Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QNWBttxcX9qUqNwCB8z510Cfegk.roa
File: QNWBttxcX9qUqNwCB8z510Cfegk.roa (raw, json)
Hash identifier: Bg7/Adzu1NFz7xNMsXRlV3BtcZYUTf7e6VHQi6CfkIQ=
Subject key identifier: 40:D5:81:B6:DC:5C:5F:DA:94:A8:DC:02:07:CC:F9:D7:40:9F:7A:09
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0190A803B8670CB930AD43482FB4581B32E8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QNWBttxcX9qUqNwCB8z510Cfegk.roa
Signing time: Fri 12 Jul 2024 17:35:34 +0000
ROA not before: Fri 12 Jul 2024 17:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12076
IP address blocks: 2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Aug 2024 08:39:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a8:03:b8:67:0c:b9:30:ad:43:48:2f:b4:58:1b:32:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 12 17:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40d581b6dc5c5fda94a8dc0207ccf9d7409f7a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9f:1f:2a:2e:3a:a9:31:85:41:c8:c5:04:13:
5f:38:d8:b3:f1:b2:1b:93:02:f4:e6:b2:56:3c:9f:
54:d0:8c:71:de:bd:59:81:6a:61:f8:27:db:f1:fa:
ea:61:b8:95:30:5b:9d:57:1b:6a:f5:4a:33:f8:f2:
89:2d:c5:93:1d:0a:16:ab:8a:bc:12:81:19:5a:f5:
eb:6b:ee:88:84:91:92:34:99:63:89:31:01:db:61:
78:8a:bb:d6:4b:ed:ff:ba:c8:92:9a:8d:83:3d:dc:
3b:26:0f:ad:31:80:0b:71:83:27:8a:d8:c2:21:a4:
ae:e5:b8:dc:d0:1d:67:62:31:70:5a:c1:f7:98:30:
e5:fb:8f:f8:37:99:d5:f9:8d:99:91:a5:e9:f3:a5:
80:f1:d8:c4:a4:b0:41:d9:25:7e:37:b7:ab:da:eb:
6b:85:6a:a3:aa:e6:b5:76:f8:20:db:fe:84:cf:67:
bd:70:28:cb:a8:65:bc:f7:e0:09:22:ca:e2:cd:5a:
9d:e1:ce:bc:b7:36:8d:02:06:90:94:33:e6:5e:52:
84:54:89:09:51:f9:fa:55:50:75:b0:69:67:ef:70:
d6:cf:39:c0:8f:06:a0:ad:4f:62:32:f6:3c:7f:c0:
2f:b2:de:dd:3d:34:5a:f6:0f:57:d8:a7:e7:32:f1:
c3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D5:81:B6:DC:5C:5F:DA:94:A8:DC:02:07:CC:F9:D7:40:9F:7A:09
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QNWBttxcX9qUqNwCB8z510Cfegk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
a6:90:6d:35:6d:db:77:1b:b4:6f:35:fd:d1:e4:60:2a:9f:3a:
07:b7:c2:86:c9:1c:7a:13:29:5e:c3:73:24:82:c8:a1:d6:b6:
4e:5f:21:a2:f9:d7:1a:7d:cc:ac:6c:e9:23:05:79:41:41:a6:
79:0d:01:a3:e4:ea:56:3c:a1:ae:39:14:c4:e0:9e:5f:89:c6:
be:f9:33:58:7d:1d:73:e1:e9:53:1a:ee:dd:da:bf:6a:85:3f:
f0:75:9e:91:bb:8e:95:1b:2e:ae:90:8a:40:e6:6f:3a:1c:21:
a3:e8:b6:30:21:75:45:e3:63:71:e5:26:37:27:5d:81:01:b3:
e8:63:5a:94:40:9d:44:31:fa:92:2e:37:1f:95:da:e2:0d:b5:
2d:07:8b:57:99:75:00:32:62:9b:42:f0:18:d6:19:c4:5d:46:
1b:60:bf:46:33:6e:cd:cf:98:b6:6c:72:f0:54:5e:42:d5:b2:
4b:5f:de:fd:7f:0d:06:bd:27:ab:54:23:52:f4:05:ba:33:89:
5b:56:ef:c8:93:86:04:1a:58:c3:5a:38:67:61:99:a2:68:39:
15:f2:4f:b9:c3:f2:9f:53:5b:40:f9:e1:69:b0:6b:83:62:2e:
61:46:c9:e4:fb:08:2c:39:82:4c:51:87:db:d8:66:c1:3c:00:
d0:49:7c:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZCoA7hnDLkwrUNIL7RYGzLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzEyMTczNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ1ODFiNmRjNWM1ZmRhOTRhOGRjMDIwN2NjZjlkNzQwOWY3YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp8fKi46qTGFQcjFBBNfONiz8bIb
kwL05rJWPJ9U0Ixx3r1ZgWph+Cfb8frqYbiVMFudVxtq9Uoz+PKJLcWTHQoWq4q8
EoEZWvXra+6IhJGSNJljiTEB22F4irvWS+3/usiSmo2DPdw7Jg+tMYALcYMnitjC
IaSu5bjc0B1nYjFwWsH3mDDl+4/4N5nV+Y2ZkaXp86WA8djEpLBB2SV+N7er2utr
hWqjqua1dvgg2/6Ez2e9cCjLqGW89+AJIsrizVqd4c68tzaNAgaQlDPmXlKEVIkJ
Ufn6VVB1sGln73DWzznAjwagrU9iMvY8f8Avst7dPTRa9g9X2KfnMvHDQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEDVgbbcXF/alKjcAgfM+ddAn3oJMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUU5XQnR0eGNYOXFVcU53Q0I4ejUxMENmZWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/nxhAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCmkG01bdt3G7RvNf3R5GAqnzoHt8KGyRx6Eyle
w3Mkgsih1rZOXyGi+dcafcysbOkjBXlBQaZ5DQGj5OpWPKGuORTE4J5fica++TNY
fR1z4elTGu7d2r9qhT/wdZ6Ru46VGy6ukIpA5m86HCGj6LYwIXVF42Nx5SY3J12B
AbPoY1qUQJ1EMfqSLjcfldriDbUtB4tXmXUAMmKbQvAY1hnEXUYbYL9GM27Nz5i2
bHLwVF5C1bJLX979fw0GvSerVCNS9AW6M4lbVu/Ik4YEGljDWjhnYZmiaDkV8k+5
w/KfU1tA+eFpsGuDYi5hRsnk+wgsOYJMUYfb2GbBPADQSXxn
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:01:26 2025 by rpki-client