Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/QNg0Q1x775kOeZvusfGqQ8XcVTk.roa
File: QNg0Q1x775kOeZvusfGqQ8XcVTk.roa (raw, json)
Hash identifier: +Nvgk7uDuP8eX8h/3j6hQoTwfK/0He0BzFlxzWOwhQY=
Subject key identifier: 40:D8:34:43:5C:7B:EF:99:0E:79:9B:EE:B1:F1:AA:43:C5:DC:55:39
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018837D2D7A67C8FB476DF7AC870FB4C8ABB
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/QNg0Q1x775kOeZvusfGqQ8XcVTk.roa
Signing time: Sat 20 May 2023 06:22:24 +0000
ROA not before: Sat 20 May 2023 06:22:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212623
IP address blocks: 2a0f:7803:fff0::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Jun 2023 16:11:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:37:d2:d7:a6:7c:8f:b4:76:df:7a:c8:70:fb:4c:8a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: May 20 06:22:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40d834435c7bef990e799beeb1f1aa43c5dc5539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cd:07:06:7a:5b:60:24:82:fa:80:5f:bc:d1:
2f:36:9c:54:8e:50:c2:b3:a7:e3:30:29:39:8c:5c:
86:52:e9:50:3b:67:0c:be:c7:ba:3a:92:fb:26:1d:
f8:65:ce:ce:86:f3:8d:80:2a:ac:a1:a0:81:d6:51:
4d:e3:fe:96:87:3c:07:fb:db:d4:ca:31:44:79:ab:
4c:8e:81:b6:80:9b:5f:6c:41:37:8d:7b:99:57:cc:
80:8d:ff:13:e5:a0:5f:75:c7:b7:7d:29:b2:f9:35:
1d:cb:40:fb:7e:48:a3:f4:1e:fe:29:a2:f5:7e:cc:
b4:ab:d8:60:15:d0:0a:14:8f:9d:97:b1:31:6f:c7:
42:ae:f3:87:af:51:78:bf:da:c6:18:5d:25:d1:c9:
a1:ad:7f:c2:89:af:b2:43:1c:f7:90:bd:64:42:d6:
15:15:a7:c7:db:84:f0:f2:8c:89:c0:98:39:71:0a:
55:67:1a:ca:02:af:9a:34:31:8a:f0:3c:4b:25:75:
80:f8:4d:0b:91:a2:4e:f0:9f:fa:10:9c:f7:a4:65:
b9:36:29:32:82:cd:44:27:ad:89:f7:f4:fd:3d:4e:
d1:e9:12:55:4a:3a:68:d4:5e:f4:b2:64:0f:71:47:
4a:f6:84:96:29:c0:1c:a9:16:f5:1b:e8:d5:ef:c0:
e5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D8:34:43:5C:7B:EF:99:0E:79:9B:EE:B1:F1:AA:43:C5:DC:55:39
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/QNg0Q1x775kOeZvusfGqQ8XcVTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:fff0::/44
Signature Algorithm: sha256WithRSAEncryption
36:bd:84:5c:12:88:18:d2:74:f9:70:2e:5c:44:c3:92:ba:3a:
5f:70:ea:c9:60:91:1e:3f:98:51:ad:66:99:7f:5c:a8:81:60:
47:2f:8c:b9:cc:11:9c:10:1c:25:eb:9a:61:96:bc:87:13:65:
e9:ea:61:2f:01:1f:5e:e2:49:23:7a:4d:57:70:c0:41:4f:b8:
62:66:87:50:e3:32:b1:51:6a:09:5d:72:45:b3:8e:1f:21:94:
31:9d:32:99:69:a4:3f:22:13:ab:4f:23:ea:7e:42:f3:a7:fa:
be:91:c1:66:1a:86:1c:24:3e:2b:2e:71:d3:99:6a:28:70:22:
a4:c8:62:db:37:81:b4:3d:77:4f:42:07:c7:4f:28:a8:4e:fd:
22:10:0f:eb:78:c3:77:bf:a7:29:ba:2a:95:48:e7:a3:a4:72:
6f:a5:6b:31:09:f5:3e:a0:e3:f5:ad:ad:4e:cc:e8:58:c3:ac:
c3:61:62:7c:33:86:f9:74:bb:d1:c8:50:88:65:c6:79:5b:07:
0e:e2:b7:8f:da:2a:49:dd:cc:5e:9f:8d:4e:49:29:de:ce:55:
50:d4:97:98:af:61:39:fe:fe:2a:ce:b4:8f:e6:6d:22:31:10:
16:b5:a9:cc:66:eb:96:ef:dc:5e:d4:35:cd:0d:8b:e9:3d:7b:
85:46:12:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYg30temfI+0dt96yHD7TIq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjMwNTIwMDYyMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ4MzQ0MzVjN2JlZjk5MGU3OTliZWViMWYxYWE0M2M1ZGM1NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq80HBnpbYCSC+oBfvNEvNpxUjlDC
s6fjMCk5jFyGUulQO2cMvse6OpL7Jh34Zc7OhvONgCqsoaCB1lFN4/6WhzwH+9vU
yjFEeatMjoG2gJtfbEE3jXuZV8yAjf8T5aBfdce3fSmy+TUdy0D7fkij9B7+KaL1
fsy0q9hgFdAKFI+dl7Exb8dCrvOHr1F4v9rGGF0l0cmhrX/Cia+yQxz3kL1kQtYV
FafH24Tw8oyJwJg5cQpVZxrKAq+aNDGK8DxLJXWA+E0LkaJO8J/6EJz3pGW5Niky
gs1EJ62J9/T9PU7R6RJVSjpo1F70smQPcUdK9oSWKcAcqRb1G+jV78Dl3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEDYNENce++ZDnmb7rHxqkPF3FU5MB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvUU5nMFExeDc3NWtPZVp2dXNmR3FROFhjVlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A//w
MA0GCSqGSIb3DQEBCwUAA4IBAQA2vYRcEogY0nT5cC5cRMOSujpfcOrJYJEeP5hR
rWaZf1yogWBHL4y5zBGcEBwl65phlryHE2Xp6mEvAR9e4kkjek1XcMBBT7hiZodQ
4zKxUWoJXXJFs44fIZQxnTKZaaQ/IhOrTyPqfkLzp/q+kcFmGoYcJD4rLnHTmWoo
cCKkyGLbN4G0PXdPQgfHTyioTv0iEA/reMN3v6cpuiqVSOejpHJvpWsxCfU+oOP1
ra1OzOhYw6zDYWJ8M4b5dLvRyFCIZcZ5WwcO4reP2ipJ3cxen41OSSnezlVQ1JeY
r2E5/v4qzrSP5m0iMRAWtanMZuuW79xe1DXNDYvpPXuFRhKh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:29 2024 by rpki-client on console-fra.rpki-client.org