Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/QYTX0-5p--iieeoxcP_k5aijLKU.roa
File: QYTX0-5p--iieeoxcP_k5aijLKU.roa (raw, json)
Hash identifier: pmVVTTK6cjmjHYM7tV2Vjn3KEOw/GH6DisZGHGPkNUw=
Subject key identifier: 41:84:D7:D3:EE:69:FB:E8:A2:79:EA:31:70:FF:E4:E5:A8:A3:2C:A5
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018CA2F3D6C915635479B6FB13C6134588EE
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/QYTX0-5p--iieeoxcP_k5aijLKU.roa
Signing time: Mon 25 Dec 2023 21:48:58 +0000
ROA not before: Mon 25 Dec 2023 21:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a0f:5707:ba0f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a2:f3:d6:c9:15:63:54:79:b6:fb:13:c6:13:45:88:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Dec 25 21:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4184d7d3ee69fbe8a279ea3170ffe4e5a8a32ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f5:c6:66:13:03:d1:70:2b:64:22:8c:20:28:
ad:c6:57:9f:8b:a2:99:ef:21:0c:6e:d5:7f:42:6a:
bb:a8:f4:a9:2d:0f:e3:9b:e7:13:48:ed:23:04:99:
fa:5c:a5:e9:69:b4:ee:34:3a:81:88:35:5f:fa:cd:
a2:41:83:2a:c5:27:c9:5b:c8:2d:08:0c:a8:61:84:
ed:e3:1a:e8:d0:7a:12:16:6a:b3:64:7f:e1:88:ad:
77:fd:ea:dd:67:56:b5:66:cc:0f:98:b8:28:c6:59:
b8:f6:1b:65:8e:41:dc:84:97:fb:7e:a5:88:2e:3a:
26:10:2f:19:55:7d:78:8d:85:c7:28:23:69:e8:15:
27:09:30:9c:75:9d:fe:c7:4b:07:e7:d3:ff:50:99:
9e:f5:3a:f2:db:6f:19:65:34:be:86:da:4b:3a:7e:
2c:3e:cc:bc:a3:b2:91:47:49:f4:91:75:1b:6a:08:
3d:2e:31:e7:01:7f:08:0c:6e:51:83:6d:94:e8:4a:
10:c0:2b:55:b2:7e:0e:ba:0e:12:e4:cc:a5:66:93:
6b:8d:b0:f8:1d:92:43:3b:5e:95:8a:69:27:18:e1:
65:bd:23:8f:2a:8c:18:17:47:8d:f3:a2:4a:b9:6e:
62:6b:da:2a:25:9c:97:05:71:fe:b0:21:c2:d3:2e:
af:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:84:D7:D3:EE:69:FB:E8:A2:79:EA:31:70:FF:E4:E5:A8:A3:2C:A5
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/QYTX0-5p--iieeoxcP_k5aijLKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ba0f::/48
Signature Algorithm: sha256WithRSAEncryption
78:2a:fb:73:6f:29:80:40:2b:5a:c0:6b:be:48:b3:92:1d:d5:
9e:78:3a:ad:fd:cf:5a:9e:62:dc:c7:7c:1e:44:36:5a:32:3a:
2c:73:ce:6d:51:19:75:0c:c0:96:1c:44:31:dc:8e:28:d6:ee:
e6:6e:13:74:d1:06:92:49:0e:ce:bd:6e:73:47:f6:6a:3d:29:
c1:32:04:86:ce:21:ef:f4:da:e6:55:b1:72:3e:0c:bc:73:5d:
75:e1:b9:a1:a3:ec:37:be:79:16:77:1c:12:81:ef:f9:86:4c:
f1:da:9d:a4:b0:a1:97:d8:36:68:6b:ce:35:bf:02:35:b6:f8:
68:bc:b1:21:64:2e:c9:9c:d4:e8:f5:b1:97:bb:6b:68:ce:25:
12:60:7f:fd:c9:29:40:62:fd:82:c0:32:3e:e9:2f:10:91:e0:
e2:e5:33:56:3d:87:c5:22:41:63:8f:6e:81:da:10:22:7d:b8:
d1:53:28:bf:08:c9:f1:fc:c3:a8:b2:e7:d7:0a:81:c8:1b:77:
d6:2f:30:fa:68:eb:2a:3e:e0:fe:6b:b1:34:28:73:11:00:93:
3b:3d:0d:48:b9:5c:37:a7:a4:16:85:5a:c3:bc:0a:9f:c3:c0:
f9:fd:45:cf:e8:c5:29:6d:6d:51:6f:2d:e2:03:48:9a:87:78:
0a:30:e3:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYyi89bJFWNUebb7E8YTRYjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMxMjI1MjE0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTg0ZDdkM2VlNjlmYmU4YTI3OWVhMzE3MGZmZTRlNWE4YTMyY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/XGZhMD0XArZCKMICitxlefi6KZ
7yEMbtV/Qmq7qPSpLQ/jm+cTSO0jBJn6XKXpabTuNDqBiDVf+s2iQYMqxSfJW8gt
CAyoYYTt4xro0HoSFmqzZH/hiK13/erdZ1a1ZswPmLgoxlm49htljkHchJf7fqWI
LjomEC8ZVX14jYXHKCNp6BUnCTCcdZ3+x0sH59P/UJme9Try228ZZTS+htpLOn4s
Psy8o7KRR0n0kXUbagg9LjHnAX8IDG5Rg22U6EoQwCtVsn4Oug4S5MylZpNrjbD4
HZJDO16VimknGOFlvSOPKowYF0eN86JKuW5ia9oqJZyXBXH+sCHC0y6vPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEGE19PuafvoonnqMXD/5OWooyylMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvUVlUWDAtNXAtLWlpZWVveGNQX2s1YWlqTEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9XB7oP
MA0GCSqGSIb3DQEBCwUAA4IBAQB4KvtzbymAQCtawGu+SLOSHdWeeDqt/c9anmLc
x3weRDZaMjosc85tURl1DMCWHEQx3I4o1u7mbhN00QaSSQ7OvW5zR/ZqPSnBMgSG
ziHv9NrmVbFyPgy8c1114bmho+w3vnkWdxwSge/5hkzx2p2ksKGX2DZoa841vwI1
tvhovLEhZC7JnNTo9bGXu2toziUSYH/9ySlAYv2CwDI+6S8QkeDi5TNWPYfFIkFj
j26B2hAifbjRUyi/CMnx/MOosufXCoHIG3fWLzD6aOsqPuD+a7E0KHMRAJM7PQ1I
uVw3p6QWhVrDvAqfw8D5/UXP6MUpbW1Rby3iA0iah3gKMOOL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org