Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a3d9a6-34b7-4f38-a9a5-8bfacae464f9/1/QoxVkvhvErdR-jgz1UtTFBefc6c.roa
File: QoxVkvhvErdR-jgz1UtTFBefc6c.roa (raw, json)
Hash identifier: ctM8+wE20PWq0rvHLW4SHoObRMdY+boY4PatNEGBVaE=
Subject key identifier: 42:8C:55:92:F8:6F:12:B7:51:FA:38:33:D5:4B:53:14:17:9F:73:A7
Certificate issuer: /CN=8307a5224ae6d9a92e47e656dd801b10ffb9072b
Certificate serial: 01928B865EB7E5B384E7D863870C33D77A12
Authority key identifier: 83:07:A5:22:4A:E6:D9:A9:2E:47:E6:56:DD:80:1B:10:FF:B9:07:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gwelIkrm2akuR-ZW3YAbEP-5Bys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a3d9a6-34b7-4f38-a9a5-8bfacae464f9/1/QoxVkvhvErdR-jgz1UtTFBefc6c.roa
Signing time: Mon 14 Oct 2024 14:54:51 +0000
ROA not before: Mon 14 Oct 2024 14:54:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203684
IP address blocks: 2001:3040::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Nov 2024 09:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:86:5e:b7:e5:b3:84:e7:d8:63:87:0c:33:d7:7a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8307a5224ae6d9a92e47e656dd801b10ffb9072b
Validity
Not Before: Oct 14 14:54:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=428c5592f86f12b751fa3833d54b5314179f73a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:19:d8:94:21:e4:94:73:35:39:df:06:80:40:
cb:8a:83:1b:55:4f:f6:bf:51:8e:c0:c8:1f:76:82:
16:55:69:7a:2a:6f:53:62:b1:aa:bc:2e:c4:6d:0f:
97:92:d3:d5:04:6d:a5:57:99:99:5c:c2:fd:6d:04:
7c:e9:16:ff:a2:b6:81:92:40:ee:58:d6:1a:cc:17:
c5:77:70:8f:fc:fe:37:60:8e:20:b3:a7:2a:5d:cd:
5d:8a:07:11:cd:4a:ef:fb:48:f6:e0:ff:96:07:89:
e7:20:3a:28:c6:cc:7b:ad:5d:4a:73:b4:8c:57:80:
71:97:30:06:c7:47:13:75:1d:0c:65:33:16:d4:a6:
b8:37:a6:7f:85:36:a9:f3:db:39:cd:aa:08:73:68:
40:c3:fe:6a:35:83:c8:53:05:a2:44:a0:fb:8f:1a:
9a:7b:04:50:77:2c:ad:d6:4c:08:7f:d9:12:d3:8c:
d7:2c:6c:c0:cb:c4:c4:6f:e3:43:10:21:3e:3f:df:
48:de:56:2e:49:88:a5:2f:0e:21:a6:87:76:3b:20:
1d:df:34:d4:58:74:4b:9e:9a:d0:a8:c5:f4:37:8b:
f7:b3:aa:ed:97:90:50:c6:7b:88:f0:e4:38:4f:f2:
be:00:c8:1e:6b:46:f3:b5:b6:0c:10:19:56:d7:1a:
37:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8C:55:92:F8:6F:12:B7:51:FA:38:33:D5:4B:53:14:17:9F:73:A7
X509v3 Authority Key Identifier:
keyid:83:07:A5:22:4A:E6:D9:A9:2E:47:E6:56:DD:80:1B:10:FF:B9:07:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwelIkrm2akuR-ZW3YAbEP-5Bys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a3d9a6-34b7-4f38-a9a5-8bfacae464f9/1/QoxVkvhvErdR-jgz1UtTFBefc6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a3d9a6-34b7-4f38-a9a5-8bfacae464f9/1/gwelIkrm2akuR-ZW3YAbEP-5Bys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3040::/48
Signature Algorithm: sha256WithRSAEncryption
45:c4:38:6c:29:9a:f2:ac:4d:ca:26:20:ef:de:02:12:5c:bf:
43:70:85:d7:92:d8:01:c9:02:ea:74:e1:5a:73:38:ce:a3:b8:
29:2f:24:c1:f6:b5:0e:8f:5b:f7:b9:0c:ba:bc:11:fd:5b:f0:
ee:5b:be:79:ed:20:e4:26:af:df:dd:35:62:c5:bc:60:8e:de:
99:f5:c5:90:79:1f:7f:24:72:a0:bd:ed:a4:65:ab:12:2e:70:
e4:5d:68:21:3a:98:d7:0c:76:ff:72:73:2b:4d:d2:ac:db:ab:
ae:24:ea:1e:b8:60:a8:61:55:34:39:75:73:d8:2a:53:6a:86:
ec:9a:4b:74:a5:4a:49:c3:4c:24:16:9a:58:65:ba:9c:62:3f:
f9:49:91:b9:a3:98:f2:fd:f8:4e:91:ab:ee:e1:b2:c7:bf:9c:
e9:fc:ad:97:ff:8d:03:3f:17:66:66:fa:56:2c:60:16:2b:96:
e3:a8:ec:c2:20:56:ca:6c:e8:d4:80:04:99:2f:79:c4:f2:da:
98:5a:2a:b8:52:62:ad:e8:07:df:48:d3:03:bf:8a:16:46:7c:
64:53:68:76:f4:fc:00:5a:52:b7:1f:ad:b7:de:00:dd:6c:b0:
2f:8c:ce:c2:6a:75:b9:54:d6:77:29:22:45:11:cb:48:9b:80:
8f:82:aa:b6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZKLhl635bOE59hjhwwz13oSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDdhNTIyNGFlNmQ5YTkyZTQ3ZTY1NmRkODAxYjEwZmZi
OTA3MmIwHhcNMjQxMDE0MTQ1NDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjhjNTU5MmY4NmYxMmI3NTFmYTM4MzNkNTRiNTMxNDE3OWY3M2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihnYlCHklHM1Od8GgEDLioMbVU/2
v1GOwMgfdoIWVWl6Km9TYrGqvC7EbQ+XktPVBG2lV5mZXML9bQR86Rb/oraBkkDu
WNYazBfFd3CP/P43YI4gs6cqXc1digcRzUrv+0j24P+WB4nnIDooxsx7rV1Kc7SM
V4BxlzAGx0cTdR0MZTMW1Ka4N6Z/hTap89s5zaoIc2hAw/5qNYPIUwWiRKD7jxqa
ewRQdyyt1kwIf9kS04zXLGzAy8TEb+NDECE+P99I3lYuSYilLw4hpod2OyAd3zTU
WHRLnprQqMX0N4v3s6rtl5BQxnuI8OQ4T/K+AMgea0bztbYMEBlW1xo3JwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEKMVZL4bxK3Ufo4M9VLUxQXn3OnMB8GA1UdIwQY
MBaAFIMHpSJK5tmpLkfmVt2AGxD/uQcrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dlbElrcm0yYWt1Ui1aVzNZQWJFUC01QnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hM2Q5YTYtMzRiNy00ZjM4LWE5YTUt
OGJmYWNhZTQ2NGY5LzEvUW94Vmt2aHZFcmRSLWpnejFVdFRGQmVmYzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hM2Q5YTYtMzRiNy00ZjM4LWE5YTUtOGJmYWNhZTQ2NGY5
LzEvZ3dlbElrcm0yYWt1Ui1aVzNZQWJFUC01QnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEwQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBFxDhsKZryrE3KJiDv3gISXL9DcIXXktgByQLq
dOFaczjOo7gpLyTB9rUOj1v3uQy6vBH9W/DuW7557SDkJq/f3TVixbxgjt6Z9cWQ
eR9/JHKgve2kZasSLnDkXWghOpjXDHb/cnMrTdKs26uuJOoeuGCoYVU0OXVz2CpT
aobsmkt0pUpJw0wkFppYZbqcYj/5SZG5o5jy/fhOkavu4bLHv5zp/K2X/40DPxdm
ZvpWLGAWK5bjqOzCIFbKbOjUgASZL3nE8tqYWiq4UmKt6AffSNMDv4oWRnxkU2h2
9PwAWlK3H6233gDdbLAvjM7CanW5VNZ3KSJFEctIm4CPgqq2
-----END CERTIFICATE-----
Generated at Mon Nov 4 14:07:44 2024 by rpki-client on console-ams.rpki-client.org