Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QtOnl5gl-rjcZq763aSHMw938e0.roa
File: QtOnl5gl-rjcZq763aSHMw938e0.roa (raw, json)
Hash identifier: THg5hjbHui8B3R3CfoWmI2Y951hhEm8qdVnwCwdnnZs=
Subject key identifier: 42:D3:A7:97:98:25:FA:B8:DC:66:AE:FA:DD:A4:87:33:0F:77:F1:ED
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C540E4F0DC3F817FF67A32D75721B50
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QtOnl5gl-rjcZq763aSHMw938e0.roa
Signing time: Sun 01 Jan 2023 07:55:26 +0000
ROA not before: Sun 01 Jan 2023 07:55:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205613
IP address blocks: 2a06:8ec6:2::/48 maxlen: 48
2a06:8ec6:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:0e:4f:0d:c3:f8:17:ff:67:a3:2d:75:72:1b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42d3a7979825fab8dc66aefadda487330f77f1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:71:b2:6a:4f:cb:20:c3:0e:f3:e3:ce:ce:64:
40:70:2d:6b:6f:03:be:98:5b:c6:c1:ae:92:88:da:
94:01:d2:94:64:7a:33:f2:df:bb:41:e7:6b:16:9f:
bd:cb:f2:00:c9:75:3a:18:cc:22:51:0e:e7:f5:62:
8b:c1:08:8e:93:9d:f5:29:99:c8:de:13:e1:05:a2:
92:8d:2f:37:04:eb:60:73:95:11:e4:f6:63:92:92:
75:95:5f:e8:b1:c6:3b:6f:71:cd:09:7d:25:07:6f:
da:e9:23:68:dc:cd:13:eb:7e:75:76:7a:06:ce:02:
fe:28:85:d7:74:ef:6c:72:85:ff:e4:49:b8:c4:6f:
cc:02:69:52:f4:7d:62:68:b9:24:63:03:6f:f4:17:
a0:c1:dc:a2:fa:d7:eb:94:55:38:a6:fe:d4:a4:34:
b8:50:c3:9f:6e:d4:1c:47:92:60:ad:e3:1a:a3:94:
28:69:05:9d:44:2b:f9:ca:38:5b:57:7b:f2:b7:20:
06:ea:bf:40:05:cd:be:5e:77:53:43:44:43:5a:bf:
9f:df:7c:87:99:46:0b:94:7d:77:8a:55:20:fe:fc:
b5:60:85:3c:fb:84:95:cb:26:4c:11:b9:42:40:d0:
a7:69:12:77:40:aa:75:97:fe:f4:42:ea:73:88:9f:
6f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D3:A7:97:98:25:FA:B8:DC:66:AE:FA:DD:A4:87:33:0F:77:F1:ED
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/QtOnl5gl-rjcZq763aSHMw938e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:8ec6:1::-2a06:8ec6:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
90:d2:3d:55:d8:be:79:99:d8:3e:f6:f2:52:27:15:5c:17:4c:
6c:7c:90:58:97:74:54:10:b2:94:da:d3:c9:42:a7:82:92:9b:
d2:64:e0:8f:11:36:0a:d9:67:bd:20:d5:c1:f4:4b:17:d5:d4:
36:73:54:25:c0:5b:cf:0f:69:53:33:9b:9f:cc:cc:a4:97:1d:
85:e7:64:27:f4:9f:84:3b:e6:d5:94:23:eb:86:77:f8:75:2f:
8a:22:41:e1:da:03:f3:f8:d6:f2:bb:30:5b:35:0c:dc:07:aa:
8d:8d:c4:b7:8f:d6:0b:85:3d:c7:bf:2a:57:df:c9:58:85:70:
2c:b2:9c:6d:be:49:12:5b:6a:96:1e:2d:61:b1:6e:0d:d9:5e:
d7:f6:e7:8d:40:de:0d:4c:01:8c:75:20:bf:c2:02:9f:ec:43:
71:f8:3e:7a:00:d6:33:94:e3:31:10:2d:55:3e:11:24:cb:ce:
46:f1:3c:82:06:cb:9d:99:7b:47:4e:fb:e2:c5:5e:11:be:29:
ff:73:17:6d:56:52:87:a1:47:b1:51:51:e5:d6:2c:47:9b:3a:
61:3f:2d:76:a2:b0:e5:64:43:f0:0d:0b:47:18:9c:5c:62:c1:
d4:aa:b6:ab:38:ee:ff:ee:dd:6e:ba:98:3b:72:40:a9:0e:a0:
de:85:70:08
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVsVA5PDcP4F/9noy11chtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQzYTc5Nzk4MjVmYWI4ZGM2NmFlZmFkZGE0ODczMzBmNzdmMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXGyak/LIMMO8+POzmRAcC1rbwO+
mFvGwa6SiNqUAdKUZHoz8t+7QedrFp+9y/IAyXU6GMwiUQ7n9WKLwQiOk531KZnI
3hPhBaKSjS83BOtgc5UR5PZjkpJ1lV/oscY7b3HNCX0lB2/a6SNo3M0T6351dnoG
zgL+KIXXdO9scoX/5Em4xG/MAmlS9H1iaLkkYwNv9Begwdyi+tfrlFU4pv7UpDS4
UMOfbtQcR5JgreMao5QoaQWdRCv5yjhbV3vytyAG6r9ABc2+XndTQ0RDWr+f33yH
mUYLlH13ilUg/vy1YIU8+4SVyyZMEblCQNCnaRJ3QKp1l/70QupziJ9v4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFELTp5eYJfq43Gau+t2khzMPd/HtMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvUXRPbmw1Z2wtcmpjWnE3NjNhU0hNdzkzOGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqBo7G
AAEDBwAqBo7GAAIwDQYJKoZIhvcNAQELBQADggEBAJDSPVXYvnmZ2D728lInFVwX
TGx8kFiXdFQQspTa08lCp4KSm9Jk4I8RNgrZZ70g1cH0SxfV1DZzVCXAW88PaVMz
m5/MzKSXHYXnZCf0n4Q75tWUI+uGd/h1L4oiQeHaA/P41vK7MFs1DNwHqo2NxLeP
1guFPce/KlffyViFcCyynG2+SRJbapYeLWGxbg3ZXtf2541A3g1MAYx1IL/CAp/s
Q3H4PnoA1jOU4zEQLVU+ESTLzkbxPIIGy52Ze0dO++LFXhG+Kf9zF21WUoehR7FR
UeXWLEebOmE/LXaisOVkQ/ANC0cYnFxiwdSqtqs47v/u3W66mDtyQKkOoN6FcAg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org