Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/QkAGEVx-6IImRb89Fkc7AkMaN-4.roa
File: QkAGEVx-6IImRb89Fkc7AkMaN-4.roa (raw, json)
Hash identifier: iSQlaO0MxtKnetsCjm8Jxo5mG51M3RMDDsEBjtRQOCI=
Subject key identifier: 42:40:06:11:5C:7E:E8:82:26:45:BF:3D:16:47:3B:02:43:1A:37:EE
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 018CC94C36B162CDE377BF6F3D38E1D3B514
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/QkAGEVx-6IImRb89Fkc7AkMaN-4.roa
Signing time: Tue 02 Jan 2024 08:31:04 +0000
ROA not before: Tue 02 Jan 2024 08:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201380
IP address blocks: 2a10:59c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Jun 2024 20:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:36:b1:62:cd:e3:77:bf:6f:3d:38:e1:d3:b5:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Jan 2 08:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=424006115c7ee8822645bf3d16473b02431a37ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7b:3b:e1:26:f6:d7:b7:ef:0c:92:a9:ac:87:
20:6a:89:e5:39:be:de:ae:a4:b2:3c:46:f3:3b:e1:
05:57:4d:56:fe:09:07:79:a2:16:38:d7:91:c0:99:
e5:58:1d:88:72:9a:e0:e5:3d:40:fd:2a:47:db:60:
d6:09:e3:38:98:02:8e:bc:e7:48:fd:f0:22:e9:63:
90:32:65:42:e2:54:cb:1a:c2:c3:8f:98:eb:66:99:
40:f4:58:9c:5e:2c:0e:b5:66:84:fb:85:96:bf:2d:
29:2e:c7:ba:b0:59:c9:a4:03:1d:fc:ec:40:b7:62:
5d:6b:b3:92:b2:55:a6:cc:03:35:26:64:0a:34:bf:
d6:9a:8a:1f:f4:34:43:3b:cb:6c:07:ff:65:9e:30:
c5:cf:0d:c3:41:ba:6f:48:40:e0:73:47:4f:ed:70:
f5:b8:43:c9:b2:d5:42:96:c7:f2:bc:36:1f:57:dc:
e9:7d:d2:b5:48:eb:8e:6d:5e:8a:31:e5:82:ad:0e:
f7:f1:ca:2b:19:b5:a1:8b:c7:e2:60:0d:ba:9f:62:
57:1f:33:a2:0b:ff:89:86:31:fe:c3:a9:37:48:8d:
50:95:a2:ce:37:84:a1:7d:db:63:42:0b:f5:ef:05:
b4:08:41:e0:cc:a5:fe:cc:71:e5:26:38:10:dc:75:
99:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:40:06:11:5C:7E:E8:82:26:45:BF:3D:16:47:3B:02:43:1A:37:EE
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/QkAGEVx-6IImRb89Fkc7AkMaN-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:59c0::/32
Signature Algorithm: sha256WithRSAEncryption
42:42:db:f5:eb:07:c0:5b:42:18:34:e3:9d:91:9e:79:5d:72:
72:03:90:87:ff:0c:c6:f2:1e:ea:90:b2:8c:49:51:d9:17:b9:
06:a9:0c:1c:f6:ef:e9:0b:c8:2d:a1:69:45:6c:87:94:65:2f:
84:77:3a:92:ea:c7:c1:0d:fd:5c:6f:45:ba:15:58:53:91:b4:
cc:4c:8d:2e:d2:74:a9:99:b6:9c:0b:3d:1d:23:0f:14:39:e7:
8b:72:c7:47:c7:50:2b:b2:d6:60:4c:11:f8:c8:cc:4c:86:33:
b2:f4:c4:8b:e7:c3:1a:83:58:1f:c1:fc:97:1f:47:18:02:3d:
ff:f4:6b:49:07:1c:ff:5d:26:47:bb:35:ba:0d:7e:4a:8b:78:
c6:77:30:48:d6:9e:7d:59:97:1e:b1:60:e7:6d:41:3e:c6:bd:
0d:09:43:f6:64:9e:5c:33:a7:0c:08:c0:28:e7:99:00:4d:fc:
f3:5b:f6:40:02:a5:b7:4d:81:b5:38:a2:cc:85:84:41:c3:f9:
d2:8f:12:37:4e:cf:01:d4:9a:30:04:ab:a6:c1:d2:2a:52:ab:
c4:b6:57:be:d7:e0:dd:41:38:7f:6c:a1:f2:d9:51:d8:4d:6c:
22:6d:34:7c:d4:c8:fa:e7:b8:fc:07:98:1d:bc:8b:27:12:56:
ee:be:2d:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJTDaxYs3jd79vPTjh07UUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjQwMTAyMDgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQwMDYxMTVjN2VlODgyMjY0NWJmM2QxNjQ3M2IwMjQzMWEzN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3s74Sb217fvDJKprIcgaonlOb7e
rqSyPEbzO+EFV01W/gkHeaIWONeRwJnlWB2Icprg5T1A/SpH22DWCeM4mAKOvOdI
/fAi6WOQMmVC4lTLGsLDj5jrZplA9FicXiwOtWaE+4WWvy0pLse6sFnJpAMd/OxA
t2Jda7OSslWmzAM1JmQKNL/Wmoof9DRDO8tsB/9lnjDFzw3DQbpvSEDgc0dP7XD1
uEPJstVClsfyvDYfV9zpfdK1SOuObV6KMeWCrQ738corGbWhi8fiYA26n2JXHzOi
C/+JhjH+w6k3SI1QlaLON4ShfdtjQgv17wW0CEHgzKX+zHHlJjgQ3HWZDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEJABhFcfuiCJkW/PRZHOwJDGjfuMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvUWtBR0VWeC02SUltUmI4OUZrYzdBa01hTi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhBZwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQkLb9esHwFtCGDTjnZGeeV1ycgOQh/8MxvIe6pCy
jElR2Re5BqkMHPbv6QvILaFpRWyHlGUvhHc6kurHwQ39XG9FuhVYU5G0zEyNLtJ0
qZm2nAs9HSMPFDnni3LHR8dQK7LWYEwR+MjMTIYzsvTEi+fDGoNYH8H8lx9HGAI9
//RrSQcc/10mR7s1ug1+Sot4xncwSNaefVmXHrFg521BPsa9DQlD9mSeXDOnDAjA
KOeZAE3881v2QAKlt02BtTiizIWEQcP50o8SN07PAdSaMASrpsHSKlKrxLZXvtfg
3UE4f2yh8tlR2E1sIm00fNTI+ue4/AeYHbyLJxJW7r4tow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 23:20:48 2024 by rpki-client on console-ams.rpki-client.org