Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/Q3DSOSG1JcWDCiFuQqeiqu4OWdM.roa
File: Q3DSOSG1JcWDCiFuQqeiqu4OWdM.roa (raw, json)
Hash identifier: Z2BMRqq/J2FAm2T5ENPDyyhSOBksy6ep7+ElcXWhS7w=
Subject key identifier: 43:70:D2:39:21:B5:25:C5:83:0A:21:6E:42:A7:A2:AA:EE:0E:59:D3
Certificate issuer: /CN=8daf61f6608f9a9eac14b18224854807bcdc1324
Certificate serial: 019373077ADBF45DA078C581D612591A4A36
Authority key identifier: 8D:AF:61:F6:60:8F:9A:9E:AC:14:B1:82:24:85:48:07:BC:DC:13:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/Q3DSOSG1JcWDCiFuQqeiqu4OWdM.roa
Signing time: Thu 28 Nov 2024 13:48:10 +0000
ROA not before: Thu 28 Nov 2024 13:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47263
IP address blocks: 2a09:9340:1800::/48 maxlen: 48
2a09:9340:1801::/48 maxlen: 48
2a09:9340:1802::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Nov 2024 14:18:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:07:7a:db:f4:5d:a0:78:c5:81:d6:12:59:1a:4a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8daf61f6608f9a9eac14b18224854807bcdc1324
Validity
Not Before: Nov 28 13:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4370d23921b525c5830a216e42a7a2aaee0e59d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1b:83:44:63:f5:2f:86:b5:46:26:6d:13:e6:
3a:cb:80:f3:2d:ba:44:05:09:9a:ba:a3:0c:c0:6a:
98:be:4a:67:a5:38:a2:67:ca:b1:6d:e2:cd:ce:8d:
d4:49:24:e9:cd:22:35:db:b7:02:57:fc:d9:78:ad:
1d:24:1f:54:c1:4a:fd:5b:5e:ff:89:0a:97:20:42:
55:e5:91:be:ce:a9:ed:10:fb:25:73:00:f5:2c:8a:
75:94:11:04:2b:6e:38:28:63:ef:26:39:e3:aa:ed:
53:e9:e8:60:98:3c:65:1c:61:03:7d:6f:e7:eb:4a:
88:60:f7:ea:24:8d:50:84:eb:95:55:b4:0c:e3:bf:
6d:13:51:45:89:85:bc:76:e8:2a:3c:81:45:f4:5a:
a1:0b:55:21:52:1b:09:2c:35:f1:59:dd:27:be:3c:
a8:47:c4:4a:4e:0c:8f:49:fb:b5:e0:9d:42:0d:0b:
54:4f:7e:bf:f8:46:ae:51:ed:68:31:06:d6:0f:69:
34:43:ef:b6:89:94:82:ca:a0:0d:a1:2d:f6:96:cf:
45:fc:17:85:32:d1:60:2d:33:3e:15:a3:cd:10:9d:
9b:c2:09:cd:de:6e:44:4b:0c:64:6b:4c:6d:f5:ea:
32:6f:51:6f:0d:d6:71:06:be:b6:7e:c0:1f:37:d7:
50:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:70:D2:39:21:B5:25:C5:83:0A:21:6E:42:A7:A2:AA:EE:0E:59:D3
X509v3 Authority Key Identifier:
keyid:8D:AF:61:F6:60:8F:9A:9E:AC:14:B1:82:24:85:48:07:BC:DC:13:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/Q3DSOSG1JcWDCiFuQqeiqu4OWdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9340:1800::-2a09:9340:1802:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
72:13:d8:34:7b:d2:19:72:b2:f5:83:d6:51:02:ce:12:f2:aa:
ac:29:af:5d:40:e9:73:4e:06:d9:59:b7:f1:60:dc:01:86:85:
eb:71:5d:6a:a6:e6:c9:80:86:42:41:db:e5:fc:ec:07:cd:27:
45:dd:db:34:26:43:86:24:7c:a1:ee:1a:a1:46:0b:c8:cc:38:
62:f1:c2:94:cd:85:15:c7:17:ca:37:1e:27:09:3e:0d:59:99:
62:8c:46:7d:39:8a:e4:8b:3b:90:bb:b4:8e:6d:2a:a3:08:19:
2d:ef:a1:fe:cd:20:07:35:79:5e:ce:76:b2:ac:82:84:9f:a7:
ee:a1:d0:66:cf:76:c4:a0:05:cc:da:57:64:45:b6:aa:87:bc:
b3:af:c1:13:77:74:b2:72:2e:8b:99:4c:81:9c:ec:11:ba:f0:
99:c8:37:32:d4:7f:34:25:31:22:a8:b5:57:5a:a4:83:b9:98:
31:bf:0d:a6:b1:39:45:35:47:42:77:fe:4b:6c:ea:3b:de:14:
87:ef:3e:6c:f8:90:e8:31:7e:b7:88:3a:90:d5:38:9a:46:76:
e3:84:87:cd:31:ed:7d:7f:2f:04:29:bc:3e:ed:39:88:43:13:
02:06:31:81:54:dd:2e:cf:75:3e:35:ee:e8:11:1c:ed:b3:8c:
e5:bb:ce:b1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZNzB3rb9F2geMWB1hJZGko2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYWY2MWY2NjA4ZjlhOWVhYzE0YjE4MjI0ODU0ODA3YmNk
YzEzMjQwHhcNMjQxMTI4MTM0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzcwZDIzOTIxYjUyNWM1ODMwYTIxNmU0MmE3YTJhYWVlMGU1OWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRuDRGP1L4a1RiZtE+Y6y4DzLbpE
BQmauqMMwGqYvkpnpTiiZ8qxbeLNzo3USSTpzSI127cCV/zZeK0dJB9UwUr9W17/
iQqXIEJV5ZG+zqntEPslcwD1LIp1lBEEK244KGPvJjnjqu1T6ehgmDxlHGEDfW/n
60qIYPfqJI1QhOuVVbQM479tE1FFiYW8dugqPIFF9FqhC1UhUhsJLDXxWd0nvjyo
R8RKTgyPSfu14J1CDQtUT36/+EauUe1oMQbWD2k0Q++2iZSCyqANoS32ls9F/BeF
MtFgLTM+FaPNEJ2bwgnN3m5ESwxka0xt9eoyb1FvDdZxBr62fsAfN9dQwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFENw0jkhtSXFgwohbkKnoqruDlnTMB8GA1UdIwQY
MBaAFI2vYfZgj5qerBSxgiSFSAe83BMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamE5aDltQ1BtcDZzRkxHQ0pJVklCN3pjRXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81MGY5MzUtZDY3NS00MDg5LWFhZTUt
ZmIyNGJlNzVhM2Y0LzEvUTNEU09TRzFKY1dEQ2lGdVFxZWlxdTRPV2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81MGY5MzUtZDY3NS00MDg5LWFhZTUtZmIyNGJlNzVhM2Y0
LzEvamE5aDltQ1BtcDZzRkxHQ0pJVklCN3pjRXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgMqCZNA
GAMHACoJk0AYAjANBgkqhkiG9w0BAQsFAAOCAQEAchPYNHvSGXKy9YPWUQLOEvKq
rCmvXUDpc04G2Vm38WDcAYaF63FdaqbmyYCGQkHb5fzsB80nRd3bNCZDhiR8oe4a
oUYLyMw4YvHClM2FFccXyjceJwk+DVmZYoxGfTmK5Is7kLu0jm0qowgZLe+h/s0g
BzV5Xs52sqyChJ+n7qHQZs92xKAFzNpXZEW2qoe8s6/BE3d0snIui5lMgZzsEbrw
mcg3MtR/NCUxIqi1V1qkg7mYMb8NprE5RTVHQnf+S2zqO94Uh+8+bPiQ6DF+t4g6
kNU4mkZ244SHzTHtfX8vBCm8Pu05iEMTAgYxgVTdLs91PjXu6BEc7bOM5bvOsQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:27:56 2025 by rpki-client