Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/qkwSHQX6bomiBIHy5TZb-pjhuYI.roa
File: qkwSHQX6bomiBIHy5TZb-pjhuYI.roa (raw, json)
Hash identifier: hVaM53mR0lAjVDeHHSI2c0EmPZf4vdZaTs9equ6MDko=
Subject key identifier: AA:4C:12:1D:05:FA:6E:89:A2:04:81:F2:E5:36:5B:FA:98:E1:B9:82
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC6CF16AB2889727964D4B56F0B811
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/qkwSHQX6bomiBIHy5TZb-pjhuYI.roa
Signing time: Sun 01 Jan 2023 05:44:45 +0000
ROA not before: Sun 01 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60614
IP address blocks: 2a0f:607:1000::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:6c:f1:6a:b2:88:97:27:96:4d:4b:56:f0:b8:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa4c121d05fa6e89a20481f2e5365bfa98e1b982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:e4:dd:0f:33:ce:df:0c:69:b1:6a:0a:af:
1a:4a:d7:59:8d:17:b0:dd:1e:11:02:7c:83:cd:10:
8d:86:b0:d3:6f:32:28:01:cd:42:f1:eb:16:ed:82:
bb:93:06:34:02:a3:5b:4c:8b:ee:bf:09:b1:62:7c:
0b:7f:9a:41:37:e9:1c:dc:0b:ae:3b:bc:0b:fe:6a:
cb:ea:95:f0:5c:63:f1:14:6c:53:2f:71:13:ef:89:
7e:15:d0:0a:f4:86:14:43:45:38:ba:24:44:16:a7:
df:1e:d9:6f:7e:b3:50:fa:0a:66:64:05:b8:a6:f8:
a0:5c:b5:59:50:48:31:d6:c3:99:61:eb:59:ed:89:
ab:29:9d:f1:3b:31:9b:ce:7b:91:f5:7b:ac:73:04:
5b:88:20:5a:6a:cb:18:72:bf:94:49:04:43:97:ae:
36:a0:d6:f7:9f:3b:6c:3b:29:7b:d2:bc:8b:31:9f:
bd:8f:08:59:32:17:3a:5a:e2:1a:46:9e:47:c0:4e:
1e:f8:ab:8c:57:22:8d:09:8e:71:7d:5e:62:af:c7:
cf:4d:02:8c:34:35:5a:bf:ca:7f:0a:1b:24:50:d1:
e2:38:35:78:dd:39:81:78:4f:ed:44:e8:2a:7f:5b:
57:b7:d8:2e:0d:63:7a:51:20:41:50:81:25:70:de:
c1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4C:12:1D:05:FA:6E:89:A2:04:81:F2:E5:36:5B:FA:98:E1:B9:82
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/qkwSHQX6bomiBIHy5TZb-pjhuYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1000::/40
Signature Algorithm: sha256WithRSAEncryption
22:32:da:37:31:a1:52:b8:75:b7:0f:b6:87:55:11:29:6b:51:
32:3e:85:e4:25:b3:dd:1f:7b:32:ee:24:39:f9:97:59:a0:d9:
31:a1:41:5f:6b:42:7b:fc:d8:95:91:12:6c:15:ce:89:f5:01:
9d:07:95:1c:22:a7:dc:f6:71:27:fa:ba:bf:83:eb:bf:ac:38:
b6:1b:9d:fc:8d:db:98:a5:31:0c:e5:16:f5:ab:f2:1a:14:de:
94:4c:dd:96:ef:e0:63:e3:f4:ba:bf:91:0c:39:24:ac:a0:eb:
8d:1d:34:64:e6:e6:de:0f:9f:4f:42:d2:1e:f9:3c:c9:2e:68:
fe:0a:8a:ae:c1:80:6e:44:67:e6:3b:86:fd:82:ef:83:69:36:
4c:9e:56:61:b1:ee:3e:a7:d3:7c:44:48:91:03:7b:34:ee:b4:
03:06:21:b6:49:00:79:af:07:b6:5c:74:79:3b:59:7f:db:bd:
65:6c:da:b6:e2:35:df:98:6a:19:a3:e9:5b:17:0f:a0:32:de:
fa:6f:f3:31:07:b7:8d:5b:fc:79:ed:a6:b7:16:62:e0:b4:0f:
4f:bd:a2:c5:a1:17:62:03:94:18:7b:77:55:9f:73:df:5a:08:
90:b0:d5:44:39:ea:c4:59:f8:db:8a:65:56:2f:c9:bc:44:6a:
53:e0:84:ab
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVr3GzxarKIlyeWTUtW8LgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRjMTIxZDA1ZmE2ZTg5YTIwNDgxZjJlNTM2NWJmYTk4ZTFiOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmDk3Q8zzt8MabFqCq8aStdZjRew
3R4RAnyDzRCNhrDTbzIoAc1C8esW7YK7kwY0AqNbTIvuvwmxYnwLf5pBN+kc3Auu
O7wL/mrL6pXwXGPxFGxTL3ET74l+FdAK9IYUQ0U4uiREFqffHtlvfrNQ+gpmZAW4
pvigXLVZUEgx1sOZYetZ7YmrKZ3xOzGbznuR9XuscwRbiCBaassYcr+USQRDl642
oNb3nztsOyl70ryLMZ+9jwhZMhc6WuIaRp5HwE4e+KuMVyKNCY5xfV5ir8fPTQKM
NDVav8p/ChskUNHiODV43TmBeE/tROgqf1tXt9guDWN6USBBUIElcN7BFQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKpMEh0F+m6JogSB8uU2W/qY4bmCMB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvcWt3U0hRWDZib21pQklIeTVUWmItcGpodVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg8GBxAw
DQYJKoZIhvcNAQELBQADggEBACIy2jcxoVK4dbcPtodVESlrUTI+heQls90fezLu
JDn5l1mg2TGhQV9rQnv82JWREmwVzon1AZ0HlRwip9z2cSf6ur+D67+sOLYbnfyN
25ilMQzlFvWr8hoU3pRM3Zbv4GPj9Lq/kQw5JKyg640dNGTm5t4Pn09C0h75PMku
aP4Kiq7BgG5EZ+Y7hv2C74NpNkyeVmGx7j6n03xESJEDezTutAMGIbZJAHmvB7Zc
dHk7WX/bvWVs2rbiNd+Yahmj6VsXD6Ay3vpv8zEHt41b/HntprcWYuC0D0+9osWh
F2IDlBh7d1Wfc99aCJCw1UQ56sRZ+NuKZVYvybxEalPghKs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:46 2024 by rpki-client on console-fra.rpki-client.org