Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/QDrqZ1GrkqA6NMhgG_3Lk8oeP60.roa
File: QDrqZ1GrkqA6NMhgG_3Lk8oeP60.roa (raw, json)
Hash identifier: KMsxmwZcKeMgI0V+Cw8+cqAVcqKnJl4RXkPANj4AkwA=
Subject key identifier: 40:3A:EA:67:51:AB:92:A0:3A:34:C8:60:1B:FD:CB:93:CA:1E:3F:AD
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01856FF972EED8BC76EBFA5BFF5723479405
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/QDrqZ1GrkqA6NMhgG_3Lk8oeP60.roa
Signing time: Mon 02 Jan 2023 00:54:56 +0000
ROA not before: Mon 02 Jan 2023 00:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204339
IP address blocks: 2a0c:e8c0::/30 maxlen: 30
2a0d:2e40::/30 maxlen: 30
2a10:d8c0::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 08 May 2023 17:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:72:ee:d8:bc:76:eb:fa:5b:ff:57:23:47:94:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 2 00:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=403aea6751ab92a03a34c8601bfdcb93ca1e3fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:01:50:06:6f:85:69:d5:27:a9:a1:e0:01:3e:
fe:fb:46:64:ab:b6:08:ca:91:23:66:f1:ac:2f:43:
bd:46:67:36:1a:7a:00:bc:d4:24:c7:93:42:e0:b9:
07:5f:07:7f:e5:72:20:f3:3a:32:95:e2:77:62:48:
58:eb:07:df:80:ba:21:f6:ab:f4:37:a4:c9:cb:71:
7a:50:0f:2a:ad:61:05:b4:24:37:a7:e6:ef:c9:06:
1a:05:4b:63:c0:c3:1f:22:44:e6:69:53:3b:d8:2e:
72:eb:cd:96:ce:44:1a:2d:7e:5e:47:0f:71:1f:e8:
fd:a7:e9:67:15:b1:5b:32:99:7c:6f:5c:08:b0:a6:
72:27:51:b1:aa:73:38:2a:1f:d5:8c:06:57:79:b4:
60:ee:84:68:dc:a6:30:70:84:f2:8d:b3:28:ad:c8:
f7:33:99:ce:90:cf:38:e9:71:9a:91:dd:58:ee:e0:
7d:05:a9:83:86:83:fc:e5:bb:23:9a:d5:fb:9a:bc:
ca:d3:60:84:69:f4:14:98:e2:a4:91:9a:eb:fd:00:
cd:1b:43:cc:10:a4:c3:93:88:b4:cf:06:2a:f5:98:
7a:ff:90:0a:fc:20:c9:9a:61:16:28:cb:cf:c3:fa:
b8:f2:95:0f:ae:88:cd:02:d2:1c:42:a1:4d:2a:3b:
70:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3A:EA:67:51:AB:92:A0:3A:34:C8:60:1B:FD:CB:93:CA:1E:3F:AD
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/QDrqZ1GrkqA6NMhgG_3Lk8oeP60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:e8c0::/30
2a0d:2e40::/30
2a10:d8c0::/30
Signature Algorithm: sha256WithRSAEncryption
94:e2:8c:d3:35:6e:83:50:80:1e:09:8b:7e:7d:de:ef:8e:21:
d5:97:63:46:ee:7a:24:ed:7b:94:b7:b7:06:b9:ee:6b:e9:b0:
7c:9b:ff:61:06:2c:58:db:f5:ca:e4:0f:79:ea:e1:6b:20:58:
cb:7d:26:37:8f:4e:77:7a:8e:5c:df:68:d9:92:87:ef:0e:8a:
dc:b2:92:b2:52:ac:16:a6:da:b5:ac:4e:59:a2:bb:38:76:07:
f5:b5:3e:66:bb:32:1c:dd:ba:f6:28:c5:2a:14:47:03:95:47:
0f:fc:03:f6:8c:b4:0d:72:62:03:76:44:8e:18:b9:e9:52:d0:
ca:f1:a6:60:a2:4f:f5:a0:40:74:3f:c0:7e:c4:a7:bc:7c:be:
43:57:94:a2:0b:21:05:cb:d2:59:76:4b:43:29:4c:df:8f:f5:
81:eb:42:68:a5:5b:76:46:45:37:7a:94:ea:48:d2:a6:2f:57:
22:d7:e8:cb:1a:f6:ed:a6:98:44:d3:e0:8e:5e:16:b3:99:52:
10:42:4c:e4:81:94:1f:75:a8:4b:ea:4b:b0:ef:20:f4:05:c5:
78:a9:f6:f1:be:43:f8:55:72:cd:df:d6:da:82:5c:14:d8:d7:
45:5a:8f:9b:ea:21:86:9a:dd:25:95:be:df:ae:a2:6e:a9:6a:
c2:d2:0b:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv+XLu2Lx26/pb/1cjR5QFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMTAyMDA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDNhZWE2NzUxYWI5MmEwM2EzNGM4NjAxYmZkY2I5M2NhMWUzZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwFQBm+FadUnqaHgAT7++0Zkq7YI
ypEjZvGsL0O9Rmc2GnoAvNQkx5NC4LkHXwd/5XIg8zoyleJ3YkhY6wffgLoh9qv0
N6TJy3F6UA8qrWEFtCQ3p+bvyQYaBUtjwMMfIkTmaVM72C5y682WzkQaLX5eRw9x
H+j9p+lnFbFbMpl8b1wIsKZyJ1GxqnM4Kh/VjAZXebRg7oRo3KYwcITyjbMorcj3
M5nOkM846XGakd1Y7uB9BamDhoP85bsjmtX7mrzK02CEafQUmOKkkZrr/QDNG0PM
EKTDk4i0zwYq9Zh6/5AK/CDJmmEWKMvPw/q48pUProjNAtIcQqFNKjtwFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEA66mdRq5KgOjTIYBv9y5PKHj+tMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvUURycVoxR3JrcUE2Tk1oZ0dfM0xrOG9lUDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUCKgzowAMF
AioNLkADBQIqENjAMA0GCSqGSIb3DQEBCwUAA4IBAQCU4ozTNW6DUIAeCYt+fd7v
jiHVl2NG7nok7XuUt7cGue5r6bB8m/9hBixY2/XK5A956uFrIFjLfSY3j053eo5c
32jZkofvDorcspKyUqwWptq1rE5Zors4dgf1tT5muzIc3br2KMUqFEcDlUcP/AP2
jLQNcmIDdkSOGLnpUtDK8aZgok/1oEB0P8B+xKe8fL5DV5SiCyEFy9JZdktDKUzf
j/WB60JopVt2RkU3epTqSNKmL1ci1+jLGvbtpphE0+COXhazmVIQQkzkgZQfdahL
6kuw7yD0BcV4qfbxvkP4VXLN39baglwU2NdFWo+b6iGGmt0llb7frqJuqWrC0guU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org