Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PQnyFaS3_voz944TBMI0t0Q3C2Q.roa
File: PQnyFaS3_voz944TBMI0t0Q3C2Q.roa (raw, json)
Hash identifier: kUoJlGQC4xg+0ipJLMLfbvVGk2hCGeRVuNqdYPKMAZQ=
Subject key identifier: 3D:09:F2:15:A4:B7:FE:FA:33:F7:8E:13:04:C2:34:B7:44:37:0B:64
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C31AB4F7DF42F02B61F8C27BD41AFC
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PQnyFaS3_voz944TBMI0t0Q3C2Q.roa
Signing time: Mon 02 Jan 2023 09:14:49 +0000
ROA not before: Mon 02 Jan 2023 09:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201950
IP address blocks: 2a06:e881:9500::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:1a:b4:f7:df:42:f0:2b:61:f8:c2:7b:d4:1a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d09f215a4b7fefa33f78e1304c234b744370b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:62:a5:5c:c1:c9:32:0a:9a:20:20:c7:e5:80:
1b:82:fd:da:ed:36:14:66:94:ae:80:8a:e8:bf:9f:
31:ff:85:6c:44:8c:f5:2b:ca:d7:38:38:7f:49:51:
80:bf:09:98:30:b8:d7:c8:e3:2f:97:09:0d:f2:9d:
74:70:86:b2:66:c4:8c:3d:77:7d:a4:50:ac:4f:95:
5c:30:ce:21:36:1c:4e:11:fa:ae:50:42:34:1c:a5:
79:5e:bb:5d:a6:19:bd:17:29:e3:4a:c9:ce:d7:5d:
75:66:fa:0c:b2:9c:32:d0:22:0d:89:f7:ec:5c:b9:
a1:95:7b:4d:27:e5:b1:d0:17:11:7b:3a:4b:ed:f9:
10:d9:ec:3c:83:0c:11:c6:74:34:fd:d5:50:49:0e:
8f:08:15:31:d9:28:f3:45:20:b3:30:ba:62:a2:65:
e5:2b:c5:37:99:a7:aa:1e:22:0e:25:d0:20:03:69:
c4:31:ff:86:b7:46:ae:c0:c1:7a:4d:49:b3:b9:e5:
02:8b:28:bd:85:be:dc:00:d7:f7:0b:39:ed:04:72:
a0:47:c8:a9:78:a1:99:78:31:bf:20:2f:08:32:93:
12:f7:78:78:b1:49:3a:ca:c8:52:47:d8:c1:cd:9b:
23:85:c4:ef:20:d3:45:96:24:45:1e:68:58:18:b4:
ed:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:09:F2:15:A4:B7:FE:FA:33:F7:8E:13:04:C2:34:B7:44:37:0B:64
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PQnyFaS3_voz944TBMI0t0Q3C2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:9500::/48
Signature Algorithm: sha256WithRSAEncryption
43:ab:97:96:01:b4:43:4c:be:85:f5:7d:d7:33:6b:5a:21:c3:
72:88:e6:bf:8d:64:dd:05:3e:a8:52:ce:18:3c:fc:b7:ca:cf:
83:4e:10:3a:38:ea:e2:87:4c:0c:8b:dd:91:66:5c:63:f6:67:
77:94:95:da:6f:b7:a4:ed:2d:97:cf:a6:a4:26:20:dc:9c:f0:
b8:4f:ec:e1:51:0f:31:9f:ba:e1:1e:c9:f7:f0:8a:34:30:23:
67:f6:bf:4d:b0:a8:8c:c3:82:92:55:9f:2d:a4:36:61:74:9b:
61:c6:bf:a9:f3:2c:7a:02:c6:63:23:9c:67:0b:aa:8f:e7:21:
34:14:40:f9:75:fc:3a:37:19:38:6a:a4:b6:df:a0:57:40:4f:
9c:b2:4c:2f:88:34:ce:f7:46:fe:0c:db:5f:4c:6f:9a:06:70:
44:35:08:64:0c:ce:0f:a3:4a:36:ac:97:25:4c:a3:91:d5:80:
f6:f0:fd:76:03:2a:5a:5d:29:8b:8a:df:6d:0d:66:fb:98:8a:
b4:58:3c:93:cf:1a:ab:62:90:57:3f:e4:67:6d:83:c9:b1:78:
83:7c:e2:8f:a7:b2:b6:cc:0f:dd:77:80:1d:b6:02:f9:00:6b:
c5:59:49:2c:d5:2a:41:7f:2d:24:08:d8:12:f1:87:56:25:de:
44:8a:ac:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxwxq0999C8Cth+MJ71Br8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA5ZjIxNWE0YjdmZWZhMzNmNzhlMTMwNGMyMzRiNzQ0MzcwYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWKlXMHJMgqaICDH5YAbgv3a7TYU
ZpSugIrov58x/4VsRIz1K8rXODh/SVGAvwmYMLjXyOMvlwkN8p10cIayZsSMPXd9
pFCsT5VcMM4hNhxOEfquUEI0HKV5Xrtdphm9FynjSsnO1111ZvoMspwy0CINiffs
XLmhlXtNJ+Wx0BcRezpL7fkQ2ew8gwwRxnQ0/dVQSQ6PCBUx2SjzRSCzMLpiomXl
K8U3maeqHiIOJdAgA2nEMf+Gt0auwMF6TUmzueUCiyi9hb7cANf3CzntBHKgR8ip
eKGZeDG/IC8IMpMS93h4sUk6yshSR9jBzZsjhcTvINNFliRFHmhYGLTtPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD0J8hWkt/76M/eOEwTCNLdENwtkMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvUFFueUZhUzNfdm96OTQ0VEJNSTB0MFEzQzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbogZUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBDq5eWAbRDTL6F9X3XM2taIcNyiOa/jWTdBT6o
Us4YPPy3ys+DThA6OOrih0wMi92RZlxj9md3lJXab7ek7S2Xz6akJiDcnPC4T+zh
UQ8xn7rhHsn38Io0MCNn9r9NsKiMw4KSVZ8tpDZhdJthxr+p8yx6AsZjI5xnC6qP
5yE0FED5dfw6Nxk4aqS236BXQE+cskwviDTO90b+DNtfTG+aBnBENQhkDM4Po0o2
rJclTKOR1YD28P12AypaXSmLit9tDWb7mIq0WDyTzxqrYpBXP+RnbYPJsXiDfOKP
p7K2zA/dd4AdtgL5AGvFWUks1SpBfy0kCNgS8YdWJd5Eiqyg
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:04 2024 by rpki-client on console-ams.rpki-client.org