Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1e48b6-7fb0-4a12-b3e7-4b9a6058b423/1/QfLdeaK8C66e3setJw_u2RB38M8.roa
File: QfLdeaK8C66e3setJw_u2RB38M8.roa (raw, json)
Hash identifier: 5lrTyinaGQ0JHhoA9keuvmLk1R374168sLxgto0C358=
Subject key identifier: 41:F2:DD:79:A2:BC:0B:AE:9E:DE:C7:AD:27:0F:EE:D9:10:77:F0:CF
Certificate issuer: /CN=4b20d5c78c107bcf9c715453d21444f696e44b11
Certificate serial: 018571B0E0F551B26AFBC7FB379D9FC70AD1
Authority key identifier: 4B:20:D5:C7:8C:10:7B:CF:9C:71:54:53:D2:14:44:F6:96:E4:4B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyDVx4wQe8-ccVRT0hRE9pbkSxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1e48b6-7fb0-4a12-b3e7-4b9a6058b423/1/QfLdeaK8C66e3setJw_u2RB38M8.roa
Signing time: Mon 02 Jan 2023 08:54:55 +0000
ROA not before: Mon 02 Jan 2023 08:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61095
IP address blocks: 2a04:1040::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:e0:f5:51:b2:6a:fb:c7:fb:37:9d:9f:c7:0a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b20d5c78c107bcf9c715453d21444f696e44b11
Validity
Not Before: Jan 2 08:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41f2dd79a2bc0bae9edec7ad270feed91077f0cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:55:84:fc:04:a9:41:1c:e3:ac:fb:f1:03:8f:
f8:fa:75:df:32:c6:d0:6c:11:a9:e9:b5:18:5d:05:
0c:7d:d1:4a:ad:03:2c:7e:c5:b6:f6:d9:43:38:03:
b1:bf:7b:fe:c7:b4:ca:46:4f:a2:8a:f1:10:19:e9:
70:0d:f4:5b:95:1c:22:31:05:06:5c:b7:de:7e:54:
24:3c:24:5e:19:ab:f3:06:06:74:af:0a:b5:3f:60:
2e:e6:8b:6d:c6:8d:f4:9f:1c:6e:cc:8a:bd:62:93:
79:fc:46:46:d5:09:a6:f2:78:1e:be:71:5c:c6:6a:
5a:19:60:e2:36:1b:64:f7:e6:50:50:77:ee:cf:03:
97:44:6b:2e:f5:da:11:fc:fb:3a:17:6a:f7:d0:92:
20:f5:79:10:93:b8:5b:c6:c5:ac:8f:09:8c:86:cb:
7d:36:33:dc:14:52:df:30:ff:07:91:47:3a:51:07:
c7:eb:11:cd:b5:c7:b8:e1:c1:0b:06:b7:5d:fb:37:
ad:1e:53:4b:ce:5b:51:b2:f5:c0:e6:82:1c:5a:fc:
2c:e6:57:82:d1:de:92:a3:b7:09:a6:e9:9d:92:13:
cc:6a:91:4a:a4:3d:7e:eb:4f:8f:18:d9:86:e5:d2:
e0:a0:c6:24:bf:aa:52:39:7f:4c:eb:8c:44:c9:47:
f1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F2:DD:79:A2:BC:0B:AE:9E:DE:C7:AD:27:0F:EE:D9:10:77:F0:CF
X509v3 Authority Key Identifier:
keyid:4B:20:D5:C7:8C:10:7B:CF:9C:71:54:53:D2:14:44:F6:96:E4:4B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyDVx4wQe8-ccVRT0hRE9pbkSxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1e48b6-7fb0-4a12-b3e7-4b9a6058b423/1/QfLdeaK8C66e3setJw_u2RB38M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1e48b6-7fb0-4a12-b3e7-4b9a6058b423/1/SyDVx4wQe8-ccVRT0hRE9pbkSxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:1040::/29
Signature Algorithm: sha256WithRSAEncryption
23:7f:54:7d:f2:ac:43:db:dc:06:3b:13:1e:dd:21:13:f4:55:
0c:03:fa:93:22:0c:7b:d0:27:06:30:ca:0c:bf:5a:88:32:3b:
59:a0:cb:14:f1:6f:fb:d8:78:51:7f:a4:18:67:80:e8:76:33:
bb:04:5e:83:0c:d8:c8:2b:c1:50:bc:22:0a:be:f8:d8:42:54:
90:ac:0c:25:d2:2c:3d:13:f0:f8:af:09:81:cb:e4:2d:68:22:
0e:10:14:62:a2:1a:8b:63:62:2b:ea:69:39:1a:e2:ac:69:17:
d8:0e:bc:5f:30:e8:cb:16:df:7b:c2:0b:44:39:c1:f3:d2:36:
d2:cc:9a:12:ea:50:ef:46:de:78:8c:ae:30:3d:2b:3c:92:db:
53:29:98:8f:49:46:cf:57:2e:5b:b3:26:59:02:39:bd:40:9b:
51:46:d5:8f:d4:2d:bf:e0:86:05:d0:8b:26:a3:6d:06:88:78:
12:87:b8:b8:54:d4:10:36:d0:1c:a7:c1:5d:9f:9d:0d:6b:1e:
64:03:72:1d:75:e2:21:cd:65:82:46:b1:cb:f6:51:10:d7:ef:
17:35:32:5b:06:59:e8:05:5c:f6:4a:cb:d9:f9:8e:b9:a6:35:
c1:44:82:c2:ad:91:58:cc:d8:94:ca:4c:5e:07:77:1a:04:92:
e8:a1:3e:fe
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxsOD1UbJq+8f7N52fxwrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMjBkNWM3OGMxMDdiY2Y5YzcxNTQ1M2QyMTQ0NGY2OTZl
NDRiMTEwHhcNMjMwMTAyMDg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWYyZGQ3OWEyYmMwYmFlOWVkZWM3YWQyNzBmZWVkOTEwNzdmMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlWE/ASpQRzjrPvxA4/4+nXfMsbQ
bBGp6bUYXQUMfdFKrQMsfsW29tlDOAOxv3v+x7TKRk+iivEQGelwDfRblRwiMQUG
XLfeflQkPCReGavzBgZ0rwq1P2Au5ottxo30nxxuzIq9YpN5/EZG1Qmm8ngevnFc
xmpaGWDiNhtk9+ZQUHfuzwOXRGsu9doR/Ps6F2r30JIg9XkQk7hbxsWsjwmMhst9
NjPcFFLfMP8HkUc6UQfH6xHNtce44cELBrdd+zetHlNLzltRsvXA5oIcWvws5leC
0d6So7cJpumdkhPMapFKpD1+60+PGNmG5dLgoMYkv6pSOX9M64xEyUfxFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEHy3XmivAuunt7HrScP7tkQd/DPMB8GA1UdIwQY
MBaAFEsg1ceMEHvPnHFUU9IURPaW5EsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3lEVng0d1FlOC1jY1ZSVDBoUkU5cGJrU3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xZTQ4YjYtN2ZiMC00YTEyLWIzZTct
NGI5YTYwNThiNDIzLzEvUWZMZGVhSzhDNjZlM3NldEp3X3UyUkIzOE04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xZTQ4YjYtN2ZiMC00YTEyLWIzZTctNGI5YTYwNThiNDIz
LzEvU3lEVng0d1FlOC1jY1ZSVDBoUkU5cGJrU3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgQQQDAN
BgkqhkiG9w0BAQsFAAOCAQEAI39UffKsQ9vcBjsTHt0hE/RVDAP6kyIMe9AnBjDK
DL9aiDI7WaDLFPFv+9h4UX+kGGeA6HYzuwRegwzYyCvBULwiCr742EJUkKwMJdIs
PRPw+K8JgcvkLWgiDhAUYqIai2NiK+ppORrirGkX2A68XzDoyxbfe8ILRDnB89I2
0syaEupQ70beeIyuMD0rPJLbUymYj0lGz1cuW7MmWQI5vUCbUUbVj9Qtv+CGBdCL
JqNtBoh4Eoe4uFTUEDbQHKfBXZ+dDWseZANyHXXiIc1lgkaxy/ZRENfvFzUyWwZZ
6AVc9krL2fmOuaY1wUSCwq2RWMzYlMpMXgd3GgSS6KE+/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org