Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/QOEAfbx7T79AsPCLQj7XCUW8jTk.roa
File: QOEAfbx7T79AsPCLQj7XCUW8jTk.roa (raw, json)
Hash identifier: BoMlcGGSdW9/WvY2YFHzRJm49RMilYw0gSJvrKSXmos=
Subject key identifier: 40:E1:00:7D:BC:7B:4F:BF:40:B0:F0:8B:42:3E:D7:09:45:BC:8D:39
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA740934A5A1EEA76DEE42E1E95DD6
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/QOEAfbx7T79AsPCLQj7XCUW8jTk.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204994
IP address blocks: 2a0f:5707:9000::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:74:09:34:a5:a1:ee:a7:6d:ee:42:e1:e9:5d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e1007dbc7b4fbf40b0f08b423ed70945bc8d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fc:b9:51:5d:b7:96:68:0d:59:70:19:43:25:
06:bc:c3:4e:56:55:09:ff:6e:81:95:8d:69:cd:a1:
bc:7d:31:37:5c:3f:c0:1d:2f:d7:53:fe:9b:da:60:
40:b8:c7:a6:ad:77:74:25:5b:05:87:ab:7b:1e:a8:
d6:50:c1:1c:72:5c:09:18:da:58:a8:42:b5:49:ec:
b1:f3:e5:89:31:b3:0e:b5:7d:09:47:2e:8e:ed:43:
28:35:9d:93:95:0e:d4:5d:68:17:f5:2a:9d:bc:67:
46:bb:24:94:4d:61:af:81:cf:a3:8c:94:11:37:87:
25:91:d6:bd:c9:f2:68:4d:22:78:17:ab:ef:a9:d8:
13:c8:20:f2:39:53:88:0b:9e:c2:d1:50:8b:fc:fb:
bc:67:7c:a9:84:a7:45:1c:d6:f9:ec:98:f5:0b:93:
d7:4e:60:0a:6b:f9:fa:d5:30:a1:94:bf:f6:a7:de:
df:71:b5:0d:b0:d4:ba:75:0c:26:7a:7a:be:55:ea:
b0:c5:54:ac:01:01:56:6a:62:1c:7e:64:52:81:9a:
af:bc:f5:c2:16:d9:dc:ef:73:c0:bc:38:e4:ae:57:
a1:ee:db:56:f1:36:aa:1b:79:2f:1c:a3:77:87:d1:
03:cf:de:f8:8d:3c:8e:40:af:98:0b:83:a3:b4:3f:
a8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E1:00:7D:BC:7B:4F:BF:40:B0:F0:8B:42:3E:D7:09:45:BC:8D:39
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/QOEAfbx7T79AsPCLQj7XCUW8jTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:9000::/44
Signature Algorithm: sha256WithRSAEncryption
26:30:f4:ca:98:1b:39:6b:d2:ea:f4:66:06:a7:0b:78:b8:46:
54:56:d8:d3:93:1d:06:06:cd:f8:92:c3:41:f0:32:7e:47:58:
36:09:77:24:5e:a1:b7:60:85:22:f5:a2:f6:7d:a7:27:02:90:
6a:0e:ff:28:8e:31:e8:2b:05:c9:77:49:d4:10:62:7e:b0:a1:
45:6f:72:61:f5:0a:db:f7:ba:01:97:75:c4:0c:f4:4e:91:17:
2b:46:8d:c1:64:17:94:54:92:36:36:9c:b4:65:a1:31:7e:39:
a8:a3:23:a7:75:65:e3:b3:56:f8:69:fa:24:63:87:1c:82:6d:
73:62:c9:b9:2f:13:0a:4a:81:e4:dc:a7:bb:79:fb:47:a6:07:
ce:fe:0f:4b:81:80:90:28:1a:a0:3e:f4:89:bc:a5:ff:3d:9e:
53:5b:de:8b:16:7f:da:0d:8e:59:5f:fc:1e:f3:48:d5:6f:a3:
09:13:0c:24:65:2e:88:b7:7b:e7:c5:87:17:ae:2d:68:fa:4a:
9d:73:9d:8e:2e:e5:81:52:f7:3a:d9:08:ec:16:fd:7b:9a:a3:
eb:bb:1c:01:46:a0:97:e1:df:e0:50:2d:31:fc:76:7d:36:e8:
5d:6f:b3:4b:17:61:8e:ff:f0:c0:97:51:e7:3d:32:02:9e:7c:
6a:86:8d:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyunQJNKWh7qdt7kLh6V3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUxMDA3ZGJjN2I0ZmJmNDBiMGYwOGI0MjNlZDcwOTQ1YmM4ZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPy5UV23lmgNWXAZQyUGvMNOVlUJ
/26BlY1pzaG8fTE3XD/AHS/XU/6b2mBAuMemrXd0JVsFh6t7HqjWUMEcclwJGNpY
qEK1Seyx8+WJMbMOtX0JRy6O7UMoNZ2TlQ7UXWgX9SqdvGdGuySUTWGvgc+jjJQR
N4clkda9yfJoTSJ4F6vvqdgTyCDyOVOIC57C0VCL/Pu8Z3yphKdFHNb57Jj1C5PX
TmAKa/n61TChlL/2p97fcbUNsNS6dQwmenq+VeqwxVSsAQFWamIcfmRSgZqvvPXC
Ftnc73PAvDjkrleh7ttW8TaqG3kvHKN3h9EDz974jTyOQK+YC4OjtD+o3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEDhAH28e0+/QLDwi0I+1wlFvI05MB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvUU9FQWZieDdUNzlBc1BDTFFqN1hDVVc4alRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB5AA
MA0GCSqGSIb3DQEBCwUAA4IBAQAmMPTKmBs5a9Lq9GYGpwt4uEZUVtjTkx0GBs34
ksNB8DJ+R1g2CXckXqG3YIUi9aL2facnApBqDv8ojjHoKwXJd0nUEGJ+sKFFb3Jh
9Qrb97oBl3XEDPROkRcrRo3BZBeUVJI2Npy0ZaExfjmooyOndWXjs1b4afokY4cc
gm1zYsm5LxMKSoHk3Ke7eftHpgfO/g9LgYCQKBqgPvSJvKX/PZ5TW96LFn/aDY5Z
X/we80jVb6MJEwwkZS6It3vnxYcXri1o+kqdc52OLuWBUvc62QjsFv17mqPruxwB
RqCX4d/gUC0x/HZ9Nuhdb7NLF2GO//DAl1HnPTICnnxqho03
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org