Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/Q5ynJ4_kXIfDBXsr8OJFegGBEio.roa
File: Q5ynJ4_kXIfDBXsr8OJFegGBEio.roa (raw, json)
Hash identifier: pejrIdQXfr8RI6dZay0cy3pY04MPslvVMTCcfhOS/ks=
Subject key identifier: 43:9C:A7:27:8F:E4:5C:87:C3:05:7B:2B:F0:E2:45:7A:01:81:12:2A
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 018D6AB9787A0F89FFA6666C767FBB0F1057
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/Q5ynJ4_kXIfDBXsr8OJFegGBEio.roa
Signing time: Fri 02 Feb 2024 16:49:16 +0000
ROA not before: Fri 02 Feb 2024 16:49:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 212.30.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 14:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:b9:78:7a:0f:89:ff:a6:66:6c:76:7f:bb:0f:10:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Feb 2 16:49:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=439ca7278fe45c87c3057b2bf0e2457a0181122a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:38:58:4a:ad:e8:08:74:60:fd:69:b1:24:c1:
b2:57:fb:fa:cc:b9:95:8c:55:3b:9a:53:13:85:e1:
79:d9:f6:c1:ac:69:23:04:d8:a5:63:33:22:fe:5e:
01:08:a8:3f:af:0b:a0:4b:ff:6b:0c:1b:0f:03:0d:
a2:7f:4a:9a:05:d4:0f:11:a3:08:24:14:42:46:8c:
76:03:5e:0e:bc:6d:a8:69:bd:46:2e:bf:c1:d0:4f:
84:cd:f8:f3:7a:be:6a:08:05:1c:f3:43:38:ab:a4:
d2:69:ff:4e:f1:80:fa:39:32:a9:6d:7c:c8:cc:ca:
f3:09:9c:82:3c:41:eb:cd:53:5c:74:18:8b:1a:62:
60:0e:aa:87:30:af:20:ea:c1:90:5f:09:67:d0:3e:
38:c0:ff:36:0c:22:ea:ff:08:1e:9f:0e:a3:1e:3a:
1d:78:3e:68:9c:3e:b0:bd:92:1f:51:d0:91:14:ef:
6c:4d:25:c6:98:ed:c5:c5:36:ff:47:7f:0f:77:94:
85:59:96:43:26:63:84:bb:f6:d0:d8:fb:50:ce:a2:
78:b6:1c:64:75:11:4a:e5:de:56:4a:7b:4e:31:bb:
d9:2c:16:0a:fd:87:b9:5b:2d:82:f0:d6:15:e4:71:
42:02:34:06:4e:53:21:3d:a4:00:99:12:15:c4:77:
b4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9C:A7:27:8F:E4:5C:87:C3:05:7B:2B:F0:E2:45:7A:01:81:12:2A
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/Q5ynJ4_kXIfDBXsr8OJFegGBEio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.30.38.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d1:9b:f7:c2:46:58:12:8b:aa:5e:09:96:2c:1f:40:dd:57:
ea:c9:64:c6:c0:b7:e7:fa:32:f5:9f:14:48:d8:0a:fd:8b:db:
8c:d6:47:3d:38:98:1c:08:31:dc:fc:5f:d5:56:9c:58:c5:b9:
2d:19:e5:74:03:b8:3c:ad:2e:8c:48:82:12:13:c7:dc:9d:16:
fa:20:4d:63:a1:05:39:e8:7f:d4:58:2c:b8:af:69:55:c7:30:
c7:47:80:ca:03:5a:1a:75:b1:13:84:8c:3f:6d:97:98:e9:fe:
6e:fa:68:33:26:3e:ed:cf:b2:3d:d6:03:3b:12:ff:4a:c4:87:
f7:38:10:6a:29:7a:24:5a:c6:26:a7:bd:9f:10:34:d2:80:5f:
5d:8e:96:e9:70:66:06:2c:5c:ca:8c:ee:64:26:e9:9b:11:23:
ce:65:0a:7f:f4:be:d5:7d:08:aa:2f:4d:50:5d:ec:3e:ce:8c:
1b:99:b6:38:5d:dc:0c:58:ff:f2:17:c3:0f:24:61:f9:fa:c5:
13:1d:a4:d5:ad:c8:a0:34:ff:c4:63:2c:8a:d6:37:75:ac:3f:
45:3f:4a:eb:17:54:f2:25:cd:69:db:0a:ea:1e:48:41:00:d6:
cd:94:28:82:08:ed:47:f4:e5:f4:d6:44:e6:b0:43:cf:d6:c7:
98:cc:8d:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1quXh6D4n/pmZsdn+7DxBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMjAyMTY0OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzljYTcyNzhmZTQ1Yzg3YzMwNTdiMmJmMGUyNDU3YTAxODExMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjhYSq3oCHRg/WmxJMGyV/v6zLmV
jFU7mlMTheF52fbBrGkjBNilYzMi/l4BCKg/rwugS/9rDBsPAw2if0qaBdQPEaMI
JBRCRox2A14OvG2oab1GLr/B0E+Ezfjzer5qCAUc80M4q6TSaf9O8YD6OTKpbXzI
zMrzCZyCPEHrzVNcdBiLGmJgDqqHMK8g6sGQXwln0D44wP82DCLq/wgenw6jHjod
eD5onD6wvZIfUdCRFO9sTSXGmO3FxTb/R38Pd5SFWZZDJmOEu/bQ2PtQzqJ4thxk
dRFK5d5WSntOMbvZLBYK/Ye5Wy2C8NYV5HFCAjQGTlMhPaQAmRIVxHe0nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOcpyeP5FyHwwV7K/DiRXoBgRIqMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvUTV5bko0X2tYSWZEQlhzcjhPSkZlZ0dCRWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B4mMA0G
CSqGSIb3DQEBCwUAA4IBAQBH0Zv3wkZYEouqXgmWLB9A3VfqyWTGwLfn+jL1nxRI
2Ar9i9uM1kc9OJgcCDHc/F/VVpxYxbktGeV0A7g8rS6MSIISE8fcnRb6IE1joQU5
6H/UWCy4r2lVxzDHR4DKA1oadbEThIw/bZeY6f5u+mgzJj7tz7I91gM7Ev9KxIf3
OBBqKXokWsYmp72fEDTSgF9djpbpcGYGLFzKjO5kJumbESPOZQp/9L7VfQiqL01Q
Xew+zowbmbY4XdwMWP/yF8MPJGH5+sUTHaTVrcigNP/EYyyK1jd1rD9FP0rrF1Ty
Jc1p2wrqHkhBANbNlCiCCO1H9OX01kTmsEPP1seYzI3b
-----END CERTIFICATE-----
Generated at Wed Feb 14 18:19:19 2024 by rpki-client on console-fra.rpki-client.org