Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/qYvdgzmOMy_Wjti0_ylk6dBlGbQ.roa
File: qYvdgzmOMy_Wjti0_ylk6dBlGbQ.roa (raw, json)
Hash identifier: NMhwSqdPIYAUrSFD2hhCAB5tlJQhho8wVJPjlRuyCE0=
Subject key identifier: A9:8B:DD:83:39:8E:33:2F:D6:8E:D8:B4:FF:29:64:E9:D0:65:19:B4
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 01914337A95A7B440A53DDEA2D27159AC9B7
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/qYvdgzmOMy_Wjti0_ylk6dBlGbQ.roa
Signing time: Sun 11 Aug 2024 20:53:26 +0000
ROA not before: Sun 11 Aug 2024 20:53:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214976
IP address blocks: 2a0a:79c7:f600::/40 maxlen: 40
2a0a:79c7:f801::/48 maxlen: 48
2a0a:79c7:f802::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 17 Aug 2024 18:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:43:37:a9:5a:7b:44:0a:53:dd:ea:2d:27:15:9a:c9:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Aug 11 20:53:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a98bdd83398e332fd68ed8b4ff2964e9d06519b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:34:5f:45:77:c0:56:ae:11:a0:c7:87:cf:3b:
64:3e:cc:f4:a1:f3:97:43:54:25:96:fc:fd:b9:0e:
b6:05:6f:1c:f0:d7:26:b0:69:07:76:cc:3b:ad:79:
0b:eb:72:ba:b3:34:2e:3a:56:a5:02:6b:b2:db:7a:
b4:24:92:72:0e:1c:97:88:57:4d:0f:11:02:77:ac:
3d:b7:e7:e3:1d:41:84:d9:d3:0f:0e:be:d1:6c:27:
47:45:46:86:85:bf:cd:19:ae:e2:fb:8c:f3:de:b3:
7e:e5:35:25:7b:ec:27:45:19:f8:24:9f:cb:f9:cb:
26:1e:d4:78:ad:20:51:e7:99:4c:40:2c:9f:e4:5c:
63:e9:29:68:a3:59:c0:97:71:9a:a5:e5:39:df:c1:
9b:56:e3:09:45:08:74:0b:9e:f4:7b:f4:f8:66:dc:
94:56:74:3e:8f:81:0d:92:02:f0:ee:82:0d:69:96:
31:d1:64:6d:ac:3d:ba:0c:63:21:7b:ba:01:a9:8d:
af:d3:35:a5:bf:fa:ab:1a:85:15:2e:85:3b:45:09:
0d:06:ce:46:66:9c:f3:35:55:fe:d4:1e:19:92:54:
12:cd:34:92:c5:4c:ff:26:25:a4:06:d9:a1:74:99:
3a:55:aa:12:1a:73:cd:60:e9:24:2d:71:ba:7d:df:
67:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8B:DD:83:39:8E:33:2F:D6:8E:D8:B4:FF:29:64:E9:D0:65:19:B4
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/qYvdgzmOMy_Wjti0_ylk6dBlGbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c7:f600::/40
2a0a:79c7:f801::-2a0a:79c7:f802:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:97:19:7f:4c:1a:3a:fb:88:a4:20:be:41:96:1f:09:74:b7:
34:42:21:a9:03:78:65:06:73:b9:52:b9:e8:61:e1:08:dc:3f:
1c:3e:29:71:8e:70:f4:f1:2e:69:54:84:ee:dc:9d:41:4a:b8:
75:b3:0f:3e:61:9c:4c:c0:55:2e:28:9b:a3:44:8e:af:fe:51:
11:80:29:f1:b5:12:bd:b4:bb:39:b6:de:50:dd:6c:07:47:43:
36:17:f2:2b:55:f0:3d:2b:b1:9a:a5:3e:ba:ef:c4:90:74:5e:
96:06:47:a5:f5:d8:66:80:a9:0f:c4:a6:48:57:b5:a4:f6:8a:
f3:44:bc:b1:89:a3:a5:eb:76:a7:38:65:d8:d5:29:29:9c:9a:
88:67:91:21:43:ce:e7:11:2e:ec:66:d3:aa:4c:e2:23:cd:8c:
4d:1f:48:3f:0d:08:ac:c1:31:eb:86:fa:4a:46:3a:a7:03:fa:
54:47:93:88:44:aa:e2:2f:24:84:b4:af:a3:04:85:f9:80:93:
e8:37:ae:fd:b2:c5:97:b0:d7:da:71:bd:4e:45:27:34:1a:a8:
54:08:74:f7:d0:6d:2f:21:e8:46:e8:a4:cd:82:09:e1:9c:d1:
ca:69:ca:f7:61:76:92:18:84:ae:94:e1:b8:68:83:5b:2c:ec:
29:db:32:56
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZFDN6lae0QKU93qLScVmsm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwODExMjA1MzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThiZGQ4MzM5OGUzMzJmZDY4ZWQ4YjRmZjI5NjRlOWQwNjUxOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zRfRXfAVq4RoMeHzztkPsz0ofOX
Q1Qllvz9uQ62BW8c8NcmsGkHdsw7rXkL63K6szQuOlalAmuy23q0JJJyDhyXiFdN
DxECd6w9t+fjHUGE2dMPDr7RbCdHRUaGhb/NGa7i+4zz3rN+5TUle+wnRRn4JJ/L
+csmHtR4rSBR55lMQCyf5Fxj6Sloo1nAl3GapeU538GbVuMJRQh0C570e/T4ZtyU
VnQ+j4ENkgLw7oINaZYx0WRtrD26DGMhe7oBqY2v0zWlv/qrGoUVLoU7RQkNBs5G
ZpzzNVX+1B4ZklQSzTSSxUz/JiWkBtmhdJk6VaoSGnPNYOkkLXG6fd9ntwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKmL3YM5jjMv1o7YtP8pZOnQZRm0MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvcVl2ZGd6bU9NeV9XanRpMF95bGs2ZEJsR2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwYAKgp5x/Yw
EgMHACoKecf4AQMHACoKecf4AjANBgkqhkiG9w0BAQsFAAOCAQEAq5cZf0waOvuI
pCC+QZYfCXS3NEIhqQN4ZQZzuVK56GHhCNw/HD4pcY5w9PEuaVSE7tydQUq4dbMP
PmGcTMBVLiibo0SOr/5REYAp8bUSvbS7ObbeUN1sB0dDNhfyK1XwPSuxmqU+uu/E
kHRelgZHpfXYZoCpD8SmSFe1pPaK80S8sYmjpet2pzhl2NUpKZyaiGeRIUPO5xEu
7GbTqkziI82MTR9IPw0IrMEx64b6SkY6pwP6VEeTiESq4i8khLSvowSF+YCT6Deu
/bLFl7DX2nG9TkUnNBqoVAh099BtLyHoRuikzYIJ4ZzRymnK92F2khiErpThuGiD
WyzsKdsyVg==
-----END CERTIFICATE-----
Generated at Sat Aug 17 21:29:17 2024 by rpki-client on console-fra.rpki-client.org