Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/jquP3B4KofoJSCPv15yeKznGj_4.roa
File: jquP3B4KofoJSCPv15yeKznGj_4.roa (raw, json)
Hash identifier: 7REBu+N139zWFZp/1S6fRgQpooMOxK39HJ/2/Dj7oNc=
Subject key identifier: 8E:AB:8F:DC:1E:0A:A1:FA:09:48:23:EF:D7:9C:9E:2B:39:C6:8F:FE
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018FC98E61563073BCF648BA0E2E602843D7
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/jquP3B4KofoJSCPv15yeKznGj_4.roa
Signing time: Thu 30 May 2024 12:51:42 +0000
ROA not before: Thu 30 May 2024 12:51:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204916
IP address blocks: 2a10:4100::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a12:a345::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 31 May 2024 04:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:8e:61:56:30:73:bc:f6:48:ba:0e:2e:60:28:43:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: May 30 12:51:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8eab8fdc1e0aa1fa094823efd79c9e2b39c68ffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:ce:12:fb:cb:99:57:6b:03:bb:d5:66:69:
56:49:e7:73:5a:68:5d:59:da:0e:31:09:88:de:a2:
b7:9e:d7:3e:07:da:d3:d2:e2:6e:bf:28:64:bc:e7:
0e:a3:c2:9d:ab:15:fd:3c:58:60:ea:ee:81:42:6d:
a5:f7:80:72:39:f9:71:04:f2:4d:3b:d6:69:a0:47:
df:ef:0a:d5:f2:fb:ba:27:f4:a8:11:5b:85:3b:fe:
9a:b4:68:e9:e4:ca:b8:6d:c3:4e:d0:2f:09:6c:32:
22:b7:d1:c4:43:12:a5:f4:d4:b0:d8:28:4a:b8:a8:
74:c2:26:ba:a2:27:1c:90:c9:5f:2a:6a:fe:db:6c:
df:f5:46:d2:ba:a2:43:e8:ef:d7:67:f9:a6:55:7b:
93:fe:74:c0:8e:0d:ec:72:94:44:56:e2:3c:8c:a9:
a0:dd:c8:a5:a8:11:a4:d3:b1:f8:38:19:00:26:6f:
8c:44:3a:66:45:a1:48:e8:0a:aa:ac:1f:8f:f5:54:
01:99:6c:ef:1e:fe:16:5d:57:17:9d:1c:eb:77:2d:
b6:68:32:09:9d:97:0f:9a:45:9b:42:2a:cf:76:d7:
d3:52:44:87:16:d9:4b:e6:87:44:08:40:a1:77:aa:
ae:3b:1f:e9:17:6c:9d:e7:81:26:a0:b6:1f:7a:8c:
f9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AB:8F:DC:1E:0A:A1:FA:09:48:23:EF:D7:9C:9E:2B:39:C6:8F:FE
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/jquP3B4KofoJSCPv15yeKznGj_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4100::/32
2a10:4102::/32
2a12:a345::/32
Signature Algorithm: sha256WithRSAEncryption
03:27:70:6a:02:1d:c2:e1:af:f4:b4:38:ce:a1:e7:ed:dc:06:
fb:22:24:5e:26:00:ac:54:03:fd:20:c6:8c:35:00:8a:85:73:
0a:11:8d:83:26:36:70:9f:4a:76:33:a4:ee:75:94:f6:dd:4a:
1c:5d:2e:54:97:52:41:88:0d:ff:05:d1:03:8e:5b:3a:2e:26:
d4:21:33:1d:6b:8d:48:96:f0:1d:c8:3f:86:07:51:80:ce:71:
e8:09:7a:5a:29:5a:0c:86:ce:de:64:99:ba:25:57:75:d0:38:
53:b6:bc:b4:c9:e5:94:3b:b1:52:df:e8:14:fa:6b:f9:fd:df:
c9:de:4b:09:de:7e:62:7c:d4:a5:56:c3:74:29:a4:ff:23:a2:
b1:b0:28:d3:56:10:c7:16:bd:eb:58:fb:14:9c:d1:5c:53:c6:
c4:08:c1:20:12:66:68:07:0a:e3:82:e9:fc:e4:d2:da:47:3e:
9d:76:c8:83:6f:ae:85:1d:fc:42:2b:4f:fb:a1:c3:6e:8c:23:
c8:3b:a6:62:43:62:59:b5:33:77:2a:41:83:0b:0b:3f:5d:0b:
4a:ae:2e:99:73:50:bd:83:aa:71:cc:bd:6a:31:3a:1f:cc:1a:
dd:87:bf:cd:8a:cb:d6:67:4f:14:a5:21:8a:a1:2e:ca:2d:5d:
a5:cb:b1:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/JjmFWMHO89ki6Di5gKEPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNTMwMTI1MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWFiOGZkYzFlMGFhMWZhMDk0ODIzZWZkNzljOWUyYjM5YzY4ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3/OEvvLmVdrA7vVZmlWSedzWmhd
WdoOMQmI3qK3ntc+B9rT0uJuvyhkvOcOo8KdqxX9PFhg6u6BQm2l94ByOflxBPJN
O9ZpoEff7wrV8vu6J/SoEVuFO/6atGjp5Mq4bcNO0C8JbDIit9HEQxKl9NSw2ChK
uKh0wia6oicckMlfKmr+22zf9UbSuqJD6O/XZ/mmVXuT/nTAjg3scpREVuI8jKmg
3cilqBGk07H4OBkAJm+MRDpmRaFI6AqqrB+P9VQBmWzvHv4WXVcXnRzrdy22aDIJ
nZcPmkWbQirPdtfTUkSHFtlL5odECEChd6quOx/pF2yd54EmoLYfeoz5AwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI6rj9weCqH6CUgj79ecnis5xo/+MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvanF1UDNCNEtvZm9KU0NQdjE1eWVLem5Hal80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhBBAAMF
ACoQQQIDBQAqEqNFMA0GCSqGSIb3DQEBCwUAA4IBAQADJ3BqAh3C4a/0tDjOoeft
3Ab7IiReJgCsVAP9IMaMNQCKhXMKEY2DJjZwn0p2M6TudZT23UocXS5Ul1JBiA3/
BdEDjls6LibUITMda41IlvAdyD+GB1GAznHoCXpaKVoMhs7eZJm6JVd10DhTtry0
yeWUO7FS3+gU+mv5/d/J3ksJ3n5ifNSlVsN0KaT/I6KxsCjTVhDHFr3rWPsUnNFc
U8bECMEgEmZoBwrjgun85NLaRz6ddsiDb66FHfxCK0/7ocNujCPIO6ZiQ2JZtTN3
KkGDCws/XQtKri6Zc1C9g6pxzL1qMTofzBrdh7/NisvWZ08UpSGKoS7KLV2ly7GH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:32 2025 by rpki-client