd:23:26:2e:8f:3a:11:
de:70:de:02:99:2f:7c:ed:9a:12:3c:12:f1:56:00:17:f1:79:
b0:cd:dc:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCVs03bZvcccl1A5KB+xNJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA5MDQxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQwMWNmZDE0ZWJmN2YxZmEwYjk0ODIzZDk5ZWIxN2I2Mjc4OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn5FZmJOFVaKVFtpZIN/7ypZgXdy
OxWL8TgFOna381jllWWFXPOABowhLnXE+KoLTcWcOxIFOxD8ycYdOyQbp+/fHRBI
Lkd+pfMFg6wezKHqh8tGWX71kgGmb/F7VBOm8dMtTmnX3tWtZsPDLJAo/xlUPG3A
arlBjTKk6/1JfQduEdlPrw1y1ehOSZzOC29JiPm6+kjjcHEww/y17VqhDgMD5BNe
AJnjfeapa8XzmHniG7aie8TxmgSQErdVX9JyKvlHyST4gv3Lbz5uKxnbcSzdP7eH
G08P1aZipfkMFB6/QDeZAktKRsgN0xqqG32K7SnIhqYhDyp9P0chiHFNzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDQHP0U6/fx+guUgj2Z6xe2J4mVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUU5BY19SVHI5X0g2QzVTQ1BabnJGN1luaVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE4jS7Ad3V/iKr4VR7Hp
4dzcpaVPB4G/Uo3E3bcpFTcvanUcLJhUwJg+swBgmtfY9rr234+tOY1BC4nzia/J
OY6NXlfOYfrjGgCK+x7k4Ii+xkXcQpW2HsP5Ci1h/JZCitibOlnnBnlxqrPrQ9R7
Z1Pkjgn7tyQUnTIuV+h5zK2bNY9OHROuJll6arhgo984/0U2aGgB4lVoUtTFW0+X
JaA4r9w8qWfVb4L2rl8ByQJYlawaNcxmcEom3eAJWfzWtDEmKm5ZeKJMx3gBLJIX
od8a7MzwelK3KvgpDUlaYRSyvw073SMmLo86Ed5w3gKZL3ztmhI8EvFWABfxebDN
3IY=
-----END CERTIFICATE-----
Generated at Tue Jul 9 06:56:01 2024 by rpki-client on console-ams.rpki-client.org