Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/48d092-a76c-4c28-b84b-39ad80f542a0/1/QexKMLlTx89o2sG7TS4GSpr4A8o.roa
File: QexKMLlTx89o2sG7TS4GSpr4A8o.roa (raw, json)
Hash identifier: hdTMHQsH9VitCeo5NXd07E/3pIm1ryf/P/08lgCJu14=
Subject key identifier: 41:EC:4A:30:B9:53:C7:CF:68:DA:C1:BB:4D:2E:06:4A:9A:F8:03:CA
Certificate issuer: /CN=855be74d09d9b05251dad2c9696793c04b40f241
Certificate serial: 018D835D7102E882B055C86187E2A175CF64
Authority key identifier: 85:5B:E7:4D:09:D9:B0:52:51:DA:D2:C9:69:67:93:C0:4B:40:F2:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hVvnTQnZsFJR2tLJaWeTwEtA8kE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/48d092-a76c-4c28-b84b-39ad80f542a0/1/QexKMLlTx89o2sG7TS4GSpr4A8o.roa
Signing time: Wed 07 Feb 2024 11:39:15 +0000
ROA not before: Wed 07 Feb 2024 11:39:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210570
IP address blocks: 176.126.127.0/24 maxlen: 24
2a12:7c6:affe::/48 maxlen: 48
2a12:7c6:c001::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 10 Feb 2024 20:11:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:5d:71:02:e8:82:b0:55:c8:61:87:e2:a1:75:cf:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=855be74d09d9b05251dad2c9696793c04b40f241
Validity
Not Before: Feb 7 11:39:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41ec4a30b953c7cf68dac1bb4d2e064a9af803ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:04:08:c6:cc:23:c0:70:01:35:5a:cd:fd:5b:
04:83:64:71:8e:67:99:69:2b:4a:01:7f:f5:22:19:
36:17:80:16:75:bd:05:bc:0e:9f:95:e9:13:f5:a8:
ff:31:cf:83:0e:fb:ef:20:fe:33:ae:f2:18:5e:59:
fa:07:f3:a1:bc:5c:6f:9e:fa:b2:9c:e1:35:a3:eb:
c2:94:bc:8b:78:93:25:06:ac:a0:45:92:a9:e1:f7:
ee:36:63:d9:17:b5:7f:e7:93:05:8e:e0:64:4a:f6:
78:64:80:be:ea:fa:06:2b:ae:50:b8:77:7e:82:c6:
de:6e:f9:0c:b7:9e:79:7b:f6:f4:73:92:99:13:5e:
c2:fb:41:c3:27:4c:cf:89:6b:b1:ff:08:69:23:36:
a3:78:62:e3:9a:db:5f:d5:46:00:53:9c:dc:ae:e1:
fd:6a:11:5c:32:8d:ad:13:8f:3e:1a:69:cd:6b:93:
3b:23:85:37:b4:50:2c:26:4c:cd:c1:fd:22:51:8c:
49:d2:08:67:f4:c3:b5:0d:dc:fb:b4:18:7a:68:6b:
22:72:bc:30:98:a5:83:d7:57:f8:53:3f:d9:38:c0:
8f:82:84:c0:e4:b2:4d:73:90:fd:17:cb:bf:41:71:
e2:e1:01:5f:b0:70:95:a2:4c:6a:06:83:73:bd:de:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:EC:4A:30:B9:53:C7:CF:68:DA:C1:BB:4D:2E:06:4A:9A:F8:03:CA
X509v3 Authority Key Identifier:
keyid:85:5B:E7:4D:09:D9:B0:52:51:DA:D2:C9:69:67:93:C0:4B:40:F2:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVvnTQnZsFJR2tLJaWeTwEtA8kE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/48d092-a76c-4c28-b84b-39ad80f542a0/1/QexKMLlTx89o2sG7TS4GSpr4A8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/48d092-a76c-4c28-b84b-39ad80f542a0/1/hVvnTQnZsFJR2tLJaWeTwEtA8kE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.127.0/24
IPv6:
2a12:7c6:affe::/48
2a12:7c6:c001::/48
Signature Algorithm: sha256WithRSAEncryption
4c:88:f3:80:23:d9:47:10:bd:64:0f:6f:61:28:16:42:f6:9c:
cf:ab:32:09:d8:41:04:f5:f6:c9:97:bd:8c:9b:fe:a3:19:7b:
da:a5:0b:51:70:50:91:4e:07:47:36:cf:4d:b8:7e:5e:cc:c8:
0b:66:19:8f:5a:a2:24:76:50:d1:f8:fb:00:5d:13:80:dd:f4:
3e:1b:71:b1:d9:9a:03:56:37:70:96:49:f6:57:6b:15:70:61:
bb:96:97:56:82:85:a3:24:d1:81:00:05:1e:4d:8e:d9:17:37:
95:7d:07:cc:a5:0d:64:48:1e:0d:70:b1:3d:5e:76:e4:38:89:
29:1a:bb:fa:24:77:c1:a7:0d:1a:ef:79:1e:d9:f1:f2:b8:01:
6f:bc:49:69:ad:bf:98:f5:7a:6e:46:06:79:60:3e:36:2b:c8:
c3:0d:d2:c5:12:76:63:90:42:85:29:91:09:59:cc:5b:a2:5d:
9b:27:39:0d:e9:bb:8f:8d:ab:e1:db:9c:af:e6:14:43:f1:59:
9c:4b:2e:ea:75:8f:af:03:5a:df:59:32:a8:17:0c:b6:8a:ce:
a3:8c:4d:d1:b1:b1:52:9a:c0:b0:17:6b:f0:2b:70:7f:1d:1d:
85:58:07:ae:49:7c:71:41:c8:2f:36:f8:4f:a2:2b:64:e8:d0:
a3:f8:ab:d8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY2DXXEC6IKwVchhh+Khdc9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NWJlNzRkMDlkOWIwNTI1MWRhZDJjOTY5Njc5M2MwNGI0
MGYyNDEwHhcNMjQwMjA3MTEzOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWVjNGEzMGI5NTNjN2NmNjhkYWMxYmI0ZDJlMDY0YTlhZjgwM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAQIxswjwHABNVrN/VsEg2RxjmeZ
aStKAX/1Ihk2F4AWdb0FvA6flekT9aj/Mc+DDvvvIP4zrvIYXln6B/OhvFxvnvqy
nOE1o+vClLyLeJMlBqygRZKp4ffuNmPZF7V/55MFjuBkSvZ4ZIC+6voGK65QuHd+
gsbebvkMt555e/b0c5KZE17C+0HDJ0zPiWux/whpIzajeGLjmttf1UYAU5zcruH9
ahFcMo2tE48+GmnNa5M7I4U3tFAsJkzNwf0iUYxJ0ghn9MO1Ddz7tBh6aGsicrww
mKWD11f4Uz/ZOMCPgoTA5LJNc5D9F8u/QXHi4QFfsHCVokxqBoNzvd4fLwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEHsSjC5U8fPaNrBu00uBkqa+APKMB8GA1UdIwQY
MBaAFIVb500J2bBSUdrSyWlnk8BLQPJBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZ2blRRblpzRkpSMnRMSmFXZVR3RXRBOGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC80OGQwOTItYTc2Yy00YzI4LWI4NGIt
MzlhZDgwZjU0MmEwLzEvUWV4S01MbFR4ODlvMnNHN1RTNEdTcHI0QThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC80OGQwOTItYTc2Yy00YzI4LWI4NGItMzlhZDgwZjU0MmEw
LzEvaFZ2blRRblpzRkpSMnRMSmFXZVR3RXRBOGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAsH5/MBgE
AgACMBIDBwAqEgfGr/4DBwAqEgfGwAEwDQYJKoZIhvcNAQELBQADggEBAEyI84Aj
2UcQvWQPb2EoFkL2nM+rMgnYQQT19smXvYyb/qMZe9qlC1FwUJFOB0c2z024fl7M
yAtmGY9aoiR2UNH4+wBdE4Dd9D4bcbHZmgNWN3CWSfZXaxVwYbuWl1aChaMk0YEA
BR5NjtkXN5V9B8ylDWRIHg1wsT1eduQ4iSkau/okd8GnDRrveR7Z8fK4AW+8SWmt
v5j1em5GBnlgPjYryMMN0sUSdmOQQoUpkQlZzFuiXZsnOQ3pu4+Nq+HbnK/mFEPx
WZxLLup1j68DWt9ZMqgXDLaKzqOMTdGxsVKawLAXa/ArcH8dHYVYB65JfHFByC82
+E+iK2To0KP4q9g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:39 2024 by rpki-client on console-ams.rpki-client.org