Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/Q5F4_W-gknglr_d7h0O36wPGHKY.roa
File: Q5F4_W-gknglr_d7h0O36wPGHKY.roa (raw, json)
Hash identifier: qq1cSHE6AzWHBx5QPm6f9bqwN4q7NkWrbfZco/L4tPI=
Subject key identifier: 43:91:78:FD:6F:A0:92:78:25:AF:F7:7B:87:43:B7:EB:03:C6:1C:A6
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA7AE92DAB36BC0DB53883BE21B3D3
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/Q5F4_W-gknglr_d7h0O36wPGHKY.roa
Signing time: Mon 02 Jan 2023 13:45:01 +0000
ROA not before: Mon 02 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207469
IP address blocks: 2a0f:5707:ffe0::/46 maxlen: 48
2a0f:5707:fff3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:7a:e9:2d:ab:36:bc:0d:b5:38:83:be:21:b3:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=439178fd6fa0927825aff77b8743b7eb03c61ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:c2:58:e1:44:96:fc:c5:a4:06:a1:ca:3c:
79:c7:22:a5:e7:16:79:25:86:8d:ef:48:3e:4c:b3:
5a:8f:ee:5d:10:8d:0d:6d:3b:c7:00:47:90:ba:0f:
6b:62:f7:1e:5a:dd:f8:8c:5b:8c:35:0b:36:cb:7f:
99:39:32:e0:cf:9c:8c:9c:3f:7f:9a:2c:99:99:87:
d3:46:85:47:03:93:51:f3:46:63:47:a5:f2:7d:3a:
dd:df:dd:5f:0a:6e:ef:53:9d:69:60:fd:95:b7:b4:
0b:f9:7d:a0:45:d0:c4:1c:f5:5e:59:41:d2:45:38:
9f:81:12:37:f2:e0:f2:23:e0:15:90:fa:38:ce:41:
59:98:c2:a4:f5:f8:4c:80:c1:34:b6:9b:69:a1:2f:
44:0b:78:26:4b:85:3c:3b:6b:80:00:1d:54:c3:c4:
45:0a:08:aa:27:6b:a6:2d:04:c4:e8:37:01:f0:11:
25:8c:5e:d2:3e:03:88:40:81:47:d5:00:e9:b2:61:
af:44:b2:d3:0a:d8:f9:27:ac:6b:62:d7:8c:83:5f:
a4:dc:eb:21:6a:b5:6e:89:d4:a8:7b:39:59:89:41:
e2:e1:b9:0a:00:71:25:59:fe:81:85:3f:51:d8:0b:
4d:55:02:d6:e4:cb:cf:b4:50:95:2d:73:d9:6d:dd:
aa:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:91:78:FD:6F:A0:92:78:25:AF:F7:7B:87:43:B7:EB:03:C6:1C:A6
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/Q5F4_W-gknglr_d7h0O36wPGHKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ffe0::/46
2a0f:5707:fff3::/48
Signature Algorithm: sha256WithRSAEncryption
50:f7:92:51:a3:f6:05:37:50:db:c6:c4:a7:22:dc:91:19:ef:
7d:cb:51:bd:4d:c1:ad:81:82:6e:87:28:d1:f8:37:85:c4:52:
2c:a7:31:f8:20:e8:ea:e5:45:6c:17:47:f4:48:dd:a3:38:cf:
0e:58:8b:d8:7e:a8:7c:e1:1e:a3:9c:ac:cd:c6:96:cb:3d:ae:
e5:d9:b1:92:26:3a:61:97:c1:81:43:47:b9:c4:5b:a2:a4:3e:
c1:c4:65:8f:d0:18:1b:9e:d7:9b:e5:6d:8f:12:88:bb:dd:45:
93:4b:84:8e:96:38:6a:49:f1:b9:c3:a6:bd:b1:08:e8:7b:ca:
5e:04:b0:a7:d9:d0:b2:b1:e5:c8:f1:b0:e0:26:23:5f:cd:c6:
8d:3f:62:2d:be:1f:3f:f6:f9:a4:c9:af:bb:a3:d8:52:80:c6:
b6:b1:85:f5:27:13:ce:4f:e9:59:89:6b:dd:98:42:ff:be:7e:
bb:5a:90:89:14:ec:d0:8b:e8:38:66:58:d0:1a:80:64:d8:cd:
0c:6a:4b:5e:51:85:bb:02:55:b8:52:3b:45:d4:8d:15:fe:36:
76:e8:b3:3c:98:30:71:db:4d:01:7b:e9:d0:2e:a3:2c:f3:c1:
d0:45:86:53:18:b2:63:1a:cd:64:1c:7d:9a:13:b9:6a:c1:5c:
4b:b7:a0:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyunrpLas2vA21OIO+IbPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzkxNzhmZDZmYTA5Mjc4MjVhZmY3N2I4NzQzYjdlYjAzYzYxY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxXCWOFElvzFpAahyjx5xyKl5xZ5
JYaN70g+TLNaj+5dEI0NbTvHAEeQug9rYvceWt34jFuMNQs2y3+ZOTLgz5yMnD9/
miyZmYfTRoVHA5NR80ZjR6XyfTrd391fCm7vU51pYP2Vt7QL+X2gRdDEHPVeWUHS
RTifgRI38uDyI+AVkPo4zkFZmMKk9fhMgME0tptpoS9EC3gmS4U8O2uAAB1Uw8RF
CgiqJ2umLQTE6DcB8BEljF7SPgOIQIFH1QDpsmGvRLLTCtj5J6xrYteMg1+k3Osh
arVuidSoezlZiUHi4bkKAHElWf6BhT9R2AtNVQLW5MvPtFCVLXPZbd2q0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEOReP1voJJ4Ja/3e4dDt+sDxhymMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvUTVGNF9XLWdrbmdscl9kN2gwTzM2d1BHSEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKg9XB//g
AwcAKg9XB//zMA0GCSqGSIb3DQEBCwUAA4IBAQBQ95JRo/YFN1DbxsSnItyRGe99
y1G9TcGtgYJuhyjR+DeFxFIspzH4IOjq5UVsF0f0SN2jOM8OWIvYfqh84R6jnKzN
xpbLPa7l2bGSJjphl8GBQ0e5xFuipD7BxGWP0Bgbnteb5W2PEoi73UWTS4SOljhq
SfG5w6a9sQjoe8peBLCn2dCyseXI8bDgJiNfzcaNP2Itvh8/9vmkya+7o9hSgMa2
sYX1JxPOT+lZiWvdmEL/vn67WpCJFOzQi+g4ZljQGoBk2M0MakteUYW7AlW4UjtF
1I0V/jZ26LM8mDBx200Be+nQLqMs88HQRYZTGLJjGs1kHH2aE7lqwVxLt6Ck
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org