Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/KQfXSwpSf8XQwNVn5xoYLD9Stx4.roa
File: KQfXSwpSf8XQwNVn5xoYLD9Stx4.roa (raw, json)
Hash identifier: 69z+6bwsudZUddg6N+b0CrrwGHTuC6eCc+MjwsxhaEc=
Subject key identifier: 29:07:D7:4B:0A:52:7F:C5:D0:C0:D5:67:E7:1A:18:2C:3F:52:B7:1E
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018B9983D6CA61EF80C0F42F6BFA7BB1C78D
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/KQfXSwpSf8XQwNVn5xoYLD9Stx4.roa
Signing time: Sat 04 Nov 2023 08:47:16 +0000
ROA not before: Sat 04 Nov 2023 08:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216038
IP address blocks: 2a0f:7803:feb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:83:d6:ca:61:ef:80:c0:f4:2f:6b:fa:7b:b1:c7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Nov 4 08:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2907d74b0a527fc5d0c0d567e71a182c3f52b71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:81:6d:29:f1:53:ea:8d:6b:a1:28:79:fe:f8:
08:e8:4d:b9:2b:23:eb:87:ee:05:ec:bd:bd:c1:9c:
1f:a4:fd:33:0f:0d:7a:74:80:52:6d:e4:0d:c2:4d:
c7:03:b7:06:8f:6a:40:7c:2c:fb:78:09:cd:f9:b3:
14:f5:fb:7b:55:90:9f:54:bd:28:13:d2:da:f6:4b:
ea:a7:9a:64:51:ed:46:b7:90:39:ee:a7:fe:9b:8f:
3f:64:78:2b:c2:68:d3:97:73:29:f8:7f:e9:33:38:
0f:c6:1d:85:55:70:55:9d:3a:c1:6a:3b:4f:63:aa:
89:ce:6c:b7:ae:6c:06:fb:b4:58:33:ff:db:82:84:
e9:a7:3e:7a:37:81:83:ec:01:14:4f:07:20:a2:95:
d4:7e:af:3e:66:59:8d:6b:63:6d:b8:57:7d:66:63:
40:0f:c5:d3:fd:05:d6:10:da:84:2c:3e:6c:9a:11:
57:7e:47:68:90:ae:84:2c:88:00:5d:16:01:2a:07:
1d:f9:e8:cf:e1:2b:d3:16:ff:3b:25:ba:e3:a2:b0:
13:a2:b2:6e:01:e6:1f:23:1f:08:dc:69:a9:34:06:
07:bf:54:42:b5:0c:ce:38:7e:71:50:97:5f:64:8a:
75:54:c0:e3:68:88:1e:10:53:aa:6d:1b:e8:f5:76:
14:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:07:D7:4B:0A:52:7F:C5:D0:C0:D5:67:E7:1A:18:2C:3F:52:B7:1E
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/KQfXSwpSf8XQwNVn5xoYLD9Stx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:feb0::/44
Signature Algorithm: sha256WithRSAEncryption
65:9c:1c:7b:76:70:34:73:9f:42:01:ef:36:f2:46:48:82:1b:
1d:04:06:21:da:e7:c2:2d:03:b7:b6:e0:44:54:ea:0e:b4:71:
89:4a:73:8b:ec:6c:f4:cf:cc:77:db:3d:0b:fd:19:02:ba:35:
15:10:20:14:f1:59:41:49:b2:6e:e9:61:c7:81:01:46:b6:e3:
05:de:19:23:7f:93:1b:91:b4:f1:7a:c2:54:ee:d3:d4:7c:3d:
c1:44:1b:ba:6a:16:9c:89:b5:52:a8:ae:4b:b1:b0:4d:23:37:
61:70:d0:4d:89:c1:82:cd:16:c0:5c:f8:b5:ee:e8:66:6f:fc:
94:5e:7e:65:e4:47:a7:9c:aa:78:cc:95:b5:23:ea:76:ef:23:
3f:a5:db:33:f2:72:20:93:d2:24:06:60:c2:10:7f:d8:1b:67:
ef:37:8d:38:c1:0f:02:db:9f:77:da:aa:c2:e3:8c:47:2a:68:
17:bc:e3:c1:e6:45:2b:fa:f3:8b:e3:fc:e4:50:02:69:8b:ed:
48:5a:db:18:0c:2f:5f:e6:ef:b7:41:02:cc:55:3a:c6:32:db:
c2:71:92:78:80:16:88:c9:7c:e7:c0:ca:37:9c:4e:2d:73:87:
27:62:d7:76:d9:83:d6:84:14:fd:9e:4b:14:38:77:7f:a3:a6:
2d:4a:42:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYuZg9bKYe+AwPQva/p7sceNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjMxMTA0MDg0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA3ZDc0YjBhNTI3ZmM1ZDBjMGQ1NjdlNzFhMTgyYzNmNTJiNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoFtKfFT6o1roSh5/vgI6E25KyPr
h+4F7L29wZwfpP0zDw16dIBSbeQNwk3HA7cGj2pAfCz7eAnN+bMU9ft7VZCfVL0o
E9La9kvqp5pkUe1Gt5A57qf+m48/ZHgrwmjTl3Mp+H/pMzgPxh2FVXBVnTrBajtP
Y6qJzmy3rmwG+7RYM//bgoTppz56N4GD7AEUTwcgopXUfq8+ZlmNa2NtuFd9ZmNA
D8XT/QXWENqELD5smhFXfkdokK6ELIgAXRYBKgcd+ejP4SvTFv87JbrjorATorJu
AeYfIx8I3GmpNAYHv1RCtQzOOH5xUJdfZIp1VMDjaIgeEFOqbRvo9XYUjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCkH10sKUn/F0MDVZ+caGCw/UrceMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvS1FmWFN3cFNmOFhRd05WbjV4b1lMRDlTdHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/6w
MA0GCSqGSIb3DQEBCwUAA4IBAQBlnBx7dnA0c59CAe828kZIghsdBAYh2ufCLQO3
tuBEVOoOtHGJSnOL7Gz0z8x32z0L/RkCujUVECAU8VlBSbJu6WHHgQFGtuMF3hkj
f5MbkbTxesJU7tPUfD3BRBu6ahacibVSqK5LsbBNIzdhcNBNicGCzRbAXPi17uhm
b/yUXn5l5EennKp4zJW1I+p27yM/pdsz8nIgk9IkBmDCEH/YG2fvN404wQ8C2593
2qrC44xHKmgXvOPB5kUr+vOL4/zkUAJpi+1IWtsYDC9f5u+3QQLMVTrGMtvCcZJ4
gBaIyXznwMo3nE4tc4cnYtd22YPWhBT9nksUOHd/o6YtSkKO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:32 2024 by rpki-client on console-ams.rpki-client.org