Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/QT43vSx6cGaTuFflGULgOP1gp7Y.roa
File: QT43vSx6cGaTuFflGULgOP1gp7Y.roa (raw, json)
Hash identifier: KM/6rgSZdS/1A7mMJpd/7kVHDfeFbB5czDBFOBYQcVg=
Subject key identifier: 41:3E:37:BD:2C:7A:70:66:93:B8:57:E5:19:42:E0:38:FD:60:A7:B6
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 018D633C5B4AAAFACCBD60EDEE82D61AB493
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/QT43vSx6cGaTuFflGULgOP1gp7Y.roa
Signing time: Thu 01 Feb 2024 05:55:16 +0000
ROA not before: Thu 01 Feb 2024 05:55:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47316
IP address blocks: 2a12:c6c7:100::/40 maxlen: 48
2a12:c6c7:200::/40 maxlen: 48
2a12:c6c7:300::/40 maxlen: 48
2a12:c6c7:400::/40 maxlen: 48
2a12:c6c7:1000::/36 maxlen: 48
2a12:c6c7:2000::/36 maxlen: 48
Validation: Failed, certificate revoked on Sat 03 Feb 2024 17:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:3c:5b:4a:aa:fa:cc:bd:60:ed:ee:82:d6:1a:b4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Feb 1 05:55:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=413e37bd2c7a706693b857e51942e038fd60a7b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:41:e7:33:73:64:df:15:6a:bd:1c:77:ef:4c:
7f:8a:ae:e6:82:97:f8:8e:c0:2a:77:4a:e1:ff:8e:
24:13:3d:26:4f:ff:90:2d:e1:67:63:b3:d1:32:5c:
1a:b0:33:f1:d6:4b:f8:1f:45:ba:de:d5:ff:39:ef:
2a:44:4d:b6:91:f9:78:08:77:87:c1:7c:20:22:94:
96:02:d0:e5:21:58:99:3c:57:3a:fc:da:11:83:c5:
9a:75:c4:f5:b7:b2:af:0d:97:bd:9e:8a:0c:ab:ba:
74:04:e5:4e:2d:7f:ef:3a:4a:6b:43:75:ec:66:66:
cf:19:ff:10:76:cf:2f:11:21:c1:2e:12:28:57:56:
48:c7:65:8b:fa:63:6e:fc:d9:d1:5a:43:d0:89:3f:
10:b6:d4:de:01:22:96:a3:8d:8b:52:42:30:ce:ba:
be:cd:c1:fb:2b:6e:8f:78:16:f4:bb:33:31:1c:bb:
2a:ff:45:7d:d3:89:d2:00:0b:5f:05:8a:7e:50:da:
79:75:7c:8b:6c:1e:5e:5f:8b:43:2e:0f:85:97:89:
2e:c0:9e:2d:1b:1c:9e:d8:f3:c8:a7:a3:ff:34:7d:
8b:0c:81:a2:3c:19:e1:e7:24:4e:6e:4f:71:0d:6b:
75:c0:8d:4b:71:14:31:68:f1:ee:46:6b:e8:67:19:
77:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3E:37:BD:2C:7A:70:66:93:B8:57:E5:19:42:E0:38:FD:60:A7:B6
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/QT43vSx6cGaTuFflGULgOP1gp7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c7:100::-2a12:c6c7:4ff:ffff:ffff:ffff:ffff:ffff
2a12:c6c7:1000::-2a12:c6c7:2fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:99:c6:cd:02:34:25:1f:de:0e:29:2b:20:a9:9f:87:56:0e:
fa:fe:a4:ab:9c:71:e5:61:35:00:94:3d:bb:4f:24:a0:fe:5a:
31:b9:94:f7:97:eb:36:c4:94:32:ba:da:74:d0:96:15:e3:40:
45:74:7c:1e:58:b9:9a:b1:d7:50:e2:c9:85:4d:cf:84:45:e9:
07:18:ac:5a:c6:20:e3:57:2c:09:13:c9:70:6a:e0:4e:71:4b:
0a:b1:30:6f:52:2f:9f:61:e9:83:35:bf:f4:cf:ea:b4:59:85:
3a:69:3a:9f:f3:2d:7f:8b:d5:73:38:e3:89:29:d7:56:6a:44:
f2:36:65:e7:47:4d:4b:8b:90:ef:b3:86:02:ae:5c:97:4e:25:
f8:22:bf:e6:49:c4:6e:7a:58:14:f3:b5:b8:a8:b4:8c:52:09:
4a:23:5e:f3:83:dc:3c:45:4f:98:96:f2:55:79:3c:f2:8f:50:
11:20:ec:b3:33:ef:5e:c8:3c:13:45:ed:a3:cd:e9:25:9a:24:
d4:94:27:b6:96:2d:8c:e5:7b:da:d2:32:b5:c5:21:1f:7c:b4:
a3:3f:17:3b:4b:55:a7:9b:ba:51:ec:25:3e:6b:de:23:f1:7d:
55:fc:80:5f:8b:d1:41:98:e3:dc:55:44:9e:2a:5b:bb:5a:8b:
5b:b0:43:f1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY1jPFtKqvrMvWDt7oLWGrSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjQwMjAxMDU1NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNlMzdiZDJjN2E3MDY2OTNiODU3ZTUxOTQyZTAzOGZkNjBhN2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0HnM3Nk3xVqvRx370x/iq7mgpf4
jsAqd0rh/44kEz0mT/+QLeFnY7PRMlwasDPx1kv4H0W63tX/Oe8qRE22kfl4CHeH
wXwgIpSWAtDlIViZPFc6/NoRg8WadcT1t7KvDZe9nooMq7p0BOVOLX/vOkprQ3Xs
ZmbPGf8Qds8vESHBLhIoV1ZIx2WL+mNu/NnRWkPQiT8QttTeASKWo42LUkIwzrq+
zcH7K26PeBb0uzMxHLsq/0V904nSAAtfBYp+UNp5dXyLbB5eX4tDLg+Fl4kuwJ4t
Gxye2PPIp6P/NH2LDIGiPBnh5yRObk9xDWt1wI1LcRQxaPHuRmvoZxl3rQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEE+N70senBmk7hX5RlC4Dj9YKe2MB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvUVQ0M3ZTeDZjR2FUdUZmbEdVTGdPUDFncDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkMBADBgAqEsbH
AQMGACoSxscEMBADBgQqEsbHEAMGBCoSxscgMA0GCSqGSIb3DQEBCwUAA4IBAQB+
mcbNAjQlH94OKSsgqZ+HVg76/qSrnHHlYTUAlD27TySg/loxuZT3l+s2xJQyutp0
0JYV40BFdHweWLmasddQ4smFTc+ERekHGKxaxiDjVywJE8lwauBOcUsKsTBvUi+f
YemDNb/0z+q0WYU6aTqf8y1/i9VzOOOJKddWakTyNmXnR01Li5Dvs4YCrlyXTiX4
Ir/mScRuelgU87W4qLSMUglKI17zg9w8RU+YlvJVeTzyj1ARIOyzM+9eyDwTRe2j
zeklmiTUlCe2li2M5Xva0jK1xSEffLSjPxc7S1Wnm7pR7CU+a94j8X1V/IBfi9FB
mOPcVUSeKlu7WotbsEPx
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:59 2025 by rpki-client