Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QjCOJZpcSx5spdwh09TYwG6KJh4.roa
File: QjCOJZpcSx5spdwh09TYwG6KJh4.roa (raw, json)
Hash identifier: cpudmSzuGHbL9yEOm3mQrujkwu3odcLWylhlR/wMPfs=
Subject key identifier: 42:30:8E:25:9A:5C:4B:1E:6C:A5:DC:21:D3:D4:D8:C0:6E:8A:26:1E
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01907F2DFD2360CD2C67DE3FD251693E3647
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QjCOJZpcSx5spdwh09TYwG6KJh4.roa
Signing time: Thu 04 Jul 2024 19:17:18 +0000
ROA not before: Thu 04 Jul 2024 19:17:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 62.171.192.0/18 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.192.0/18 maxlen: 24
217.177.0.0/18 maxlen: 24
217.177.64.0/19 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/19 maxlen: 24
217.180.0.0/21 maxlen: 24
217.180.8.0/22 maxlen: 24
217.180.24.0/21 maxlen: 24
217.180.32.0/22 maxlen: 24
217.180.48.0/22 maxlen: 24
217.181.0.0/18 maxlen: 24
217.181.64.0/19 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jul 2024 09:17:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7f:2d:fd:23:60:cd:2c:67:de:3f:d2:51:69:3e:36:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jul 4 19:17:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42308e259a5c4b1e6ca5dc21d3d4d8c06e8a261e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:de:01:56:39:f6:76:46:5d:10:e7:d4:4b:
14:05:fa:5a:6f:81:17:83:bd:ac:87:12:dd:c9:5a:
3e:dd:36:c8:f2:d3:4a:f7:6e:fa:e7:f7:c2:b6:77:
dd:97:30:12:fa:33:5b:67:5f:24:82:6b:02:4f:a6:
bb:59:3e:6d:92:7c:be:fb:f7:0c:40:aa:7d:16:c0:
41:5b:66:08:51:91:d4:2e:78:93:a2:89:19:0f:78:
1d:fb:5e:f9:e1:64:26:0f:59:b2:5f:83:69:ae:41:
22:bb:a1:1b:72:b6:5e:f4:79:a8:47:ce:7b:9c:73:
21:1c:a1:5c:bf:7d:d6:3a:d5:8f:c8:34:6b:a7:0c:
52:04:4c:96:32:f1:f6:58:58:24:eb:03:51:56:66:
2a:61:b4:93:c7:61:a3:0e:7e:43:36:56:c6:fe:ed:
cf:a0:3c:e1:dd:a8:9a:c8:33:06:c9:9a:91:40:8c:
0f:96:83:0e:d4:61:a0:78:5d:6c:eb:bc:2f:8b:90:
94:5d:30:02:dd:e3:9f:37:c9:9f:3b:bb:94:e7:52:
db:59:35:52:6b:ed:06:45:b9:53:c0:ac:ee:23:e8:
9e:8b:fa:68:70:b0:f7:42:ff:84:de:27:33:b9:94:
26:f8:73:be:b6:1a:2d:ff:eb:b7:c4:a5:50:bf:1c:
f6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:30:8E:25:9A:5C:4B:1E:6C:A5:DC:21:D3:D4:D8:C0:6E:8A:26:1E
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QjCOJZpcSx5spdwh09TYwG6KJh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0/18
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.192.0/18
217.177.0.0-217.177.95.255
217.179.0.0/17
217.179.192.0-217.180.35.255
217.180.48.0/22
217.181.0.0-217.181.95.255
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
b5:95:8e:70:d1:20:04:4d:4c:37:ee:96:00:36:7b:8f:0d:98:
ee:b6:af:ba:3c:9f:1c:c7:58:0a:b2:f5:d9:04:c1:fa:c8:57:
0a:3c:bc:cc:79:7b:d9:51:22:fa:1b:46:a9:47:b1:a5:8c:68:
a9:c3:1e:0b:fe:e9:37:52:11:50:da:d7:03:9d:77:51:17:2e:
98:eb:9f:73:dd:28:21:d0:66:07:34:97:b0:a8:4e:dd:9d:71:
a4:9e:3b:10:40:ca:d3:31:e1:cc:1e:cd:67:bd:5d:15:95:6a:
f6:26:f1:9b:c1:8c:5a:a6:69:15:57:80:01:93:e0:45:e0:74:
b8:f2:19:bd:50:20:0a:03:ec:a5:23:1d:8d:80:67:05:fb:0d:
74:d9:bc:7e:0b:8e:db:13:a1:54:09:d4:22:90:6c:8a:b2:4b:
9a:e9:94:fb:40:40:07:09:7e:76:56:10:ec:14:59:8f:02:54:
c4:42:84:62:98:8b:f5:cc:59:a0:3c:3d:70:fb:cd:85:c6:1e:
c4:ef:8d:b8:e3:16:98:fe:7e:9e:25:bc:25:94:82:8b:7a:8a:
50:f2:06:eb:05:2d:af:fc:03:0e:c1:d6:af:8e:29:41:08:3f:
f8:80:8b:c9:c2:e8:31:7e:6a:7a:b9:51:be:1b:cc:a3:07:81:
7a:58:41:90
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZB/Lf0jYM0sZ94/0lFpPjZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwNzA0MTkxNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjMwOGUyNTlhNWM0YjFlNmNhNWRjMjFkM2Q0ZDhjMDZlOGEyNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHzeAVY59nZGXRDn1EsUBfpab4EX
g72shxLdyVo+3TbI8tNK92765/fCtnfdlzAS+jNbZ18kgmsCT6a7WT5tkny++/cM
QKp9FsBBW2YIUZHULniTookZD3gd+1754WQmD1myX4NprkEiu6EbcrZe9HmoR857
nHMhHKFcv33WOtWPyDRrpwxSBEyWMvH2WFgk6wNRVmYqYbSTx2GjDn5DNlbG/u3P
oDzh3aiayDMGyZqRQIwPloMO1GGgeF1s67wvi5CUXTAC3eOfN8mfO7uU51LbWTVS
a+0GRblTwKzuI+iei/pocLD3Qv+E3iczuZQm+HO+thot/+u3xKVQvxz2swIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFEIwjiWaXEsebKXcIdPU2MBuiiYeMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvUWpDT0pacGNTeDVzcGR3aDA5VFl3RzZLSmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBj6rwAME
ArnA5AMEBcKaADAMAwQFwu4gAwQFwu5AAwQG1RLAMAsDAwDZsQMEBdmxQAMEB9mz
ADAMAwQG2bPAAwQC2bQgAwQC2bQwMAsDAwDZtQMEBdm1QDANBAIAAjAHAwUAKgIP
sDANBgkqhkiG9w0BAQsFAAOCAQEAtZWOcNEgBE1MN+6WADZ7jw2Y7ravujyfHMdY
CrL12QTB+shXCjy8zHl72VEi+htGqUexpYxoqcMeC/7pN1IRUNrXA513URcumOuf
c90oIdBmBzSXsKhO3Z1xpJ47EEDK0zHhzB7NZ71dFZVq9ibxm8GMWqZpFVeAAZPg
ReB0uPIZvVAgCgPspSMdjYBnBfsNdNm8fguO2xOhVAnUIpBsirJLmumU+0BABwl+
dlYQ7BRZjwJUxEKEYpiL9cxZoDw9cPvNhcYexO+NuOMWmP5+niW8JZSCi3qKUPIG
6wUtr/wDDsHWr44pQQg/+ICLycLoMX5qerlRvhvMoweBelhBkA==
-----END CERTIFICATE-----
Generated at Fri Jul 5 10:30:55 2024 by rpki-client on console-ams.rpki-client.org