Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/416aaf-8602-4196-b51d-41d087b3828b/1/Q-vGR7mJhP0qMUHXO5sbCL1igl0.roa
File: Q-vGR7mJhP0qMUHXO5sbCL1igl0.roa (raw, json)
Hash identifier: A1EGf2speR2U7dZqbzBHnasVSo0lz2+OjGGGHUVrpXg=
Subject key identifier: 43:EB:C6:47:B9:89:84:FD:2A:31:41:D7:3B:9B:1B:08:BD:62:82:5D
Certificate issuer: /CN=32c0274bc17f9c75cd3fc10f8b5825a19382ab4f
Certificate serial: 01856EA6829BD67D12E6D6F8E5AD7FEC76A1
Authority key identifier: 32:C0:27:4B:C1:7F:9C:75:CD:3F:C1:0F:8B:58:25:A1:93:82:AB:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MsAnS8F_nHXNP8EPi1gloZOCq08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/416aaf-8602-4196-b51d-41d087b3828b/1/Q-vGR7mJhP0qMUHXO5sbCL1igl0.roa
Signing time: Sun 01 Jan 2023 18:44:44 +0000
ROA not before: Sun 01 Jan 2023 18:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50163
IP address blocks: 109.71.208.0/21 maxlen: 21
2a03:e00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:82:9b:d6:7d:12:e6:d6:f8:e5:ad:7f:ec:76:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c0274bc17f9c75cd3fc10f8b5825a19382ab4f
Validity
Not Before: Jan 1 18:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43ebc647b98984fd2a3141d73b9b1b08bd62825d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1e:b9:09:fd:f0:fa:0d:0b:87:70:f1:8e:23:
52:04:a6:7c:a6:c1:c4:00:6a:18:c1:b1:3f:82:aa:
0a:6e:92:7d:e3:b6:95:05:fd:5f:79:d6:0a:04:a3:
54:e1:7e:48:75:e0:ca:1e:ea:7f:c9:6d:c4:ec:9f:
a0:db:05:8d:57:aa:83:45:c6:51:27:58:b7:1c:2b:
69:29:aa:38:d7:b1:eb:e2:ef:00:13:c4:1f:23:92:
94:26:f6:0f:6d:b9:94:d7:c6:61:fd:12:f6:39:f2:
f3:b1:79:4f:95:4e:21:9c:cd:3e:13:69:a9:52:d8:
14:e7:41:65:f0:51:1f:f8:a5:bb:1f:cc:a1:83:f5:
5d:ef:d6:26:2c:b4:52:78:c0:da:16:95:bc:95:8f:
aa:c9:f3:e5:bf:1e:53:4e:0e:35:4b:2f:12:98:89:
d5:1b:a2:e9:d2:d3:39:b2:79:38:68:7d:37:6b:cc:
4e:e4:bb:c7:c4:d2:f7:a1:e4:a7:8b:7d:f7:fe:4f:
02:b9:d1:65:df:86:fb:a6:23:3f:1e:c9:a7:88:7c:
8a:72:49:75:fc:1e:7c:46:46:55:f9:b3:d1:ae:bb:
b8:40:32:81:5e:15:dc:b6:82:e2:dc:c6:20:4a:47:
cb:06:0f:cb:6b:86:f8:3e:51:70:6e:93:4f:09:53:
26:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EB:C6:47:B9:89:84:FD:2A:31:41:D7:3B:9B:1B:08:BD:62:82:5D
X509v3 Authority Key Identifier:
keyid:32:C0:27:4B:C1:7F:9C:75:CD:3F:C1:0F:8B:58:25:A1:93:82:AB:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MsAnS8F_nHXNP8EPi1gloZOCq08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/416aaf-8602-4196-b51d-41d087b3828b/1/Q-vGR7mJhP0qMUHXO5sbCL1igl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/416aaf-8602-4196-b51d-41d087b3828b/1/MsAnS8F_nHXNP8EPi1gloZOCq08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.208.0/21
IPv6:
2a03:e00::/32
Signature Algorithm: sha256WithRSAEncryption
72:f4:63:63:b4:81:d2:a7:df:94:5e:6d:f2:44:8a:de:ce:84:
b4:0a:ad:09:98:8f:ec:a1:21:2b:06:82:84:43:72:9e:8f:20:
f7:1f:dd:7b:c7:bb:6a:68:6a:70:6a:f8:97:d8:66:98:a5:24:
c0:4d:92:be:c1:07:6c:d1:82:fe:94:8a:1e:88:ac:f1:33:0e:
a1:32:2b:28:c8:d9:dc:48:81:8a:15:ce:bc:a3:4f:cc:dd:d5:
45:f6:f9:2f:39:3c:3d:d8:b2:17:17:14:17:a9:23:ff:0a:10:
42:cb:d3:6a:2f:2d:5e:8a:c0:2c:16:df:96:8f:8e:73:24:ff:
fb:0a:48:15:72:48:db:ac:7b:ec:15:23:8f:03:0e:13:fa:9e:
5b:29:e1:b4:51:88:97:1a:4a:1a:ab:37:c3:bc:14:de:2e:ec:
01:4e:71:d8:b4:23:76:32:f1:9f:f1:94:11:9a:7f:53:36:d3:
ae:7f:0b:98:f0:ad:58:4e:f0:fa:cf:0a:15:b0:d4:fa:e2:43:
84:eb:ee:ba:09:ac:32:08:55:51:87:2d:7d:b9:2a:6d:c5:84:
86:ba:53:fc:e6:fe:c8:79:42:17:0d:85:f6:6b:a9:40:f1:62:
f5:9d:d2:de:47:e1:c6:8a:3e:8a:6a:46:18:5b:5d:50:32:db:
5f:3f:7a:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVupoKb1n0S5tb45a1/7HahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzAyNzRiYzE3ZjljNzVjZDNmYzEwZjhiNTgyNWExOTM4
MmFiNGYwHhcNMjMwMTAxMTg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ViYzY0N2I5ODk4NGZkMmEzMTQxZDczYjliMWIwOGJkNjI4MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB65Cf3w+g0Lh3DxjiNSBKZ8psHE
AGoYwbE/gqoKbpJ947aVBf1fedYKBKNU4X5IdeDKHup/yW3E7J+g2wWNV6qDRcZR
J1i3HCtpKao417Hr4u8AE8QfI5KUJvYPbbmU18Zh/RL2OfLzsXlPlU4hnM0+E2mp
UtgU50Fl8FEf+KW7H8yhg/Vd79YmLLRSeMDaFpW8lY+qyfPlvx5TTg41Sy8SmInV
G6Lp0tM5snk4aH03a8xO5LvHxNL3oeSni333/k8CudFl34b7piM/HsmniHyKckl1
/B58RkZV+bPRrru4QDKBXhXctoLi3MYgSkfLBg/La4b4PlFwbpNPCVMmmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEPrxke5iYT9KjFB1zubGwi9YoJdMB8GA1UdIwQY
MBaAFDLAJ0vBf5x1zT/BD4tYJaGTgqtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNBblM4Rl9uSFhOUDhFUGkxZ2xvWk9DcTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80MTZhYWYtODYwMi00MTk2LWI1MWQt
NDFkMDg3YjM4MjhiLzEvUS12R1I3bUpoUDBxTVVIWE81c2JDTDFpZ2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80MTZhYWYtODYwMi00MTk2LWI1MWQtNDFkMDg3YjM4Mjhi
LzEvTXNBblM4Rl9uSFhOUDhFUGkxZ2xvWk9DcTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbUfQMA0E
AgACMAcDBQAqAw4AMA0GCSqGSIb3DQEBCwUAA4IBAQBy9GNjtIHSp9+UXm3yRIre
zoS0Cq0JmI/soSErBoKEQ3KejyD3H917x7tqaGpwaviX2GaYpSTATZK+wQds0YL+
lIoeiKzxMw6hMisoyNncSIGKFc68o0/M3dVF9vkvOTw92LIXFxQXqSP/ChBCy9Nq
Ly1eisAsFt+Wj45zJP/7CkgVckjbrHvsFSOPAw4T+p5bKeG0UYiXGkoaqzfDvBTe
LuwBTnHYtCN2MvGf8ZQRmn9TNtOufwuY8K1YTvD6zwoVsNT64kOE6+66CawyCFVR
hy19uSptxYSGulP85v7IeUIXDYX2a6lA8WL1ndLeR+HGij6KakYYW11QMttfP3oj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:18 2024 by rpki-client on console-ams.rpki-client.org