Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/Q7HklnhFx1nab4feD5-Ft2A6cEk.roa
File: Q7HklnhFx1nab4feD5-Ft2A6cEk.roa (raw, json)
Hash identifier: hs5GuFLq0xkNrmL7IEzNolEqEr9s53iqQi3gNxxZMDs=
Subject key identifier: 43:B1:E4:96:78:45:C7:59:DA:6F:87:DE:0F:9F:85:B7:60:3A:70:49
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA79156A9AAF8A1D511C462A7A127E
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/Q7HklnhFx1nab4feD5-Ft2A6cEk.roa
Signing time: Mon 02 Jan 2023 13:45:01 +0000
ROA not before: Mon 02 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207252
IP address blocks: 2a0f:5707:ab90::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:79:15:6a:9a:af:8a:1d:51:1c:46:2a:7a:12:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43b1e4967845c759da6f87de0f9f85b7603a7049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9d:49:72:ec:92:7b:99:36:84:f1:f9:2b:db:
93:d1:fe:01:e0:5d:0c:d1:c5:89:7b:8d:03:fc:47:
5d:80:87:ca:f3:93:76:81:8d:6a:55:f2:96:09:94:
27:6e:46:78:3d:27:d4:5d:6f:3a:41:f8:27:c4:dd:
53:2a:dc:22:11:fb:47:1c:96:c6:53:06:c3:08:85:
0e:38:75:76:a0:9f:4a:fb:44:ca:27:cd:cc:14:1d:
2d:72:23:3f:b0:24:ec:f2:f1:7c:7a:28:3c:e1:7e:
16:28:ce:08:e8:e7:2a:a8:be:13:04:9e:c7:fd:ef:
10:82:d7:dc:c3:57:a5:47:e9:40:f4:7a:3c:2f:07:
90:35:ec:df:e5:6c:ea:bb:37:93:87:67:88:35:b2:
b4:57:cb:f8:2d:c6:88:2a:b3:f7:c9:25:b7:a4:41:
04:a9:67:88:87:2a:2b:44:af:21:a9:eb:35:a2:ec:
4d:ca:a6:a8:70:58:77:5b:15:0c:ed:20:c1:d5:31:
e0:cf:71:b7:3f:6c:7b:a4:72:31:5e:12:69:d7:de:
0d:71:09:f7:84:37:94:3b:dd:fb:72:68:eb:cc:fa:
b6:cc:d1:d6:cb:81:c9:4a:70:37:4c:44:2c:63:28:
c3:15:25:81:37:76:78:e5:5d:08:ae:88:2c:c9:42:
f0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B1:E4:96:78:45:C7:59:DA:6F:87:DE:0F:9F:85:B7:60:3A:70:49
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/Q7HklnhFx1nab4feD5-Ft2A6cEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ab90::/44
Signature Algorithm: sha256WithRSAEncryption
c0:b7:f7:63:6a:7b:0d:48:63:3e:ff:1a:bc:f2:fb:42:f9:28:
fa:83:6c:cd:b2:fb:32:45:ee:eb:bf:22:25:55:b8:8e:0e:b5:
92:a1:33:3a:b3:3b:ca:73:f7:7f:6d:3b:f8:31:30:57:df:b7:
2d:f7:ab:18:03:ec:84:ac:91:00:c3:d4:27:76:b4:de:fd:d3:
d7:f5:0f:ac:11:ba:ae:9c:a3:73:0a:cd:02:aa:be:28:4c:a8:
12:c8:bd:c9:6f:e1:8f:3d:b9:d4:b0:75:a7:40:3d:41:5e:09:
6b:68:c9:a3:f0:ed:99:42:94:fa:cd:ad:d8:0e:16:56:ab:d3:
59:7f:b2:90:43:1d:be:02:a0:c0:cd:19:fa:89:ca:c8:b8:81:
7d:74:62:db:cc:43:f8:97:a9:ca:a1:c0:3c:a2:fb:5d:7e:cf:
6d:4c:14:9c:ee:0d:73:f5:81:27:e5:48:66:d1:02:9d:94:7b:
0b:ff:86:77:0f:26:fd:44:6b:f4:b1:b1:48:21:de:16:6b:62:
77:8c:3a:e5:2b:c6:60:4e:1e:31:d3:ee:27:2f:dc:52:ec:b8:
e1:0d:c2:00:c0:80:90:7c:3b:60:ce:93:57:22:b9:ec:67:fe:
d6:0a:39:d4:48:c9:7f:a7:24:41:fb:82:4b:b3:61:52:d9:0e:
1a:88:bb:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyunkVapqvih1RHEYqehJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2IxZTQ5Njc4NDVjNzU5ZGE2Zjg3ZGUwZjlmODViNzYwM2E3MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ1JcuySe5k2hPH5K9uT0f4B4F0M
0cWJe40D/EddgIfK85N2gY1qVfKWCZQnbkZ4PSfUXW86QfgnxN1TKtwiEftHHJbG
UwbDCIUOOHV2oJ9K+0TKJ83MFB0tciM/sCTs8vF8eig84X4WKM4I6OcqqL4TBJ7H
/e8Qgtfcw1elR+lA9Ho8LweQNezf5WzquzeTh2eINbK0V8v4LcaIKrP3ySW3pEEE
qWeIhyorRK8hqes1ouxNyqaocFh3WxUM7SDB1THgz3G3P2x7pHIxXhJp194NcQn3
hDeUO937cmjrzPq2zNHWy4HJSnA3TEQsYyjDFSWBN3Z45V0IrogsyULwnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEOx5JZ4RcdZ2m+H3g+fhbdgOnBJMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvUTdIa2xuaEZ4MW5hYjRmZUQ1LUZ0MkE2Y0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6uQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDAt/djansNSGM+/xq88vtC+Sj6g2zNsvsyRe7r
vyIlVbiODrWSoTM6szvKc/d/bTv4MTBX37ct96sYA+yErJEAw9QndrTe/dPX9Q+s
EbqunKNzCs0Cqr4oTKgSyL3Jb+GPPbnUsHWnQD1BXglraMmj8O2ZQpT6za3YDhZW
q9NZf7KQQx2+AqDAzRn6icrIuIF9dGLbzEP4l6nKocA8ovtdfs9tTBSc7g1z9YEn
5Uhm0QKdlHsL/4Z3Dyb9RGv0sbFIId4Wa2J3jDrlK8ZgTh4x0+4nL9xS7LjhDcIA
wICQfDtgzpNXIrnsZ/7WCjnUSMl/pyRB+4JLs2FS2Q4aiLvg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org