Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/qjDbXmvLBFYZ4CUkSiDMhgqpR4k.roa
File: qjDbXmvLBFYZ4CUkSiDMhgqpR4k.roa (raw, json)
Hash identifier: zfXo08ktQr9ARPqZb6ly+xTWNXpTNoCUR0fyjRtcWn8=
Subject key identifier: AA:30:DB:5E:6B:CB:04:56:19:E0:25:24:4A:20:CC:86:0A:A9:47:89
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 018CC79342498E396C79307CF22169475263
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/qjDbXmvLBFYZ4CUkSiDMhgqpR4k.roa
Signing time: Tue 02 Jan 2024 00:29:25 +0000
ROA not before: Tue 02 Jan 2024 00:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204646
IP address blocks: 2a0d:2080::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 02 Jun 2024 04:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:42:49:8e:39:6c:79:30:7c:f2:21:69:47:52:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 00:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa30db5e6bcb045619e025244a20cc860aa94789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:20:d2:d8:f7:04:ee:30:44:47:30:97:15:09:
84:7e:c7:fa:8f:03:68:ab:a0:6c:12:d0:d4:98:c0:
0a:91:df:c9:b8:11:ae:6f:15:c5:20:80:88:5b:77:
de:2b:78:bd:cf:42:8e:b3:f4:f2:62:92:b7:90:cc:
e5:7d:fc:8c:e5:14:68:d8:ad:c4:37:2d:e2:6f:f9:
d7:07:fd:fb:b3:14:e5:03:a5:2e:87:b7:db:6e:c8:
65:68:ad:e9:b1:a4:f3:6f:70:fc:10:c6:70:8f:dd:
08:33:3c:24:6b:e3:ad:2c:04:9f:e8:fe:99:b3:d2:
b4:ad:54:38:50:7b:ea:f8:15:d1:c2:68:7c:e7:e4:
aa:52:4a:e4:9b:07:c3:3b:41:02:5d:1c:28:18:b1:
47:68:aa:0d:9f:4a:76:31:ac:91:08:ef:5c:0f:ec:
dc:d1:71:f1:8d:c9:e0:c8:3c:13:34:60:2c:01:99:
21:6a:bf:83:fc:7d:64:0a:aa:4b:b9:48:3e:14:42:
09:47:bc:3b:18:a9:d4:8e:ae:44:92:87:1e:d5:74:
01:ff:4f:be:57:d1:d3:49:9a:a8:56:85:3e:21:66:
35:1c:12:9e:c4:6d:f3:04:7d:16:b4:a7:6b:f6:87:
11:85:1d:f5:65:78:ae:b5:1a:36:75:a2:e0:ae:71:
41:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:30:DB:5E:6B:CB:04:56:19:E0:25:24:4A:20:CC:86:0A:A9:47:89
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/qjDbXmvLBFYZ4CUkSiDMhgqpR4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2080::/29
Signature Algorithm: sha256WithRSAEncryption
5b:cf:62:4c:9a:3e:5e:d1:c1:8f:bc:b2:9b:5a:b1:04:38:57:
fd:a0:08:9a:68:16:a7:d9:70:4d:2c:6d:93:48:cd:97:17:5c:
c5:b8:dd:91:a6:74:24:97:6f:5b:58:67:56:8a:87:f0:3d:2a:
b5:0d:50:bc:5f:8d:4e:dd:20:2c:21:0d:ec:80:f0:e7:fd:e0:
86:39:54:0d:f0:a5:38:62:53:7b:0c:4a:41:bd:b6:2e:79:13:
1f:d7:0c:79:ac:62:58:ed:26:16:ee:e5:cd:65:9b:9d:a7:e6:
53:2d:78:a1:58:65:a8:ea:ee:e1:62:87:b2:83:e3:63:43:22:
99:40:f0:5c:db:d2:a2:d8:84:31:bd:7e:5d:45:03:14:a6:09:
57:27:1d:63:fe:4b:55:74:a2:28:e4:c9:55:c1:01:26:7b:de:
ec:17:f3:f2:57:09:55:d3:f9:1d:41:f0:1d:e8:6b:77:2f:3f:
68:18:87:90:d5:50:8a:52:5d:5b:6e:d1:17:ab:6e:12:40:4a:
e6:16:ee:ac:86:90:20:12:00:21:31:b7:33:57:10:d0:c0:b1:
cc:3f:3f:ad:ad:87:da:fa:6b:25:c5:74:e0:6e:06:37:4f:1b:
37:48:1a:7b:73:da:21:b4:1d:29:f1:e2:ea:ff:38:80:7b:92:
ad:07:07:72
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHk0JJjjlseTB88iFpR1JjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjQwMTAyMDAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTMwZGI1ZTZiY2IwNDU2MTllMDI1MjQ0YTIwY2M4NjBhYTk0Nzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSDS2PcE7jBERzCXFQmEfsf6jwNo
q6BsEtDUmMAKkd/JuBGubxXFIICIW3feK3i9z0KOs/TyYpK3kMzlffyM5RRo2K3E
Ny3ib/nXB/37sxTlA6Uuh7fbbshlaK3psaTzb3D8EMZwj90IMzwka+OtLASf6P6Z
s9K0rVQ4UHvq+BXRwmh85+SqUkrkmwfDO0ECXRwoGLFHaKoNn0p2MayRCO9cD+zc
0XHxjcngyDwTNGAsAZkhar+D/H1kCqpLuUg+FEIJR7w7GKnUjq5Ekoce1XQB/0++
V9HTSZqoVoU+IWY1HBKexG3zBH0WtKdr9ocRhR31ZXiutRo2daLgrnFBvwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKow215rywRWGeAlJEogzIYKqUeJMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvcWpEYlhtdkxCRllaNENVa1NpRE1oZ3FwUjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg0ggDAN
BgkqhkiG9w0BAQsFAAOCAQEAW89iTJo+XtHBj7yym1qxBDhX/aAImmgWp9lwTSxt
k0jNlxdcxbjdkaZ0JJdvW1hnVoqH8D0qtQ1QvF+NTt0gLCEN7IDw5/3ghjlUDfCl
OGJTewxKQb22LnkTH9cMeaxiWO0mFu7lzWWbnafmUy14oVhlqOru4WKHsoPjY0Mi
mUDwXNvSotiEMb1+XUUDFKYJVycdY/5LVXSiKOTJVcEBJnve7Bfz8lcJVdP5HUHw
Hehrdy8/aBiHkNVQilJdW27RF6tuEkBK5hburIaQIBIAITG3M1cQ0MCxzD8/ra2H
2vprJcV04G4GN08bN0gae3PaIbQdKfHi6v84gHuSrQcHcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org