Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/1-QJ5YygI1TFbswdAS1W4yMrqfsk.roa
File: 1-QJ5YygI1TFbswdAS1W4yMrqfsk.roa (raw, json)
Hash identifier: DvoApmqArxVMR20FYfDG/6Zeqe4KLhGL7FWNqpqAbwQ=
Subject key identifier: F9:02:79:63:28:08:D5:31:5B:B3:07:40:4B:55:B8:C8:CA:EA:7E:C9
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018D464F031484919366056540411F9FA7C0
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/1-QJ5YygI1TFbswdAS1W4yMrqfsk.roa
Signing time: Fri 26 Jan 2024 15:06:39 +0000
ROA not before: Fri 26 Jan 2024 15:06:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 2a00:48a0::/29 maxlen: 29
2a09:7700::/29 maxlen: 29
2a0a:dd80::/29 maxlen: 29
2a0c:8140::/29 maxlen: 29
2a0c:fa80::/29 maxlen: 29
2a0d:5e40::/29 maxlen: 29
2a0e:83c0::/29 maxlen: 29
2a10:51c0::/29 maxlen: 29
2a10:7880::/29 maxlen: 29
2a11:d800::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 27 Feb 2024 11:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:46:4f:03:14:84:91:93:66:05:65:40:41:1f:9f:a7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 26 15:06:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f90279632808d5315bb307404b55b8c8caea7ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9e:22:de:a5:df:59:da:2c:9f:f4:25:b8:02:
0f:24:16:35:21:4c:43:b7:22:f5:2f:90:af:d8:a4:
c4:44:2b:bb:1e:16:ad:de:21:d7:fd:ae:d3:e9:9e:
e6:fa:88:76:cd:d6:35:8e:bf:76:40:4d:cd:2c:a9:
88:a0:a4:d0:6b:50:bf:71:2d:77:82:28:c7:ba:23:
70:7e:49:38:72:a4:73:a0:72:59:d9:91:24:01:a3:
77:87:a0:5c:18:e3:30:55:96:4c:4b:41:74:2e:61:
4d:93:96:20:20:6a:5c:9b:f4:93:d2:de:35:00:aa:
08:cc:9e:bf:1a:11:b1:eb:2a:8c:07:ff:d5:70:03:
b2:f6:6c:f2:56:15:40:43:62:80:05:49:21:b8:f8:
d3:65:3e:53:5b:6a:14:38:a5:ca:84:7e:6e:a2:7a:
87:73:60:c5:f2:f1:0d:53:cc:8c:d3:7b:46:3d:26:
f9:b3:86:e8:d6:03:b2:fc:44:83:ec:57:4e:49:e9:
95:cc:4b:57:e3:22:63:bc:02:24:67:73:d0:fd:04:
c2:bf:55:89:22:5f:c9:5a:e8:6f:b7:32:2f:1a:2e:
8e:cb:c2:fe:cf:b8:43:68:dc:a5:ad:da:17:06:d8:
a2:e4:04:53:a0:de:39:6c:85:8d:1c:dc:b3:ee:44:
c8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:02:79:63:28:08:D5:31:5B:B3:07:40:4B:55:B8:C8:CA:EA:7E:C9
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/1-QJ5YygI1TFbswdAS1W4yMrqfsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:48a0::/29
2a09:7700::/29
2a0a:dd80::/29
2a0c:8140::/29
2a0c:fa80::/29
2a0d:5e40::/29
2a0e:83c0::/29
2a10:51c0::/29
2a10:7880::/29
2a11:d800::/29
Signature Algorithm: sha256WithRSAEncryption
4c:a2:0e:44:3a:71:43:aa:3c:b4:27:44:7c:ba:bf:4d:05:45:
8e:b9:be:d9:2c:80:45:3c:07:91:c0:1b:2d:06:04:83:d0:32:
88:46:ca:dc:60:50:3b:f8:a3:b2:cc:f9:84:83:84:a4:10:61:
a7:90:cc:b6:24:69:37:43:bd:2a:04:c6:d6:c1:2a:5d:dc:b8:
ce:3a:d3:48:d9:ef:40:9d:c9:08:39:7a:fa:38:07:30:67:b5:
b7:16:9a:fc:1b:aa:a5:2c:ca:9c:68:16:4d:25:67:65:11:42:
85:41:c8:b9:c4:92:23:c0:38:f2:13:a6:f9:b4:42:c9:bd:cf:
84:e3:4a:98:da:52:1c:0d:63:7d:97:f4:82:7f:11:f4:00:a6:
02:6e:a2:6f:8f:b6:f6:65:81:96:49:c2:2a:81:e7:4e:c7:d6:
b8:bf:07:84:b4:4e:95:8d:9a:e7:0c:47:64:27:70:8f:0c:89:
65:e6:32:9f:0a:f3:e4:21:fd:13:e4:c4:95:c6:89:4a:f7:ba:
5a:0c:87:57:43:58:31:87:70:83:d2:dd:41:17:48:e0:4d:3c:
e8:b7:37:b1:7e:83:9a:05:fd:c4:57:57:da:56:82:7f:ff:36:
53:0e:eb:b3:98:c3:63:87:27:08:f5:b3:05:3a:3a:64:5c:ce:
19:e2:78:4b
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY1GTwMUhJGTZgVlQEEfn6fAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTI2MTUwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTAyNzk2MzI4MDhkNTMxNWJiMzA3NDA0YjU1YjhjOGNhZWE3ZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ4i3qXfWdosn/QluAIPJBY1IUxD
tyL1L5Cv2KTERCu7Hhat3iHX/a7T6Z7m+oh2zdY1jr92QE3NLKmIoKTQa1C/cS13
gijHuiNwfkk4cqRzoHJZ2ZEkAaN3h6BcGOMwVZZMS0F0LmFNk5YgIGpcm/ST0t41
AKoIzJ6/GhGx6yqMB//VcAOy9mzyVhVAQ2KABUkhuPjTZT5TW2oUOKXKhH5uonqH
c2DF8vENU8yM03tGPSb5s4bo1gOy/ESD7FdOSemVzEtX4yJjvAIkZ3PQ/QTCv1WJ
Il/JWuhvtzIvGi6Oy8L+z7hDaNylrdoXBtii5ARToN45bIWNHNyz7kTIdwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPkCeWMoCNUxW7MHQEtVuMjK6n7JMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMS1RSjVZeWdJMVRGYnN3ZEFTMVc0eU1ycWZzay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvNzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRk
Zi8xL1l2MjJkbFRmWVlUbjFneEJVT3FWTThMUGx3US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQME4wTAQCAAIwRgMFAyoASKAD
BQMqCXcAAwUDKgrdgAMFAyoMgUADBQMqDPqAAwUDKg1eQAMFAyoOg8ADBQMqEFHA
AwUDKhB4gAMFAyoR2AAwDQYJKoZIhvcNAQELBQADggEBAEyiDkQ6cUOqPLQnRHy6
v00FRY65vtksgEU8B5HAGy0GBIPQMohGytxgUDv4o7LM+YSDhKQQYaeQzLYkaTdD
vSoExtbBKl3cuM4600jZ70CdyQg5evo4BzBntbcWmvwbqqUsypxoFk0lZ2URQoVB
yLnEkiPAOPITpvm0Qsm9z4TjSpjaUhwNY32X9IJ/EfQApgJuom+PtvZlgZZJwiqB
507H1ri/B4S0TpWNmucMR2QncI8MiWXmMp8K8+Qh/RPkxJXGiUr3uloMh1dDWDGH
cIPS3UEXSOBNPOi3N7F+g5oF/cRXV9pWgn//NlMO67OYw2OHJwj1swU6OmRczhni
eEs=
-----END CERTIFICATE-----
Generated at Tue Feb 27 15:32:19 2024 by rpki-client on console-fra.rpki-client.org