Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QabzBJRtjbfkCZtL_HdXr0tLKzQ.roa
File: QabzBJRtjbfkCZtL_HdXr0tLKzQ.roa (raw, json)
Hash identifier: JVlcP240mB3BCCotZjNG8YTq0eXwll4os8AbX9dYGGI=
Subject key identifier: 41:A6:F3:04:94:6D:8D:B7:E4:09:9B:4B:FC:77:57:AF:4B:4B:2B:34
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D7FB2F81CC901952BD51953716924BF4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QabzBJRtjbfkCZtL_HdXr0tLKzQ.roa
Signing time: Mon 09 Sep 2024 18:10:48 +0000
ROA not before: Mon 09 Sep 2024 18:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 19:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d7:fb:2f:81:cc:90:19:52:bd:51:95:37:16:92:4b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 18:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41a6f304946d8db7e4099b4bfc7757af4b4b2b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c5:57:6c:ac:23:3f:97:e9:af:cb:1d:23:9d:
7b:b7:60:62:93:81:31:ca:54:19:67:d9:b5:5e:db:
64:40:f3:ae:70:ee:47:5f:9b:de:1a:e4:d6:91:e9:
07:29:fd:af:ba:82:f1:28:0f:ca:0f:45:75:ec:6f:
26:f8:89:5b:f0:ea:75:88:22:dd:28:48:a6:fe:06:
4d:f8:a5:44:be:c6:7e:3b:e6:03:28:ce:94:d7:18:
ec:3d:1a:19:74:60:dc:90:6f:08:d2:7b:5a:37:a2:
1b:07:12:dc:58:98:b8:20:db:0b:78:94:a7:59:30:
d6:5d:63:b3:04:74:22:c8:69:04:18:a9:54:01:19:
97:dd:a5:ac:ca:2a:c6:20:33:6c:02:a2:d1:71:5a:
e3:19:97:bf:33:a1:10:c6:bb:bd:1c:c0:b7:e8:21:
bf:80:57:6d:5f:a5:94:13:ca:ce:62:20:22:68:0c:
f3:05:7a:f6:93:82:d9:62:82:72:29:be:16:3b:41:
b1:34:15:2c:27:b3:48:36:d7:6c:6a:3c:fd:a8:92:
c2:c6:92:87:f6:cc:6d:7f:66:4b:c9:ab:56:2f:80:
77:8d:f4:4d:9f:35:ae:f1:fe:b5:87:aa:9f:a3:e5:
3f:0c:94:39:da:4d:53:5b:c0:52:3a:b6:68:aa:dc:
a3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A6:F3:04:94:6D:8D:B7:E4:09:9B:4B:FC:77:57:AF:4B:4B:2B:34
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QabzBJRtjbfkCZtL_HdXr0tLKzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
Signature Algorithm: sha256WithRSAEncryption
0b:bd:a4:eb:09:a0:1d:5c:03:28:b3:4b:26:73:49:9b:51:8c:
ac:8a:f5:4a:f7:22:9f:d8:60:cd:07:07:6a:76:ef:62:85:41:
6d:3e:87:20:7b:58:c7:3a:08:0e:2b:50:e4:da:5b:26:1c:f0:
72:cf:4c:ed:77:53:9e:0c:9f:b6:9f:0c:47:f4:b7:30:ee:3d:
bc:8a:12:95:5f:43:27:74:0f:e9:18:c4:a3:9d:83:21:a7:13:
b7:a0:be:ba:4f:4e:54:72:6a:a4:8d:7b:d9:a6:7e:2a:78:5d:
05:fe:60:8b:16:d2:66:56:25:ff:50:c6:fc:79:39:f1:b0:53:
76:62:e1:4d:88:13:b4:cd:a2:ea:0d:b1:47:44:1f:80:3f:23:
18:2a:7e:ff:b2:b8:a7:ec:dc:8f:e2:db:5c:77:5e:09:f2:b1:
ab:43:cb:c3:76:5e:df:46:91:87:09:c7:97:d5:6c:82:bc:16:
ff:1d:02:d8:af:34:a9:be:d5:4e:0c:25:a5:63:ab:1d:de:e6:
ba:34:fa:d4:34:59:f2:18:e8:63:2b:06:51:02:b7:e6:1e:dc:
16:01:e0:17:26:0c:f2:71:6c:ba:b8:d7:05:26:af:da:68:c0:
63:c0:dc:7c:2f:4a:eb:ea:b2:a5:29:d7:7f:95:21:eb:de:9c:
c2:ac:57:6d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHX+y+BzJAZUr1RlTcWkkv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MTgxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE2ZjMwNDk0NmQ4ZGI3ZTQwOTliNGJmYzc3NTdhZjRiNGIyYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8VXbKwjP5fpr8sdI517t2Bik4Ex
ylQZZ9m1XttkQPOucO5HX5veGuTWkekHKf2vuoLxKA/KD0V17G8m+Ilb8Op1iCLd
KEim/gZN+KVEvsZ+O+YDKM6U1xjsPRoZdGDckG8I0ntaN6IbBxLcWJi4INsLeJSn
WTDWXWOzBHQiyGkEGKlUARmX3aWsyirGIDNsAqLRcVrjGZe/M6EQxru9HMC36CG/
gFdtX6WUE8rOYiAiaAzzBXr2k4LZYoJyKb4WO0GxNBUsJ7NINtdsajz9qJLCxpKH
9sxtf2ZLyatWL4B3jfRNnzWu8f61h6qfo+U/DJQ52k1TW8BSOrZoqtyjqQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEGm8wSUbY235AmbS/x3V69LSys0MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUWFiekJKUnRqYmZrQ1p0TF9IZFhyMHRMS3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wwDQYJKoZIhvcNAQELBQADggEB
AAu9pOsJoB1cAyizSyZzSZtRjKyK9Ur3Ip/YYM0HB2p272KFQW0+hyB7WMc6CA4r
UOTaWyYc8HLPTO13U54Mn7afDEf0tzDuPbyKEpVfQyd0D+kYxKOdgyGnE7egvrpP
TlRyaqSNe9mmfip4XQX+YIsW0mZWJf9Qxvx5OfGwU3Zi4U2IE7TNouoNsUdEH4A/
Ixgqfv+yuKfs3I/i21x3XgnysatDy8N2Xt9GkYcJx5fVbIK8Fv8dAtivNKm+1U4M
JaVjqx3e5ro0+tQ0WfIY6GMrBlECt+Ye3BYB4BcmDPJxbLq41wUmr9powGPA3Hwv
SuvqsqUp13+VIevenMKsV20=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:34 2025 by rpki-client