Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/QTSOnCsi7_Czlma87AQHkejmJ1U.roa
File: QTSOnCsi7_Czlma87AQHkejmJ1U.roa (raw, json)
Hash identifier: dK+x2nZotaethiyQ/fq8pLC7+u1ebP6f6qYoDSRmGY8=
Subject key identifier: 41:34:8E:9C:2B:22:EF:F0:B3:96:66:BC:EC:04:07:91:E8:E6:27:55
Certificate issuer: /CN=4ae8d08909d185af41d0a0c3be5ea28c352f0226
Certificate serial: 01856B77AA7677BA4D1CA61F6523B7A66CE4
Authority key identifier: 4A:E8:D0:89:09:D1:85:AF:41:D0:A0:C3:BE:5E:A2:8C:35:2F:02:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SujQiQnRha9B0KDDvl6ijDUvAiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/QTSOnCsi7_Czlma87AQHkejmJ1U.roa
Signing time: Sun 01 Jan 2023 03:54:42 +0000
ROA not before: Sun 01 Jan 2023 03:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212989
IP address blocks: 2001:678:ddc::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:aa:76:77:ba:4d:1c:a6:1f:65:23:b7:a6:6c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ae8d08909d185af41d0a0c3be5ea28c352f0226
Validity
Not Before: Jan 1 03:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41348e9c2b22eff0b39666bcec040791e8e62755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:49:b8:39:b9:ad:b0:5e:b3:af:43:ee:ec:50:
60:9d:98:62:aa:ba:c2:df:67:a0:56:a2:87:3d:32:
cb:c5:fd:b0:5c:1f:43:af:07:ac:24:ef:16:81:af:
ad:e1:be:29:8f:3b:1a:dd:a4:89:66:ac:ff:7f:5c:
1b:0d:5c:3d:08:cc:89:6c:ea:7c:ee:fc:ee:7a:7a:
75:0f:9b:21:b3:75:9e:76:2b:ad:30:ff:a2:69:2a:
4b:05:c1:26:07:71:04:cc:21:fd:86:d1:77:c6:dd:
cd:c5:e3:31:a2:a2:2d:a4:1c:ab:c9:64:e1:49:9a:
05:dc:5f:91:72:ea:21:01:6d:a8:97:b0:b2:2f:7f:
3f:0a:6d:a8:c8:fa:b5:53:58:55:e8:6c:cd:53:db:
84:11:95:d5:21:b8:33:6c:ff:bb:b3:9d:1f:a6:8f:
fc:0b:59:04:ec:7e:ca:eb:35:79:26:96:cb:43:a6:
cb:75:2d:d0:4d:cd:cb:dd:51:a9:af:f1:31:7b:c9:
81:ed:18:27:68:e8:41:4b:4d:59:be:ca:d5:51:14:
44:27:67:2c:48:c7:bf:9b:ca:b3:38:f2:e4:ee:08:
2d:d0:56:76:ce:5f:d5:c1:0e:01:d6:81:f3:c3:17:
6b:01:f6:f5:12:8b:8d:f0:b6:e7:4a:e8:0a:dd:6c:
60:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:34:8E:9C:2B:22:EF:F0:B3:96:66:BC:EC:04:07:91:E8:E6:27:55
X509v3 Authority Key Identifier:
keyid:4A:E8:D0:89:09:D1:85:AF:41:D0:A0:C3:BE:5E:A2:8C:35:2F:02:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SujQiQnRha9B0KDDvl6ijDUvAiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/QTSOnCsi7_Czlma87AQHkejmJ1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/SujQiQnRha9B0KDDvl6ijDUvAiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ddc::/48
Signature Algorithm: sha256WithRSAEncryption
71:a5:d5:bd:c8:a5:7b:a2:a2:a5:bd:e1:16:3a:f4:92:d0:04:
a7:e9:e5:8a:09:33:f9:b7:89:bd:38:60:b5:a2:a6:09:ea:5e:
0d:1d:2d:74:b0:a8:e7:cd:4e:2d:a2:28:5c:2c:77:da:2f:05:
7c:77:ae:b9:82:f7:e8:6f:1f:63:ec:93:95:83:fa:a1:5f:c0:
45:90:c1:cd:04:45:6e:be:f4:e2:15:74:29:32:86:34:89:95:
a5:70:81:99:32:6d:5f:d3:19:fc:81:e1:66:dd:8e:1d:e0:89:
be:24:f2:e0:68:8b:20:fe:ea:2c:16:0e:be:4d:2d:4c:f9:9c:
97:45:b4:14:08:12:2c:29:61:2e:67:12:61:37:34:38:3f:57:
d0:04:27:5b:6b:62:c4:ff:7b:8e:ca:be:43:69:d8:82:5f:70:
57:82:f8:93:b0:ad:a4:fc:c4:fd:e7:7d:29:69:e6:1e:58:12:
b3:30:cd:1b:68:58:6e:e0:bb:b5:a1:d5:17:b9:f9:f8:80:d8:
9c:04:7c:2e:a6:3f:da:cc:be:60:7c:d3:04:98:70:02:fe:bf:
83:13:05:4f:f9:18:1e:ca:53:62:fa:f9:69:12:7d:2d:9f:e1:
c1:5d:01:24:e7:c3:05:1e:ec:ce:8c:e6:73:5b:76:00:e2:40:
9f:27:af:54
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrd6p2d7pNHKYfZSO3pmzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZThkMDg5MDlkMTg1YWY0MWQwYTBjM2JlNWVhMjhjMzUy
ZjAyMjYwHhcNMjMwMTAxMDM1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTM0OGU5YzJiMjJlZmYwYjM5NjY2YmNlYzA0MDc5MWU4ZTYyNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0m4ObmtsF6zr0Pu7FBgnZhiqrrC
32egVqKHPTLLxf2wXB9DrwesJO8Wga+t4b4pjzsa3aSJZqz/f1wbDVw9CMyJbOp8
7vzuenp1D5shs3WediutMP+iaSpLBcEmB3EEzCH9htF3xt3NxeMxoqItpByryWTh
SZoF3F+RcuohAW2ol7CyL38/Cm2oyPq1U1hV6GzNU9uEEZXVIbgzbP+7s50fpo/8
C1kE7H7K6zV5JpbLQ6bLdS3QTc3L3VGpr/Exe8mB7RgnaOhBS01ZvsrVURREJ2cs
SMe/m8qzOPLk7ggt0FZ2zl/VwQ4B1oHzwxdrAfb1EouN8LbnSugK3WxgRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEE0jpwrIu/ws5ZmvOwEB5Ho5idVMB8GA1UdIwQY
MBaAFEro0IkJ0YWvQdCgw75eoow1LwImMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3VqUWlRblJoYTlCMEtERHZsNmlqRFV2QWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS80MTQ0NmItZTQ5YS00YWU3LTgxZTUt
OTQyNTg1NmVjNTQyLzEvUVRTT25Dc2k3X0N6bG1hODdBUUhrZWptSjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS80MTQ0NmItZTQ5YS00YWU3LTgxZTUtOTQyNTg1NmVjNTQy
LzEvU3VqUWlRblJoYTlCMEtERHZsNmlqRFV2QWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA3c
MA0GCSqGSIb3DQEBCwUAA4IBAQBxpdW9yKV7oqKlveEWOvSS0ASn6eWKCTP5t4m9
OGC1oqYJ6l4NHS10sKjnzU4toihcLHfaLwV8d665gvfobx9j7JOVg/qhX8BFkMHN
BEVuvvTiFXQpMoY0iZWlcIGZMm1f0xn8geFm3Y4d4Im+JPLgaIsg/uosFg6+TS1M
+ZyXRbQUCBIsKWEuZxJhNzQ4P1fQBCdba2LE/3uOyr5DadiCX3BXgviTsK2k/MT9
530paeYeWBKzMM0baFhu4Lu1odUXufn4gNicBHwupj/azL5gfNMEmHAC/r+DEwVP
+RgeylNi+vlpEn0tn+HBXQEk58MFHuzOjOZzW3YA4kCfJ69U
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:37 2024 by rpki-client on console-ams.rpki-client.org