Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/q1mbuuiHRzHrbnrqVDnoVA3xbHE.roa
File: q1mbuuiHRzHrbnrqVDnoVA3xbHE.roa (raw, json)
Hash identifier: eoM78JG7Aw4FSYhSFtS66RZxu1wFpSBWcrq/0Fjhi68=
Subject key identifier: AB:59:9B:BA:E8:87:47:31:EB:6E:7A:EA:54:39:E8:54:0D:F1:6C:71
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 018A4D1A503E76F04E7D795C1B316F45D430
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/q1mbuuiHRzHrbnrqVDnoVA3xbHE.roa
Signing time: Thu 31 Aug 2023 19:38:04 +0000
ROA not before: Thu 31 Aug 2023 19:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 2a0c:6900::/32 maxlen: 32
2a0c:6900::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4d:1a:50:3e:76:f0:4e:7d:79:5c:1b:31:6f:45:d4:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Aug 31 19:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab599bbae8874731eb6e7aea5439e8540df16c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6c:eb:16:7e:60:0f:4a:02:b8:bc:44:f2:8e:
8d:b1:f7:ef:81:da:62:fe:86:8f:16:9a:0d:33:04:
e5:9f:d4:ae:c1:11:61:af:f0:88:06:90:0b:52:3f:
f3:e4:bb:b6:22:f4:f4:5a:72:aa:0e:b6:dc:bd:86:
1c:ea:1b:9a:e6:9d:f4:fa:92:e8:cd:4f:0b:a1:74:
b5:e0:24:b0:93:ef:bd:24:11:53:69:06:64:20:10:
3f:d7:e1:9b:3e:74:e4:04:78:3a:21:a1:55:6c:58:
e1:cf:ca:fc:2d:5c:ed:8c:75:0f:53:75:3e:a5:6b:
57:b3:1b:2a:e5:72:dd:39:19:08:47:33:4e:cb:fe:
e6:18:2e:88:f2:a4:30:74:33:cf:16:8a:b4:4c:64:
b4:b2:07:67:77:69:54:d3:a4:6a:09:89:e7:1d:e0:
68:88:8e:eb:4d:cb:92:05:4b:61:2c:82:0d:e1:26:
e3:f7:db:d2:f7:ba:20:dd:34:6c:d5:96:6d:30:cc:
6a:7f:d0:52:73:5e:36:73:79:94:24:82:93:60:21:
f3:70:f2:27:b3:07:77:e4:7b:84:d5:4b:b6:d5:c9:
0e:f3:9c:b4:2d:b3:de:3c:b5:5a:09:4c:1e:e2:8f:
75:77:ee:ab:45:f4:66:f1:93:0f:dd:04:34:fc:34:
e6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:59:9B:BA:E8:87:47:31:EB:6E:7A:EA:54:39:E8:54:0D:F1:6C:71
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/q1mbuuiHRzHrbnrqVDnoVA3xbHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:6900::/29
Signature Algorithm: sha256WithRSAEncryption
5a:fa:2c:a2:21:de:dd:6b:7d:9c:be:4e:ec:18:c7:1f:bd:e7:
71:a4:26:73:2f:89:d7:95:27:7d:23:8a:35:e5:90:f3:4b:57:
e5:cc:3b:9f:29:a4:cf:e0:85:b9:71:2e:3d:72:a6:ed:d7:9e:
05:87:73:9c:8b:4f:1a:81:3b:0b:1d:04:7b:69:42:d8:06:72:
3b:64:56:88:72:28:96:e2:00:62:15:ab:41:23:5b:9e:7b:56:
e1:ba:0b:c2:10:85:51:41:05:31:06:8b:2e:d8:52:73:f1:4f:
2c:3b:cd:26:a0:07:da:f1:3d:cb:bc:90:22:d4:ce:d1:c5:4c:
ab:e9:f5:be:53:b8:33:0e:94:23:c4:1e:35:7d:07:3e:3d:5d:
1e:28:0d:fd:fa:7d:b8:0a:ff:4c:47:47:a0:04:3c:42:13:3a:
1e:44:56:5b:42:98:83:88:ef:e1:c7:51:73:32:41:75:30:77:
99:eb:b4:51:59:03:9f:bf:ea:ff:34:ac:40:3b:93:2c:e5:b6:
8b:61:0d:2a:04:a4:ee:96:08:0b:5a:7b:e1:cc:fe:e3:a2:ac:
bf:ae:49:df:cd:37:59:83:5d:b4:f1:e4:b9:d7:c2:03:aa:b0:
8c:50:1a:7b:45:07:3a:11:7e:f1:48:7c:ea:c2:d1:01:1a:3c:
e1:6a:41:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpNGlA+dvBOfXlcGzFvRdQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwODMxMTkzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjU5OWJiYWU4ODc0NzMxZWI2ZTdhZWE1NDM5ZTg1NDBkZjE2YzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2zrFn5gD0oCuLxE8o6Nsffvgdpi
/oaPFpoNMwTln9SuwRFhr/CIBpALUj/z5Lu2IvT0WnKqDrbcvYYc6hua5p30+pLo
zU8LoXS14CSwk++9JBFTaQZkIBA/1+GbPnTkBHg6IaFVbFjhz8r8LVztjHUPU3U+
pWtXsxsq5XLdORkIRzNOy/7mGC6I8qQwdDPPFoq0TGS0sgdnd2lU06RqCYnnHeBo
iI7rTcuSBUthLIIN4Sbj99vS97og3TRs1ZZtMMxqf9BSc142c3mUJIKTYCHzcPIn
swd35HuE1Uu21ckO85y0LbPePLVaCUwe4o91d+6rRfRm8ZMP3QQ0/DTmqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKtZm7roh0cx62566lQ56FQN8WxxMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvcTFtYnV1aUhSekhyYm5ycVZEbm9WQTN4YkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgxpADAN
BgkqhkiG9w0BAQsFAAOCAQEAWvosoiHe3Wt9nL5O7BjHH73ncaQmcy+J15UnfSOK
NeWQ80tX5cw7nymkz+CFuXEuPXKm7deeBYdznItPGoE7Cx0Ee2lC2AZyO2RWiHIo
luIAYhWrQSNbnntW4boLwhCFUUEFMQaLLthSc/FPLDvNJqAH2vE9y7yQItTO0cVM
q+n1vlO4Mw6UI8QeNX0HPj1dHigN/fp9uAr/TEdHoAQ8QhM6HkRWW0KYg4jv4cdR
czJBdTB3meu0UVkDn7/q/zSsQDuTLOW2i2ENKgSk7pYIC1p74cz+46Ksv65J3803
WYNdtPHkudfCA6qwjFAae0UHOhF+8Uh86sLRARo84WpBFQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:49 2024 by rpki-client on console-fra.rpki-client.org