Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/QpXoZ_lmIPIFZ9YFOat4CFnxoks.roa
File: QpXoZ_lmIPIFZ9YFOat4CFnxoks.roa (raw, json)
Hash identifier: oylMvR1xW6PqzJ3r2adVmWicTdYUYxupKI3iAXMF9fs=
Subject key identifier: 42:95:E8:67:F9:66:20:F2:05:67:D6:05:39:AB:78:08:59:F1:A2:4B
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 018E3284C206FE1D85EBAF4FBCDE6CF69CE7
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/QpXoZ_lmIPIFZ9YFOat4CFnxoks.roa
Signing time: Tue 12 Mar 2024 11:55:44 +0000
ROA not before: Tue 12 Mar 2024 11:55:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
2a0c:f642::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Mar 2024 15:21:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:84:c2:06:fe:1d:85:eb:af:4f:bc:de:6c:f6:9c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Mar 12 11:55:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4295e867f96620f20567d60539ab780859f1a24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7b:bb:e1:d3:06:2a:a1:32:5b:9d:81:c3:8d:
31:53:68:93:f7:f9:0f:a6:05:e1:76:db:0f:a7:84:
bc:ef:15:68:86:84:16:ef:08:7d:25:7d:40:1f:67:
95:8f:fd:04:ce:31:10:ec:cf:17:fc:16:4c:b5:65:
35:b4:0a:67:ff:73:d8:f8:be:82:ea:62:6e:10:c7:
9b:42:ad:99:9d:69:7c:17:6f:ee:16:07:b7:aa:2d:
6b:f6:31:2c:e8:ee:b9:56:fc:8f:7f:6a:de:51:66:
99:39:b0:d9:0c:2a:b6:43:9c:e8:77:93:79:66:e6:
e7:f8:41:e3:88:e1:9b:a7:6b:c2:44:73:0d:70:1e:
bb:cc:06:60:70:c6:4d:3d:de:30:68:78:23:fd:2a:
0e:0d:c4:f5:11:f7:81:db:41:fe:4a:3f:c4:d7:50:
6c:6d:3c:2a:93:8f:7a:3e:6e:48:e9:71:81:b7:d7:
03:a0:7b:c7:be:71:fb:a8:13:bc:07:3e:69:4b:46:
a8:1e:51:f0:8c:55:d0:fb:5b:0d:ad:6d:bc:35:44:
17:21:17:25:4a:6f:2d:dd:8f:cf:2c:eb:8d:11:8f:
16:d7:6c:07:96:6d:21:57:bb:9f:d8:24:6f:df:d2:
6b:1f:10:9c:b4:77:e8:fe:75:29:dd:55:05:f7:93:
7f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:95:E8:67:F9:66:20:F2:05:67:D6:05:39:AB:78:08:59:F1:A2:4B
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/QpXoZ_lmIPIFZ9YFOat4CFnxoks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:6980::/29
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
49:8a:28:79:36:9f:9a:ec:38:ec:3e:67:04:ee:ea:80:1d:c5:
e4:78:99:39:44:f6:ff:c3:69:c4:cb:97:98:4d:88:3b:f4:83:
aa:ae:b4:92:b2:6c:da:0c:3a:5e:68:4d:2b:94:52:51:ea:72:
9e:98:01:c1:4e:58:4d:c4:87:53:20:02:05:c8:af:e2:e5:6c:
12:e9:6d:8a:5b:04:bd:be:96:16:3e:4b:9e:17:f7:5a:66:db:
15:62:9d:f9:5b:f3:36:04:12:23:38:a0:0b:37:15:01:91:11:
ef:5b:29:33:00:b7:7a:42:c8:d1:47:54:f2:5f:c7:0e:71:c2:
44:77:5b:56:9a:10:8f:89:be:ed:0c:5f:e5:5a:39:16:3c:50:
fb:41:c6:35:81:87:03:24:ef:98:02:5a:6a:83:23:56:76:52:
34:0b:f9:ca:f9:95:b4:70:e2:13:d7:25:81:f9:56:d5:ad:2a:
d6:97:8f:2f:03:4f:22:92:81:45:75:8e:c9:fe:6e:2f:d2:75:
9c:36:28:ba:07:70:5d:4f:3b:91:e9:51:61:5e:c5:47:4b:fc:
f4:47:10:d0:b4:47:33:cb:d4:d6:6a:65:c2:d6:e9:58:2a:50:
fc:14:f6:63:8e:73:0a:5b:14:9b:ab:f4:2d:99:dc:0d:f9:4c:
fb:ab:f4:95
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY4yhMIG/h2F669PvN5s9pznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwMzEyMTE1NTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk1ZTg2N2Y5NjYyMGYyMDU2N2Q2MDUzOWFiNzgwODU5ZjFhMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXu74dMGKqEyW52Bw40xU2iT9/kP
pgXhdtsPp4S87xVohoQW7wh9JX1AH2eVj/0EzjEQ7M8X/BZMtWU1tApn/3PY+L6C
6mJuEMebQq2ZnWl8F2/uFge3qi1r9jEs6O65VvyPf2reUWaZObDZDCq2Q5zod5N5
Zubn+EHjiOGbp2vCRHMNcB67zAZgcMZNPd4waHgj/SoODcT1EfeB20H+Sj/E11Bs
bTwqk496Pm5I6XGBt9cDoHvHvnH7qBO8Bz5pS0aoHlHwjFXQ+1sNrW28NUQXIRcl
Sm8t3Y/PLOuNEY8W12wHlm0hV7uf2CRv39JrHxCctHfo/nUp3VUF95N/bwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEKV6Gf5ZiDyBWfWBTmreAhZ8aJLMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvUXBYb1pfbG1JUElGWjlZRk9hdDRDRm54b2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgbdwAMF
AyoLgEADBQMqDGmAAwUAKgz2QjANBgkqhkiG9w0BAQsFAAOCAQEASYooeTafmuw4
7D5nBO7qgB3F5HiZOUT2/8NpxMuXmE2IO/SDqq60krJs2gw6XmhNK5RSUepynpgB
wU5YTcSHUyACBciv4uVsEultilsEvb6WFj5Lnhf3WmbbFWKd+VvzNgQSIzigCzcV
AZER71spMwC3ekLI0UdU8l/HDnHCRHdbVpoQj4m+7Qxf5Vo5FjxQ+0HGNYGHAyTv
mAJaaoMjVnZSNAv5yvmVtHDiE9clgflW1a0q1pePLwNPIpKBRXWOyf5uL9J1nDYo
ugdwXU87kelRYV7FR0v89EcQ0LRHM8vU1mplwtbpWCpQ/BT2Y45zClsUm6v0LZnc
DflM+6v0lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:58 2024 by rpki-client on console-fra.rpki-client.org