Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/QNOJhtfSYNa_XnTyvbi_bovGV18.roa
File: QNOJhtfSYNa_XnTyvbi_bovGV18.roa (raw, json)
Hash identifier: UjkTptf2gv8G0avPCR4T4A7zbNIR2KMzs+vNtHBpVU4=
Subject key identifier: 40:D3:89:86:D7:D2:60:D6:BF:5E:74:F2:BD:B8:BF:6E:8B:C6:57:5F
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018D42AE3D386994AACD2DE27DE352A4DDC1
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/QNOJhtfSYNa_XnTyvbi_bovGV18.roa
Signing time: Thu 25 Jan 2024 22:12:11 +0000
ROA not before: Thu 25 Jan 2024 22:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.34.208.0/21 maxlen: 24
103.25.86.0/23 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 08:22:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:42:ae:3d:38:69:94:aa:cd:2d:e2:7d:e3:52:a4:dd:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 25 22:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40d38986d7d260d6bf5e74f2bdb8bf6e8bc6575f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a5:8a:72:b9:e5:24:0d:b7:27:b3:b5:4e:bb:
fe:34:b1:26:79:83:bd:5f:02:2d:67:a1:53:a1:18:
9f:ac:58:52:59:90:5f:d6:02:4e:23:0d:d9:a7:74:
c8:cd:45:a2:b2:8f:cd:7e:99:ab:ea:eb:ba:6f:5e:
50:6a:a0:73:05:e9:54:a3:d3:40:d0:fb:4e:28:b2:
77:49:83:42:23:68:5b:52:fc:4c:08:e2:61:ea:0f:
86:39:5e:ec:c2:e2:2f:f4:3d:5f:2d:a4:2b:2f:ff:
98:48:05:da:14:cd:5f:3b:19:c5:5d:11:5c:3e:14:
df:0f:23:37:70:8e:6d:67:56:49:62:cd:25:45:ac:
a2:1e:ae:68:c0:f1:f5:ae:26:8b:2a:3d:9f:02:ab:
0a:05:24:a2:fb:2f:73:db:50:1f:c2:b5:a0:ed:19:
a9:3e:2b:cb:99:a4:e6:3c:b2:83:24:62:d0:97:84:
67:3a:29:61:a7:8f:c3:74:f6:75:8c:f3:de:3f:86:
28:9e:fd:c5:db:ad:83:d2:d8:fe:84:5d:24:e0:bb:
9f:2b:c4:0f:f5:39:3b:4b:79:5e:63:86:2a:79:01:
ce:fd:42:d1:39:3c:c3:5e:d4:ab:3d:88:9b:a5:55:
19:26:b5:29:cf:d9:96:f2:71:6f:c3:7f:34:5e:88:
e8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D3:89:86:D7:D2:60:D6:BF:5E:74:F2:BD:B8:BF:6E:8B:C6:57:5F
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/QNOJhtfSYNa_XnTyvbi_bovGV18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
103.25.86.0/23
202.133.90.0/23
213.173.35.0/24
Signature Algorithm: sha256WithRSAEncryption
23:9c:a3:a8:a5:ec:18:05:ee:52:78:82:c4:91:a9:9d:e1:66:
25:f1:41:82:bc:20:75:fd:c8:eb:20:86:2d:8d:3e:0f:64:ca:
a8:36:8b:91:56:cd:77:01:57:17:9a:25:62:5c:8c:48:67:05:
87:cc:cd:99:0f:e2:6d:40:c2:72:0a:fe:88:b9:b1:ba:f9:ab:
08:0a:8a:2f:89:f2:c2:f4:43:b7:a1:56:ab:04:8c:95:a0:7a:
01:01:0d:ab:f2:0b:55:55:da:4d:88:c2:9b:b1:db:15:37:0d:
51:3b:92:66:69:05:cc:a8:24:3f:89:fe:92:ac:75:7f:5c:11:
66:2b:63:f1:7f:01:b9:e7:a0:0b:61:56:75:3a:ae:23:bb:b8:
7f:0f:eb:20:a9:0c:58:06:aa:bb:a8:ff:75:9f:91:d8:17:4c:
39:51:59:60:e3:bb:57:39:94:ea:5d:72:f3:d4:bf:7d:99:b5:
05:81:51:94:2f:6c:c9:ad:94:6b:de:a8:db:af:6a:89:d0:ed:
9f:0e:74:53:ef:b6:c4:d4:37:73:c7:18:ff:53:c1:fe:fb:ef:
e1:d1:84:c7:00:6a:0d:23:c2:c1:00:cc:30:d8:01:83:74:ef:
e3:5b:6e:58:fe:6f:0d:6b:d5:12:35:d6:af:d3:aa:16:89:be:
0d:e9:c8:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1Crj04aZSqzS3ifeNSpN3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTI1MjIxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQzODk4NmQ3ZDI2MGQ2YmY1ZTc0ZjJiZGI4YmY2ZThiYzY1NzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKWKcrnlJA23J7O1Trv+NLEmeYO9
XwItZ6FToRifrFhSWZBf1gJOIw3Zp3TIzUWiso/Nfpmr6uu6b15QaqBzBelUo9NA
0PtOKLJ3SYNCI2hbUvxMCOJh6g+GOV7swuIv9D1fLaQrL/+YSAXaFM1fOxnFXRFc
PhTfDyM3cI5tZ1ZJYs0lRayiHq5owPH1riaLKj2fAqsKBSSi+y9z21AfwrWg7Rmp
PivLmaTmPLKDJGLQl4RnOilhp4/DdPZ1jPPeP4Yonv3F262D0tj+hF0k4LufK8QP
9Tk7S3leY4YqeQHO/ULROTzDXtSrPYibpVUZJrUpz9mW8nFvw380XojoRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEDTiYbX0mDWv1508r24v26LxldfMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvUU5PSmh0ZlNZTmFfWG5UeXZiaV9ib3ZHVjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSLQAwQB
ZxlWAwQByoVaAwQA1a0jMA0GCSqGSIb3DQEBCwUAA4IBAQAjnKOopewYBe5SeILE
kamd4WYl8UGCvCB1/cjrIIYtjT4PZMqoNouRVs13AVcXmiViXIxIZwWHzM2ZD+Jt
QMJyCv6IubG6+asICoovifLC9EO3oVarBIyVoHoBAQ2r8gtVVdpNiMKbsdsVNw1R
O5JmaQXMqCQ/if6SrHV/XBFmK2PxfwG556ALYVZ1Oq4ju7h/D+sgqQxYBqq7qP91
n5HYF0w5UVlg47tXOZTqXXLz1L99mbUFgVGUL2zJrZRr3qjbr2qJ0O2fDnRT77bE
1Ddzxxj/U8H+++/h0YTHAGoNI8LBAMww2AGDdO/jW25Y/m8Na9USNdav06oWib4N
6ch4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org