Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NQGnCNdFSqcF3M6NLTE1thB_UEc.roa
File: NQGnCNdFSqcF3M6NLTE1thB_UEc.roa (raw, json)
Hash identifier: Ko95iQbHh4V/ElipxLfCSAqN98ZENJ7dxkICPTWA7xY=
Subject key identifier: 35:01:A7:08:D7:45:4A:A7:05:DC:CE:8D:2D:31:35:B6:10:7F:50:47
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018F616E1AE335EEC2AE5822CF2B2615532A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NQGnCNdFSqcF3M6NLTE1thB_UEc.roa
Signing time: Fri 10 May 2024 07:35:56 +0000
ROA not before: Fri 10 May 2024 07:35:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40940
IP address blocks: 43.225.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 11:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:6e:1a:e3:35:ee:c2:ae:58:22:cf:2b:26:15:53:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 10 07:35:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3501a708d7454aa705dcce8d2d3135b6107f5047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b2:99:b7:54:4b:12:fc:59:1e:b2:34:69:83:
42:90:95:46:5b:4a:3a:ba:7a:34:4d:69:f0:23:e0:
c7:b8:b6:b7:50:9a:37:7d:9a:db:e2:31:66:e3:bb:
c1:9c:3b:1f:57:a4:4d:09:09:b7:35:8d:d2:f4:bc:
0b:3d:03:8e:85:ee:52:e8:a1:03:9d:b6:72:b1:50:
f1:17:b0:4f:e6:e9:06:b7:f4:b5:69:3b:94:bc:fc:
d8:84:cb:17:3a:03:5d:e3:f7:fe:48:c7:3c:11:82:
e4:a1:5c:3d:1e:03:32:28:b8:5a:42:e8:3c:ff:8e:
b3:9d:c8:70:9f:8c:b8:60:ed:ee:57:be:c0:a2:f4:
d1:24:0a:29:eb:0b:7b:0f:a7:95:02:37:e8:4c:d0:
be:8f:32:29:45:63:8e:7e:d6:df:95:c4:9a:28:7b:
1c:3b:5a:d3:52:3e:d6:6d:16:3c:bc:70:1f:cc:53:
17:0d:16:3e:ae:59:36:33:e3:4c:44:5e:77:77:50:
03:f2:94:bb:fd:f4:2f:92:31:1f:d9:d5:97:6e:76:
a0:1e:dc:7d:9d:9b:e1:b2:6d:00:f3:f6:2e:8b:17:
6c:4c:61:3b:65:7f:fe:3d:46:6e:09:ef:21:2f:b6:
4f:96:80:69:c3:1e:9f:85:1c:32:8d:3b:f3:22:34:
5f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:01:A7:08:D7:45:4A:A7:05:DC:CE:8D:2D:31:35:B6:10:7F:50:47
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NQGnCNdFSqcF3M6NLTE1thB_UEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.225.88.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:69:be:4e:dd:a4:b7:f1:31:3c:3e:02:eb:c4:b9:45:13:59:
a9:cc:f8:83:6b:3f:dd:9a:c9:c0:d5:60:53:96:2c:8e:87:76:
2d:3d:f3:b6:02:86:78:52:bf:8d:fd:28:39:00:e5:d0:ac:b0:
24:77:5b:7c:d8:25:b8:51:48:91:77:bb:a9:65:d5:38:ae:11:
19:5e:7e:8e:03:4f:9f:81:21:b1:6e:70:64:17:8b:c1:e2:d4:
ab:51:fd:e0:fa:eb:ff:c0:62:3b:d3:3c:4f:8b:41:07:70:4c:
41:d2:4b:f9:d0:22:a6:d6:69:4a:41:bf:f0:a0:ae:0a:76:d0:
f1:e2:36:a7:76:e4:ef:e0:99:cc:57:d9:64:90:0d:a3:fd:b5:
6f:24:ba:f4:3f:13:27:1c:3b:d9:36:7c:fe:10:49:90:33:2e:
5a:6a:4c:bc:46:26:d9:05:ef:16:a4:17:d1:93:0d:58:21:f2:
97:f0:72:a0:98:67:c0:d5:ad:8a:d4:26:ea:d6:e5:36:29:d6:
18:c2:7c:48:83:5e:cb:00:54:29:43:e4:2c:7d:08:0d:d6:90:
1c:f5:81:cd:13:96:2a:8c:8d:b0:cc:fa:cf:bb:48:d3:98:9c:
36:73:4c:80:44:c8:47:74:90:c3:f3:0d:ac:07:12:00:f6:a6:
6d:d6:88:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9hbhrjNe7CrlgizysmFVMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNTEwMDczNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTAxYTcwOGQ3NDU0YWE3MDVkY2NlOGQyZDMxMzViNjEwN2Y1MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7KZt1RLEvxZHrI0aYNCkJVGW0o6
uno0TWnwI+DHuLa3UJo3fZrb4jFm47vBnDsfV6RNCQm3NY3S9LwLPQOOhe5S6KED
nbZysVDxF7BP5ukGt/S1aTuUvPzYhMsXOgNd4/f+SMc8EYLkoVw9HgMyKLhaQug8
/46znchwn4y4YO3uV77AovTRJAop6wt7D6eVAjfoTNC+jzIpRWOOftbflcSaKHsc
O1rTUj7WbRY8vHAfzFMXDRY+rlk2M+NMRF53d1AD8pS7/fQvkjEf2dWXbnagHtx9
nZvhsm0A8/YuixdsTGE7ZX/+PUZuCe8hL7ZPloBpwx6fhRwyjTvzIjRfDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUBpwjXRUqnBdzOjS0xNbYQf1BHMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvTlFHbkNOZEZTcWNGM002TkxURTF0aEJfVUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBK+FYMA0G
CSqGSIb3DQEBCwUAA4IBAQCKab5O3aS38TE8PgLrxLlFE1mpzPiDaz/dmsnA1WBT
liyOh3YtPfO2AoZ4Ur+N/Sg5AOXQrLAkd1t82CW4UUiRd7upZdU4rhEZXn6OA0+f
gSGxbnBkF4vB4tSrUf3g+uv/wGI70zxPi0EHcExB0kv50CKm1mlKQb/woK4KdtDx
4janduTv4JnMV9lkkA2j/bVvJLr0PxMnHDvZNnz+EEmQMy5aaky8RibZBe8WpBfR
kw1YIfKX8HKgmGfA1a2K1Cbq1uU2KdYYwnxIg17LAFQpQ+QsfQgN1pAc9YHNE5Yq
jI2wzPrPu0jTmJw2c0yARMhHdJDD8w2sBxIA9qZt1ogM
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:45:30 2024 by rpki-client on console-fra.rpki-client.org