Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/SqmEUV6p78QYq1xhyAAGhj7woMw.roa
File: SqmEUV6p78QYq1xhyAAGhj7woMw.roa (raw, json)
Hash identifier: dXfW4xko3jfiykcwbA8Gz/vzfwe4/c2/SA2KlJPjZko=
Subject key identifier: 4A:A9:84:51:5E:A9:EF:C4:18:AB:5C:61:C8:00:06:86:3E:F0:A0:CC
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01862B4ECCBEFA5C25057ADDB66D32C31EAB
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/SqmEUV6p78QYq1xhyAAGhj7woMw.roa
Signing time: Tue 07 Feb 2023 09:57:09 +0000
ROA not before: Tue 07 Feb 2023 09:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 2a0f:e383::/32 maxlen: 32
2a0f:e385::/32 maxlen: 32
2a0f:e384::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 31 Oct 2023 10:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:4e:cc:be:fa:5c:25:05:7a:dd:b6:6d:32:c3:1e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Feb 7 09:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4aa984515ea9efc418ab5c61c80006863ef0a0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bd:dc:1f:d4:6e:44:27:72:42:31:a1:8a:bc:
5f:0c:57:97:e1:c5:ec:79:a8:da:68:49:07:35:8d:
bf:3f:e5:fc:bf:f0:14:41:4b:2e:92:5e:a6:66:2e:
a1:b5:ff:7b:a9:17:22:39:a4:c2:3b:40:b9:68:fb:
12:f8:25:69:37:96:57:55:9c:ee:21:77:77:9b:58:
34:39:a9:cf:f5:0d:1d:1d:16:bc:96:e6:5f:25:c5:
c0:09:91:59:41:df:81:ee:f5:95:13:f6:15:b1:53:
21:a2:ac:57:1c:2d:a2:96:90:7b:03:60:bd:e2:56:
7d:df:dd:87:73:68:79:30:f3:50:eb:27:ec:61:80:
07:13:9c:e4:30:f0:8b:14:bc:11:4f:b8:00:68:92:
2a:12:a0:2b:a2:d2:9d:be:00:58:35:34:9f:6d:f0:
3b:8c:7e:55:ac:17:b9:e5:1f:b3:c8:0b:92:cc:11:
0f:76:4e:18:32:a9:14:1f:cd:2b:75:e3:cc:ee:cf:
8e:a9:ea:eb:eb:bd:d9:84:64:54:36:7b:6c:83:10:
60:5d:5d:a0:aa:56:24:a3:6d:05:35:b0:86:f9:c2:
23:65:5a:0b:4a:dc:fa:4b:2d:af:52:07:28:a4:a8:
77:a1:bf:30:22:6e:2c:00:f7:74:0b:c8:78:1e:a5:
1d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A9:84:51:5E:A9:EF:C4:18:AB:5C:61:C8:00:06:86:3E:F0:A0:CC
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/SqmEUV6p78QYq1xhyAAGhj7woMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6e:95:c0:d9:20:97:c3:cd:c4:a0:3e:e3:70:d7:20:3f:16:8c:
6d:f0:de:86:4a:5e:ff:d0:aa:03:d1:6f:33:cd:2f:7b:e5:57:
7c:76:0b:7c:a6:c5:11:bf:42:42:67:88:b7:79:38:9b:fc:74:
6a:19:95:80:a0:e0:7b:3b:2f:5d:f6:32:e3:09:2c:b1:c5:83:
b5:9b:76:39:33:7e:3c:2a:8e:53:29:53:b1:78:c9:32:ef:a3:
62:a3:d0:b9:06:50:e2:50:25:6e:f9:7a:82:4a:13:f8:ac:23:
7a:e6:70:cf:a7:2c:72:f4:58:05:96:8e:aa:b0:7d:2f:9a:8f:
12:b8:15:02:46:3c:03:fb:72:07:bf:11:d6:dc:f0:26:0b:f0:
24:f0:fe:d8:76:50:83:34:fe:93:52:06:94:24:93:40:c2:96:
37:e0:fb:c2:3a:90:65:b1:21:32:82:0e:39:06:4d:af:74:1b:
45:d4:8f:a1:0c:bb:43:d8:ba:2d:4b:28:d3:05:1d:00:08:8e:
a9:02:53:14:26:74:72:58:d0:9d:06:d7:55:25:5e:b9:7a:3d:
11:dc:af:95:9a:0c:ea:56:63:5f:ab:cc:0e:99:ab:4f:68:c9:
b8:e0:84:02:4c:7b:4a:95:93:d0:6b:11:0f:c4:e0:ea:b7:fc:
ea:c6:89:b9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYYrTsy++lwlBXrdtm0ywx6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMjA3MDk1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWE5ODQ1MTVlYTllZmM0MThhYjVjNjFjODAwMDY4NjNlZjBhMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL3cH9RuRCdyQjGhirxfDFeX4cXs
eajaaEkHNY2/P+X8v/AUQUsukl6mZi6htf97qRciOaTCO0C5aPsS+CVpN5ZXVZzu
IXd3m1g0OanP9Q0dHRa8luZfJcXACZFZQd+B7vWVE/YVsVMhoqxXHC2ilpB7A2C9
4lZ9392Hc2h5MPNQ6yfsYYAHE5zkMPCLFLwRT7gAaJIqEqArotKdvgBYNTSfbfA7
jH5VrBe55R+zyAuSzBEPdk4YMqkUH80rdePM7s+Oqerr673ZhGRUNntsgxBgXV2g
qlYko20FNbCG+cIjZVoLStz6Sy2vUgcopKh3ob8wIm4sAPd0C8h4HqUdzQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFEqphFFeqe/EGKtcYcgABoY+8KDMMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvU3FtRVVWNnA3OFFZcTF4aHlBQUdoajd3b013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqD+OD
AwUBKg/jhDANBgkqhkiG9w0BAQsFAAOCAQEAbpXA2SCXw83EoD7jcNcgPxaMbfDe
hkpe/9CqA9FvM80ve+VXfHYLfKbFEb9CQmeIt3k4m/x0ahmVgKDgezsvXfYy4wks
scWDtZt2OTN+PCqOUylTsXjJMu+jYqPQuQZQ4lAlbvl6gkoT+KwjeuZwz6cscvRY
BZaOqrB9L5qPErgVAkY8A/tyB78R1tzwJgvwJPD+2HZQgzT+k1IGlCSTQMKWN+D7
wjqQZbEhMoIOOQZNr3QbRdSPoQy7Q9i6LUso0wUdAAiOqQJTFCZ0cljQnQbXVSVe
uXo9EdyvlZoM6lZjX6vMDpmrT2jJuOCEAkx7SpWT0GsRD8Tg6rf86saJuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org