Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/QWizGxG1W7-eu8RPpUmSrfF3hFg.roa
File: QWizGxG1W7-eu8RPpUmSrfF3hFg.roa (raw, json)
Hash identifier: GvrOVlxQoTNaHjvmJIFxvmKYkmtwS4QMSePcXzfIWd0=
Subject key identifier: 41:68:B3:1B:11:B5:5B:BF:9E:BB:C4:4F:A5:49:92:AD:F1:77:84:58
Certificate issuer: /CN=f8d6ddee34c5bb8ec0eb919ce2656bf0cd855d54
Certificate serial: 0193CF31B8ADA518B4123C29E9D046DF2CE3
Authority key identifier: F8:D6:DD:EE:34:C5:BB:8E:C0:EB:91:9C:E2:65:6B:F0:CD:85:5D:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/QWizGxG1W7-eu8RPpUmSrfF3hFg.roa
Signing time: Mon 16 Dec 2024 11:19:22 +0000
ROA not before: Mon 16 Dec 2024 11:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 2a0e:dc00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Dec 2024 11:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:31:b8:ad:a5:18:b4:12:3c:29:e9:d0:46:df:2c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8d6ddee34c5bb8ec0eb919ce2656bf0cd855d54
Validity
Not Before: Dec 16 11:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4168b31b11b55bbf9ebbc44fa54992adf1778458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:82:19:0b:17:dc:e7:ac:24:9a:de:24:2b:9b:
c6:9c:58:a2:81:c4:7a:8d:16:f3:4f:d8:7a:6d:65:
ec:a3:d9:ef:ca:ac:fa:75:1c:54:4f:83:a8:fa:d0:
36:d5:96:dd:49:5e:9e:98:2e:e4:f4:cd:78:a6:e8:
7e:55:90:44:68:bd:30:c4:02:e3:22:1e:90:81:c3:
6c:5e:88:5d:c5:2e:e2:39:e7:ed:84:c0:a0:9f:ce:
fd:f3:cb:23:50:35:8b:b6:d9:b5:bf:d8:0e:08:5a:
61:f7:2b:d9:ad:a5:c6:17:d2:67:ed:46:1b:5c:f2:
a3:2f:43:5e:f6:c8:85:18:84:1f:79:b6:b2:29:8f:
f8:73:7a:b7:d8:92:59:95:5c:34:ce:f0:ec:bb:ae:
ec:e7:8c:1d:52:ba:56:4b:bf:db:9d:f9:98:8d:51:
6c:ad:ea:50:ac:00:81:ef:d0:6f:55:55:3b:e4:a9:
94:17:ee:3d:5f:ae:a0:21:74:b1:75:a9:21:68:a7:
a8:af:85:48:e0:fb:ab:ae:11:71:99:ba:e7:87:2c:
92:d1:ce:53:d3:8b:65:d1:84:92:87:db:e0:0b:73:
87:3c:fe:60:9a:61:bf:c7:a0:bc:37:8f:54:a9:da:
85:fa:e1:9e:0f:b9:45:c1:59:23:8c:ce:7b:4b:9b:
4c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:68:B3:1B:11:B5:5B:BF:9E:BB:C4:4F:A5:49:92:AD:F1:77:84:58
X509v3 Authority Key Identifier:
keyid:F8:D6:DD:EE:34:C5:BB:8E:C0:EB:91:9C:E2:65:6B:F0:CD:85:5D:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/QWizGxG1W7-eu8RPpUmSrfF3hFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
a3:31:79:a9:36:48:a9:a9:6a:a5:92:87:0f:04:fd:9a:df:86:
92:5c:19:49:41:3a:7b:e8:c9:2b:89:8f:0a:5e:91:e0:97:b9:
df:69:c0:60:b5:09:bf:3c:fa:97:ef:fb:78:8e:bd:55:5d:86:
5a:6e:a8:0a:fb:fb:43:f0:41:9e:48:6e:c5:cd:c6:2f:52:0a:
1b:a7:54:2b:83:29:73:9b:4f:5b:3c:55:5d:b6:51:04:83:04:
4a:8e:4f:f3:47:8d:9f:d0:53:90:aa:d3:56:4c:d2:fc:44:19:
56:8f:23:0c:be:5d:b3:10:cd:ae:9b:9f:f0:a3:fa:34:a8:00:
e4:1d:b5:9e:1c:42:09:1e:47:ef:58:d8:3b:90:98:0b:51:01:
93:68:86:88:80:82:44:99:b8:a2:73:b8:09:e8:85:5e:f5:75:
82:64:f9:de:e6:73:5b:e7:77:bc:09:96:17:53:ea:90:14:69:
15:23:0e:48:0e:4c:4b:14:c3:22:84:a5:ea:f3:8b:e8:68:36:
ba:71:e7:63:ce:10:ac:22:7e:e9:9d:55:76:d1:e6:c3:75:72:
4d:f1:d8:f1:81:13:aa:a5:dd:7e:3f:c9:b8:79:c0:51:df:e0:
d2:5e:65:e6:9b:19:73:25:4b:95:0e:36:1f:45:80:7f:2a:84:
0d:ec:9a:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZPPMbitpRi0Ejwp6dBG3yzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZDZkZGVlMzRjNWJiOGVjMGViOTE5Y2UyNjU2YmYwY2Q4
NTVkNTQwHhcNMjQxMjE2MTExOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY4YjMxYjExYjU1YmJmOWViYmM0NGZhNTQ5OTJhZGYxNzc4NDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIIZCxfc56wkmt4kK5vGnFiigcR6
jRbzT9h6bWXso9nvyqz6dRxUT4Oo+tA21ZbdSV6emC7k9M14puh+VZBEaL0wxALj
Ih6QgcNsXohdxS7iOefthMCgn87988sjUDWLttm1v9gOCFph9yvZraXGF9Jn7UYb
XPKjL0Ne9siFGIQfebayKY/4c3q32JJZlVw0zvDsu67s54wdUrpWS7/bnfmYjVFs
repQrACB79BvVVU75KmUF+49X66gIXSxdakhaKeor4VI4PurrhFxmbrnhyyS0c5T
04tl0YSSh9vgC3OHPP5gmmG/x6C8N49UqdqF+uGeD7lFwVkjjM57S5tMTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEFosxsRtVu/nrvET6VJkq3xd4RYMB8GA1UdIwQY
MBaAFPjW3e40xbuOwOuRnOJla/DNhV1UMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OYmQ3alRGdTQ3QTY1R2M0bVZyOE0yRlhWUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvNzgzZGE1LTY1NzItNDEzZC05ZDZi
LTA5NGQwZGIxYWQyYy8xL1FXaXpHeEcxVzctZXU4UlBwVW1TcmZGM2hGZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTYvNzgzZGE1LTY1NzItNDEzZC05ZDZiLTA5NGQwZGIxYWQy
Yy8xLzEtTmJkN2pURnU0N0E2NUdjNG1WcjhNMkZYVlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqDtwA
MA0GCSqGSIb3DQEBCwUAA4IBAQCjMXmpNkipqWqlkocPBP2a34aSXBlJQTp76Mkr
iY8KXpHgl7nfacBgtQm/PPqX7/t4jr1VXYZabqgK+/tD8EGeSG7FzcYvUgobp1Qr
gylzm09bPFVdtlEEgwRKjk/zR42f0FOQqtNWTNL8RBlWjyMMvl2zEM2um5/wo/o0
qADkHbWeHEIJHkfvWNg7kJgLUQGTaIaIgIJEmbiic7gJ6IVe9XWCZPne5nNb53e8
CZYXU+qQFGkVIw5IDkxLFMMihKXq84voaDa6cedjzhCsIn7pnVV20ebDdXJN8djx
gROqpd1+P8m4ecBR3+DSXmXmmxlzJUuVDjYfRYB/KoQN7JqN
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:43:44 2025 by rpki-client