Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/qY6Ye8hzNtAgPMQijHejP90MhgI.roa
File: qY6Ye8hzNtAgPMQijHejP90MhgI.roa (raw, json)
Hash identifier: Uphb3LlxxxxTmU6iFgOOmL4RuOtinO9WMRm/e/r6eSs=
Subject key identifier: A9:8E:98:7B:C8:73:36:D0:20:3C:C4:22:8C:77:A3:3F:DD:0C:86:02
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01934EAEF87B03F47C72DD0DDA1630C79B97
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/qY6Ye8hzNtAgPMQijHejP90MhgI.roa
Signing time: Thu 21 Nov 2024 12:25:09 +0000
ROA not before: Thu 21 Nov 2024 12:25:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:4b41::/32 maxlen: 32
2a12:a340::/32 maxlen: 32
2a12:c304::/30 maxlen: 30
2a13:8580::/29 maxlen: 29
2a13:8580::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Dec 2024 09:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4e:ae:f8:7b:03:f4:7c:72:dd:0d:da:16:30:c7:9b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 21 12:25:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a98e987bc87336d0203cc4228c77a33fdd0c8602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:0b:32:34:25:02:92:90:3a:f1:4a:87:6b:e5:
8c:64:b8:bb:f0:fe:20:79:51:22:c2:a9:0c:a9:14:
2b:60:13:2a:2a:23:ee:20:4f:71:8e:d0:1d:eb:a3:
8c:d5:5e:6c:55:ce:d7:7d:bb:e0:86:07:94:b1:44:
8a:e0:81:74:1c:94:1a:d0:fb:f1:97:7d:c4:ac:da:
3d:7d:c2:44:4a:53:42:5e:a4:fe:3d:41:fa:5d:8d:
83:8f:d2:c1:22:04:b6:c5:c6:c7:6b:a7:2c:78:9b:
04:c1:78:9e:cb:74:8b:d2:e5:16:8d:f8:c0:c1:21:
62:84:12:f7:bb:21:87:a2:64:b6:9d:2a:64:71:43:
24:61:14:bc:7a:6e:ec:de:c3:c1:d0:6e:28:1d:87:
97:d8:1e:1d:eb:ef:73:da:ef:d8:eb:84:d6:cc:52:
eb:5f:50:fa:0e:9b:15:d5:d1:af:fd:2d:f7:c8:ce:
92:3e:e9:81:3e:54:2a:f7:16:16:e8:0a:bd:80:22:
d4:6d:38:35:c0:f2:c6:85:e0:e4:be:ab:7f:38:26:
77:a2:e5:c8:53:f0:f4:9a:8f:0c:62:e2:92:f3:1f:
c3:6e:cd:ce:d0:1a:25:da:58:08:b3:5b:97:75:00:
72:c1:a9:d5:f9:06:41:de:d6:9b:9c:30:ed:4f:08:
e4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8E:98:7B:C8:73:36:D0:20:3C:C4:22:8C:77:A3:3F:DD:0C:86:02
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/qY6Ye8hzNtAgPMQijHejP90MhgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b41::/32
2a12:a340::/32
2a12:c304::/30
2a13:8580::/29
Signature Algorithm: sha256WithRSAEncryption
55:25:a8:f1:de:d7:fb:4a:64:76:e6:6f:f2:f9:c4:aa:0c:59:
36:0c:9b:d9:5d:1d:d7:03:6c:bc:27:09:c2:c7:28:fc:cd:32:
60:cd:74:a6:a6:5b:29:51:99:5f:92:02:77:c7:6f:ab:79:42:
00:49:67:0d:64:63:b0:e5:58:aa:53:af:63:62:8d:d4:b8:9d:
34:79:81:fa:33:94:09:ae:28:cd:16:9f:28:23:2b:89:ae:28:
aa:08:f1:46:f4:17:a3:c3:41:64:92:e6:f6:41:d0:35:79:9c:
49:0e:0d:71:12:cb:11:70:88:57:cc:2c:7e:e1:b3:00:f9:19:
46:e5:e5:e9:64:ed:dc:17:ff:2d:99:ee:73:6a:70:ef:09:53:
86:d6:63:10:b3:45:8d:a1:95:51:cb:66:4d:d3:ef:3a:99:8d:
e9:e8:a2:a5:ef:c1:74:7d:7d:0b:8a:c6:fb:a8:9b:c6:90:c8:
4b:81:06:44:0a:22:e6:04:6b:a7:b6:be:47:7b:2f:c4:42:e9:
56:08:2c:06:4f:b7:1d:c9:02:c0:c8:dd:d4:0a:e7:59:7d:56:
1c:38:34:ec:1d:2c:fa:d2:83:59:c1:18:58:54:cc:a6:d7:10:
66:e9:ba:b0:00:f3:c4:b8:3d:4b:ab:3c:2a:88:ae:60:9a:b1:
17:46:47:5f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZNOrvh7A/R8ct0N2hYwx5uXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMTIxMTIyNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThlOTg3YmM4NzMzNmQwMjAzY2M0MjI4Yzc3YTMzZmRkMGM4NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/gsyNCUCkpA68UqHa+WMZLi78P4g
eVEiwqkMqRQrYBMqKiPuIE9xjtAd66OM1V5sVc7XfbvghgeUsUSK4IF0HJQa0Pvx
l33ErNo9fcJESlNCXqT+PUH6XY2Dj9LBIgS2xcbHa6cseJsEwXiey3SL0uUWjfjA
wSFihBL3uyGHomS2nSpkcUMkYRS8em7s3sPB0G4oHYeX2B4d6+9z2u/Y64TWzFLr
X1D6DpsV1dGv/S33yM6SPumBPlQq9xYW6Aq9gCLUbTg1wPLGheDkvqt/OCZ3ouXI
U/D0mo8MYuKS8x/Dbs3O0Bol2lgIs1uXdQBywanV+QZB3tabnDDtTwjkQwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKmOmHvIczbQIDzEIox3oz/dDIYCMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvcVk2WWU4aHpOdEFnUE1RaWpIZWpQOTBNaGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhFLQQMF
ACoSo0ADBQIqEsMEAwUDKhOFgDANBgkqhkiG9w0BAQsFAAOCAQEAVSWo8d7X+0pk
duZv8vnEqgxZNgyb2V0d1wNsvCcJwsco/M0yYM10pqZbKVGZX5ICd8dvq3lCAEln
DWRjsOVYqlOvY2KN1LidNHmB+jOUCa4ozRafKCMria4oqgjxRvQXo8NBZJLm9kHQ
NXmcSQ4NcRLLEXCIV8wsfuGzAPkZRuXl6WTt3Bf/LZnuc2pw7wlThtZjELNFjaGV
UctmTdPvOpmN6eiipe/BdH19C4rG+6ibxpDIS4EGRAoi5gRrp7a+R3svxELpVggs
Bk+3HckCwMjd1ArnWX1WHDg07B0s+tKDWcEYWFTMptcQZum6sADzxLg9S6s8Koiu
YJqxF0ZHXw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:40 2025 by rpki-client