Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9bb7d6-7f7a-486c-8a0d-c47c26fa68af/1/QPWK2j-7WJdOFmcrxkLUCryouQo.roa
File: QPWK2j-7WJdOFmcrxkLUCryouQo.roa (raw, json)
Hash identifier: 5eBPMLedmusWPJYa+0sWWDwx08xj8pkW6qAB0fOU8DA=
Subject key identifier: 40:F5:8A:DA:3F:BB:58:97:4E:16:67:2B:C6:42:D4:0A:BC:A8:B9:0A
Certificate issuer: /CN=546ec217e9b129316c23a6fa9f9a721f10c2d95d
Certificate serial: 018573BAA21DE36A4856F1554214D1121BE4
Authority key identifier: 54:6E:C2:17:E9:B1:29:31:6C:23:A6:FA:9F:9A:72:1F:10:C2:D9:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VG7CF-mxKTFsI6b6n5pyHxDC2V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9bb7d6-7f7a-486c-8a0d-c47c26fa68af/1/QPWK2j-7WJdOFmcrxkLUCryouQo.roa
Signing time: Mon 02 Jan 2023 18:24:48 +0000
ROA not before: Mon 02 Jan 2023 18:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197835
IP address blocks: 2a13:940::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:a2:1d:e3:6a:48:56:f1:55:42:14:d1:12:1b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546ec217e9b129316c23a6fa9f9a721f10c2d95d
Validity
Not Before: Jan 2 18:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40f58ada3fbb58974e16672bc642d40abca8b90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5e:05:03:aa:4f:d6:a1:9f:11:69:93:0b:55:
21:a9:f0:d2:61:b2:27:e4:8a:7b:ce:03:9c:b8:90:
bc:16:04:20:04:af:bc:fc:a3:d2:13:98:30:a0:d0:
de:3f:84:69:e5:be:d9:4d:31:39:16:1c:33:fe:2b:
33:af:07:93:e9:8f:1d:45:9d:9f:08:13:8b:f9:0d:
c9:4c:73:fb:34:7d:da:27:48:1a:fb:0b:7d:a9:af:
b7:e9:f3:24:ba:db:6c:a2:5f:40:b5:38:09:f1:26:
9d:0d:c2:6b:6a:df:c1:6d:b7:3f:c3:71:60:96:d5:
f4:2f:c1:c5:2b:3a:b6:47:ae:37:a9:9d:13:a2:59:
38:33:93:a9:cc:f9:de:2f:1c:f5:6b:e0:2f:a2:6a:
0a:31:d7:40:93:68:8d:8c:02:1c:36:c1:f0:da:22:
c3:9b:2c:0f:a5:61:56:ac:65:d9:f7:57:04:fd:e6:
13:ae:49:77:d6:4b:1a:29:c3:ad:1e:f5:99:c0:2a:
1d:d5:95:a8:1f:d8:a9:61:d5:1f:c7:e3:df:9f:54:
22:79:ea:ae:ca:22:ad:89:c3:72:6c:8f:4b:d5:95:
c7:fc:b1:ac:35:91:09:61:68:6a:88:40:66:94:72:
8b:3c:0b:33:a8:b8:c4:28:a4:ee:d3:aa:51:74:cb:
44:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F5:8A:DA:3F:BB:58:97:4E:16:67:2B:C6:42:D4:0A:BC:A8:B9:0A
X509v3 Authority Key Identifier:
keyid:54:6E:C2:17:E9:B1:29:31:6C:23:A6:FA:9F:9A:72:1F:10:C2:D9:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VG7CF-mxKTFsI6b6n5pyHxDC2V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9bb7d6-7f7a-486c-8a0d-c47c26fa68af/1/QPWK2j-7WJdOFmcrxkLUCryouQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9bb7d6-7f7a-486c-8a0d-c47c26fa68af/1/VG7CF-mxKTFsI6b6n5pyHxDC2V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:940::/29
Signature Algorithm: sha256WithRSAEncryption
83:92:6f:26:78:8e:4a:36:78:d4:de:9b:7f:cb:d4:ee:6d:07:
be:64:b3:0a:32:a0:ee:40:7e:93:35:d7:59:30:38:d6:80:9b:
50:8b:33:d0:15:c7:f5:db:b4:1c:84:1b:45:a0:3e:38:1c:61:
29:bb:ef:05:54:40:30:4c:93:58:4c:b2:48:0a:2e:5f:ad:f5:
16:66:cc:a7:d5:20:f9:88:47:a8:65:8d:41:d6:f6:f7:6d:c3:
b1:5d:8a:2b:a0:da:fc:40:83:44:62:f9:cb:66:fa:54:9c:95:
7f:21:21:30:8a:8d:13:c8:e2:b2:31:a9:58:95:22:a3:ca:90:
ee:3b:d4:bc:00:a8:0d:66:a2:5d:a6:39:25:97:9e:ca:0f:97:
ed:91:62:12:94:2c:c5:1c:d2:5f:fe:eb:9c:80:97:28:1e:eb:
89:04:95:96:4f:68:7a:04:44:57:c6:1a:72:56:28:e1:78:2a:
8e:4d:55:a8:92:88:02:d2:2d:ca:0b:53:bd:68:e7:01:4a:5e:
dc:15:4a:a8:ea:bb:87:51:cf:a6:e2:0a:61:e0:94:37:a4:1e:
7f:46:91:a3:b0:28:00:51:af:e3:ee:36:cd:46:ba:7b:fd:cd:
2a:35:cf:7e:b0:6b:ea:14:b2:fc:44:52:a6:cf:4d:93:0b:64:
02:0a:00:91
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVzuqId42pIVvFVQhTREhvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NmVjMjE3ZTliMTI5MzE2YzIzYTZmYTlmOWE3MjFmMTBj
MmQ5NWQwHhcNMjMwMTAyMTgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGY1OGFkYTNmYmI1ODk3NGUxNjY3MmJjNjQyZDQwYWJjYThiOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil4FA6pP1qGfEWmTC1UhqfDSYbIn
5Ip7zgOcuJC8FgQgBK+8/KPSE5gwoNDeP4Rp5b7ZTTE5Fhwz/iszrweT6Y8dRZ2f
CBOL+Q3JTHP7NH3aJ0ga+wt9qa+36fMkuttsol9AtTgJ8SadDcJrat/Bbbc/w3Fg
ltX0L8HFKzq2R643qZ0Tolk4M5OpzPneLxz1a+AvomoKMddAk2iNjAIcNsHw2iLD
mywPpWFWrGXZ91cE/eYTrkl31ksaKcOtHvWZwCod1ZWoH9ipYdUfx+Pfn1Qieequ
yiKticNybI9L1ZXH/LGsNZEJYWhqiEBmlHKLPAszqLjEKKTu06pRdMtELQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFED1ito/u1iXThZnK8ZC1Aq8qLkKMB8GA1UdIwQY
MBaAFFRuwhfpsSkxbCOm+p+ach8QwtldMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkc3Q0YtbXhLVEZzSTZiNm41cHlIeERDMlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85YmI3ZDYtN2Y3YS00ODZjLThhMGQt
YzQ3YzI2ZmE2OGFmLzEvUVBXSzJqLTdXSmRPRm1jcnhrTFVDcnlvdVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85YmI3ZDYtN2Y3YS00ODZjLThhMGQtYzQ3YzI2ZmE2OGFm
LzEvVkc3Q0YtbXhLVEZzSTZiNm41cHlIeERDMlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMJQDAN
BgkqhkiG9w0BAQsFAAOCAQEAg5JvJniOSjZ41N6bf8vU7m0HvmSzCjKg7kB+kzXX
WTA41oCbUIsz0BXH9du0HIQbRaA+OBxhKbvvBVRAMEyTWEyySAouX631FmbMp9Ug
+YhHqGWNQdb2923DsV2KK6Da/ECDRGL5y2b6VJyVfyEhMIqNE8jisjGpWJUio8qQ
7jvUvACoDWaiXaY5JZeeyg+X7ZFiEpQsxRzSX/7rnICXKB7riQSVlk9oegREV8Ya
clYo4Xgqjk1VqJKIAtItygtTvWjnAUpe3BVKqOq7h1HPpuIKYeCUN6Qef0aRo7Ao
AFGv4+42zUa6e/3NKjXPfrBr6hSy/ERSps9NkwtkAgoAkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org