Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/QiVi6mpua5bZGFpZUcyDy10feMI.roa
File: QiVi6mpua5bZGFpZUcyDy10feMI.roa (raw, json)
Hash identifier: xEvRsKFlZSuxije1lNteHQ14NHdbu5qsWmCEI4WVd2Q=
Subject key identifier: 42:25:62:EA:6A:6E:6B:96:D9:18:5A:59:51:CC:83:CB:5D:1F:78:C2
Certificate issuer: /CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Certificate serial: 018C361ACCE0E70002F9D939C64FD5B446CC
Authority key identifier: 03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/QiVi6mpua5bZGFpZUcyDy10feMI.roa
Signing time: Mon 04 Dec 2023 18:32:55 +0000
ROA not before: Mon 04 Dec 2023 18:32:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216435
IP address blocks: 2a10:500::/32 maxlen: 48
2a10:500::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 07 Dec 2023 13:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:36:1a:cc:e0:e7:00:02:f9:d9:39:c6:4f:d5:b4:46:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Validity
Not Before: Dec 4 18:32:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=422562ea6a6e6b96d9185a5951cc83cb5d1f78c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:93:8e:c9:7a:31:f0:77:b0:1f:d2:8f:72:bf:
3f:00:33:c5:ed:77:e0:4e:0e:24:56:1a:cf:b7:33:
78:c2:c0:10:64:75:f4:46:9d:c9:98:cd:41:4e:1e:
0b:63:f8:e9:97:8b:e2:5a:e1:3f:8c:6e:03:6c:e5:
18:da:17:d7:8b:b7:31:2c:1c:22:9a:8e:9a:b6:17:
b8:76:35:2f:42:d8:10:c8:21:7a:45:cc:02:0a:f8:
17:90:a0:4b:da:64:24:ba:06:55:85:f2:32:6e:76:
6f:89:45:c7:8e:28:56:83:68:ab:d2:62:68:66:f3:
72:dc:8d:b7:ef:4c:46:0b:ec:ff:56:87:ea:08:9a:
0b:bb:f8:f2:79:10:aa:ce:db:b6:a1:36:ca:ab:39:
ee:4d:a5:06:15:31:20:1d:1a:d6:20:19:35:94:83:
6f:d8:fe:9a:01:7f:6c:f4:c7:66:44:a0:77:c7:56:
1c:1f:38:9f:0b:02:d9:52:75:16:0c:fa:15:49:d0:
04:13:dd:13:2d:65:56:10:e3:c3:45:3e:c0:81:0a:
51:12:fa:5b:10:41:e5:77:19:4c:4f:f7:67:95:39:
ec:82:21:4c:b1:f0:79:72:18:a1:cf:74:4e:00:03:
3a:4b:e9:d8:2f:fd:65:35:0e:7e:b7:14:af:da:7c:
24:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:25:62:EA:6A:6E:6B:96:D9:18:5A:59:51:CC:83:CB:5D:1F:78:C2
X509v3 Authority Key Identifier:
keyid:03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/QiVi6mpua5bZGFpZUcyDy10feMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/A3tIRJuhyuFb3iwvCG2UIY4HILs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:500::/32
Signature Algorithm: sha256WithRSAEncryption
75:b7:a0:40:0c:8e:68:7d:39:21:b6:da:1d:32:8b:e8:d1:42:
00:45:f0:f6:e0:87:79:81:b4:c7:34:eb:5c:aa:ee:5b:1a:02:
67:1f:b0:7c:35:e8:35:35:24:4e:97:13:79:38:c6:7e:ea:3f:
c1:c4:1d:f6:10:2e:40:c8:f2:ee:ed:0d:9d:7c:47:ea:f9:87:
34:f9:5f:c0:52:31:19:e2:f9:db:b5:bc:c7:e5:95:77:72:9d:
cb:ea:f0:f4:0b:0c:7d:d1:65:48:33:16:6f:fa:45:1c:68:5b:
58:de:c2:0b:3f:35:4f:ef:5e:a5:af:ef:f2:e1:af:08:40:46:
d0:25:19:6a:7a:78:b3:51:62:c3:e5:6c:2c:f3:df:2d:53:bb:
a8:bf:e6:45:ba:75:71:56:97:f7:ba:29:c4:3a:49:c3:ae:bf:
c6:db:ef:fd:82:ed:22:9a:1e:03:9e:02:4c:e0:ce:ef:6c:42:
02:02:9c:2f:6b:8c:d1:1e:b8:40:1c:1b:1b:ee:3b:b3:f3:e3:
c6:2c:7e:55:57:c6:04:9e:48:a4:ee:42:b3:7e:be:d0:b3:a9:
d9:c2:07:b7:f9:47:28:18:ca:ea:ec:a2:37:55:7a:b1:bf:7b:
88:de:c4:51:e5:0c:9a:44:fb:ea:6d:d8:e6:0e:64:ba:17:de:
ec:09:88:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYw2Gszg5wAC+dk5xk/VtEbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2I0ODQ0OWJhMWNhZTE1YmRlMmMyZjA4NmQ5NDIxOGUw
NzIwYmIwHhcNMjMxMjA0MTgzMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjI1NjJlYTZhNmU2Yjk2ZDkxODVhNTk1MWNjODNjYjVkMWY3OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpOOyXox8HewH9KPcr8/ADPF7Xfg
Tg4kVhrPtzN4wsAQZHX0Rp3JmM1BTh4LY/jpl4viWuE/jG4DbOUY2hfXi7cxLBwi
mo6athe4djUvQtgQyCF6RcwCCvgXkKBL2mQkugZVhfIybnZviUXHjihWg2ir0mJo
ZvNy3I2370xGC+z/VofqCJoLu/jyeRCqztu2oTbKqznuTaUGFTEgHRrWIBk1lINv
2P6aAX9s9MdmRKB3x1YcHzifCwLZUnUWDPoVSdAEE90TLWVWEOPDRT7AgQpREvpb
EEHldxlMT/dnlTnsgiFMsfB5chihz3ROAAM6S+nYL/1lNQ5+txSv2nwkIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEIlYupqbmuW2RhaWVHMg8tdH3jCMB8GA1UdIwQY
MBaAFAN7SESbocrhW94sLwhtlCGOByC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYt
NzQwM2UxMzY3NWFiLzEvUWlWaTZtcHVhNWJaR0ZwWlVjeUR5MTBmZU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYtNzQwM2UxMzY3NWFi
LzEvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAFADAN
BgkqhkiG9w0BAQsFAAOCAQEAdbegQAyOaH05IbbaHTKL6NFCAEXw9uCHeYG0xzTr
XKruWxoCZx+wfDXoNTUkTpcTeTjGfuo/wcQd9hAuQMjy7u0NnXxH6vmHNPlfwFIx
GeL527W8x+WVd3Kdy+rw9AsMfdFlSDMWb/pFHGhbWN7CCz81T+9epa/v8uGvCEBG
0CUZanp4s1Fiw+VsLPPfLVO7qL/mRbp1cVaX97opxDpJw66/xtvv/YLtIpoeA54C
TODO72xCAgKcL2uM0R64QBwbG+47s/Pjxix+VVfGBJ5IpO5Cs36+0LOp2cIHt/lH
KBjK6uyiN1V6sb97iN7EUeUMmkT76m3Y5g5kuhfe7AmIrQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:37 2024 by rpki-client on console-ams.rpki-client.org