Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/kqwjMLFQvzDpV_j6UBt3DDFREjY.roa
File: kqwjMLFQvzDpV_j6UBt3DDFREjY.roa (raw, json)
Hash identifier: 1xUvCXH/RwhrrgsK5e8mEiMkW9mUT8pqCAd8M/i2ZzU=
Subject key identifier: 92:AC:23:30:B1:50:BF:30:E9:57:F8:FA:50:1B:77:0C:31:51:12:36
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC6938B344ACEE9DC925550EB40CBC
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/kqwjMLFQvzDpV_j6UBt3DDFREjY.roa
Signing time: Sun 01 Jan 2023 05:44:44 +0000
ROA not before: Sun 01 Jan 2023 05:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38008
IP address blocks: 2a0f:607:1060::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:69:38:b3:44:ac:ee:9d:c9:25:55:0e:b4:0c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92ac2330b150bf30e957f8fa501b770c31511236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:23:57:db:d0:c7:f8:7a:f5:e6:1c:19:ec:9b:
af:53:8f:a0:76:72:b4:20:4d:12:2a:4b:7a:41:4f:
55:1e:fc:f0:81:1d:bc:ab:ab:6b:ab:61:d0:4e:66:
e3:08:b6:39:3f:a5:14:87:aa:b2:f6:20:31:bc:a4:
f0:21:ee:d7:7c:d3:19:fd:9d:42:b2:1a:56:77:33:
3e:30:a8:df:93:ff:2a:5b:e7:7a:34:fd:a0:0b:3a:
75:93:33:09:ee:a0:e2:64:1a:8b:78:ff:ae:21:13:
0d:c9:58:38:c3:dc:48:31:ae:26:16:15:97:2c:3d:
51:92:9b:53:ca:b9:c1:1b:51:4b:4b:99:21:2b:9a:
8f:d0:9c:8b:4c:61:55:6b:ed:e5:7a:59:5c:4e:8d:
83:e2:27:e7:e0:ea:81:eb:6c:d0:47:15:78:fe:ec:
3c:0f:33:6b:f4:2b:8b:96:7c:27:74:18:cc:f3:05:
50:0b:45:ad:62:9e:71:a1:55:76:30:ea:9a:1a:e6:
bd:28:74:49:cb:22:4b:8e:5f:7a:0e:36:78:a4:8a:
12:0d:1d:e3:7e:e7:98:55:26:a3:5c:3a:63:84:ad:
4d:eb:f6:f2:3f:9c:17:07:3f:15:1f:68:fe:33:49:
ae:aa:91:6a:ca:5b:c4:f1:b4:66:36:5e:27:ee:12:
c7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AC:23:30:B1:50:BF:30:E9:57:F8:FA:50:1B:77:0C:31:51:12:36
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/kqwjMLFQvzDpV_j6UBt3DDFREjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1060::/44
Signature Algorithm: sha256WithRSAEncryption
7f:73:5b:4f:5a:53:90:5c:5a:ab:30:fb:dd:35:35:fc:d9:a9:
54:d5:72:92:ee:06:9d:f0:33:79:06:e6:13:db:28:cf:41:36:
b3:56:38:20:2b:4f:d2:6e:85:12:8f:a3:59:ce:d6:70:43:6b:
3a:5d:ad:59:92:74:97:3f:d7:02:f2:83:34:7d:30:7a:f2:2d:
33:d8:81:1c:e9:48:44:88:d8:f8:34:d4:b5:1f:80:32:c7:06:
af:8f:c9:bf:64:91:8b:c5:b8:1d:7b:cc:ff:6c:e2:bb:cd:f0:
94:aa:86:03:2f:17:6b:9e:cc:02:7e:ae:cb:df:94:a4:98:08:
7b:ef:db:c2:54:e9:80:ee:e7:05:15:50:bc:be:21:0d:c6:ba:
fc:9c:44:98:47:ca:60:f4:c8:3a:2a:b7:2e:ea:02:b2:2e:03:
bf:e0:d8:f0:61:4e:82:73:f1:5c:5e:23:f7:54:d1:57:cd:46:
27:73:21:ff:9e:d9:22:e5:59:0c:e4:9a:72:ce:cf:0f:a6:93:
8e:b3:22:1e:b9:9a:a8:fd:29:15:e6:a0:ca:3a:f0:8f:79:c8:
0c:fe:02:08:4e:6f:c8:63:f7:90:92:5f:98:f9:dc:23:11:c8:
5c:06:98:a7:15:86:1f:ee:52:27:26:7d:17:3e:bc:34:e3:65:
c6:a4:06:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3Gk4s0Ss7p3JJVUOtAy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFjMjMzMGIxNTBiZjMwZTk1N2Y4ZmE1MDFiNzcwYzMxNTExMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyNX29DH+Hr15hwZ7JuvU4+gdnK0
IE0SKkt6QU9VHvzwgR28q6trq2HQTmbjCLY5P6UUh6qy9iAxvKTwIe7XfNMZ/Z1C
shpWdzM+MKjfk/8qW+d6NP2gCzp1kzMJ7qDiZBqLeP+uIRMNyVg4w9xIMa4mFhWX
LD1RkptTyrnBG1FLS5khK5qP0JyLTGFVa+3lellcTo2D4ifn4OqB62zQRxV4/uw8
DzNr9CuLlnwndBjM8wVQC0WtYp5xoVV2MOqaGua9KHRJyyJLjl96DjZ4pIoSDR3j
fueYVSajXDpjhK1N6/byP5wXBz8VH2j+M0muqpFqylvE8bRmNl4n7hLHAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJKsIzCxUL8w6Vf4+lAbdwwxURI2MB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEva3F3ak1MRlF2ekRwVl9qNlVCdDNEREZSRWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg8GBxBg
MA0GCSqGSIb3DQEBCwUAA4IBAQB/c1tPWlOQXFqrMPvdNTX82alU1XKS7gad8DN5
BuYT2yjPQTazVjggK0/SboUSj6NZztZwQ2s6Xa1ZknSXP9cC8oM0fTB68i0z2IEc
6UhEiNj4NNS1H4Ayxwavj8m/ZJGLxbgde8z/bOK7zfCUqoYDLxdrnswCfq7L35Sk
mAh779vCVOmA7ucFFVC8viENxrr8nESYR8pg9Mg6Krcu6gKyLgO/4NjwYU6Cc/Fc
XiP3VNFXzUYncyH/ntki5VkM5Jpyzs8PppOOsyIeuZqo/SkV5qDKOvCPecgM/gII
Tm/IY/eQkl+Y+dwjEchcBpinFYYf7lInJn0XPrw042XGpAZj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org