Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/qSXj7UjrLW3wNKPqgyoI_poQmmU.roa
File: qSXj7UjrLW3wNKPqgyoI_poQmmU.roa (raw, json)
Hash identifier: xzfG7kkAvwLw8Zj2KQcEJdRvegfZK8rmQam61OWt+8o=
Subject key identifier: A9:25:E3:ED:48:EB:2D:6D:F0:34:A3:EA:83:2A:08:FE:9A:10:9A:65
Certificate issuer: /CN=5157c87d111c8050fd5c9ac2b06be62323675033
Certificate serial: 018609252D7272EBBCE51BB8A56113A664B1
Authority key identifier: 51:57:C8:7D:11:1C:80:50:FD:5C:9A:C2:B0:6B:E6:23:23:67:50:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UVfIfREcgFD9XJrCsGvmIyNnUDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/qSXj7UjrLW3wNKPqgyoI_poQmmU.roa
Signing time: Tue 31 Jan 2023 18:44:36 +0000
ROA not before: Tue 31 Jan 2023 18:44:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41327
IP address blocks: 109.233.128.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jul 2023 13:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:09:25:2d:72:72:eb:bc:e5:1b:b8:a5:61:13:a6:64:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5157c87d111c8050fd5c9ac2b06be62323675033
Validity
Not Before: Jan 31 18:44:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a925e3ed48eb2d6df034a3ea832a08fe9a109a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f2:d5:f8:1d:dd:47:05:fb:65:31:f7:8b:3f:
db:2d:5e:09:2c:ab:b5:c7:07:0d:ba:56:88:48:bc:
ad:34:41:6c:44:99:65:f4:2f:f8:fc:25:aa:45:6f:
74:e9:e2:3f:bd:f8:e2:f0:86:c5:ae:9d:d1:77:0f:
86:b5:b6:bf:40:22:92:70:6f:87:05:d5:00:e7:bb:
cf:bb:42:f9:80:01:32:04:99:bf:df:fd:a4:e8:77:
1f:90:8d:65:ae:85:30:5d:97:58:a7:2e:66:32:ba:
35:1b:c3:e4:3e:93:e0:66:d8:0e:79:f3:67:84:66:
54:88:12:61:48:08:09:fc:2f:54:7a:50:0f:6d:79:
2e:77:2c:43:0d:7c:00:22:13:1c:6d:28:25:f4:e4:
f0:6a:f7:a3:a2:0d:ce:eb:4f:e7:40:a0:91:90:be:
62:d2:8b:0d:81:33:39:58:34:85:61:ed:aa:3b:33:
c0:9f:ee:0a:1e:0d:02:71:d9:a2:85:80:4a:39:d5:
cd:3b:ef:38:77:f5:96:d7:c4:ad:c7:8c:ac:34:6d:
6c:d5:f3:c6:95:f4:aa:d3:b0:9b:e0:a8:d6:fc:36:
c8:2e:9c:2d:ce:2d:f1:4e:44:da:67:1d:04:99:43:
04:af:5e:61:f5:39:bb:44:cc:ea:bd:e6:23:0f:f5:
60:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:25:E3:ED:48:EB:2D:6D:F0:34:A3:EA:83:2A:08:FE:9A:10:9A:65
X509v3 Authority Key Identifier:
keyid:51:57:C8:7D:11:1C:80:50:FD:5C:9A:C2:B0:6B:E6:23:23:67:50:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UVfIfREcgFD9XJrCsGvmIyNnUDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/qSXj7UjrLW3wNKPqgyoI_poQmmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4e7b5c-2906-478a-8ef0-d29701487536/1/UVfIfREcgFD9XJrCsGvmIyNnUDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.128.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:59:31:c3:b6:51:55:e5:00:4e:f5:8a:5b:77:60:f5:2d:5f:
10:fb:c7:78:7a:09:69:4a:20:d5:8e:72:9a:c3:cd:79:5c:b9:
d5:dd:53:2c:ea:5d:9c:87:11:d8:97:f8:df:6e:c4:c1:3a:e4:
4a:25:ee:62:aa:1a:0b:8d:37:72:87:14:c1:66:65:07:eb:46:
e2:97:42:20:7b:ac:87:3c:f1:05:9c:ea:6d:73:06:13:35:86:
06:9d:aa:bc:78:01:14:05:79:90:96:ec:c0:76:e1:5c:db:75:
49:95:16:2d:3b:2d:23:3a:4b:3c:e9:8a:e1:9b:af:50:f0:0d:
f8:2f:45:73:da:5e:a9:84:c7:40:78:4d:86:97:36:bf:3f:52:
38:2b:3a:26:cc:25:4d:61:59:47:0c:16:83:8b:c2:f7:8e:48:
a8:95:a4:8c:d2:ac:14:87:ff:c4:01:fd:1a:30:0e:69:bb:e4:
77:23:c4:78:da:04:4b:63:52:4f:91:de:6f:42:00:47:91:06:
bf:b4:f9:13:cf:2c:f5:cc:7a:b4:00:a0:79:fc:4d:40:a1:d6:
70:b7:51:9a:07:39:ca:10:dd:5e:bc:ca:62:b6:d3:d5:44:8b:
45:26:0c:d3:8f:a0:18:e3:3e:91:92:f2:a9:75:d0:bc:d8:0a:
05:d9:60:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYJJS1ycuu85Ru4pWETpmSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNTdjODdkMTExYzgwNTBmZDVjOWFjMmIwNmJlNjIzMjM2
NzUwMzMwHhcNMjMwMTMxMTg0NDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTI1ZTNlZDQ4ZWIyZDZkZjAzNGEzZWE4MzJhMDhmZTlhMTA5YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPLV+B3dRwX7ZTH3iz/bLV4JLKu1
xwcNulaISLytNEFsRJll9C/4/CWqRW906eI/vfji8IbFrp3Rdw+Gtba/QCKScG+H
BdUA57vPu0L5gAEyBJm/3/2k6HcfkI1lroUwXZdYpy5mMro1G8PkPpPgZtgOefNn
hGZUiBJhSAgJ/C9UelAPbXkudyxDDXwAIhMcbSgl9OTwavejog3O60/nQKCRkL5i
0osNgTM5WDSFYe2qOzPAn+4KHg0CcdmihYBKOdXNO+84d/WW18Stx4ysNG1s1fPG
lfSq07Cb4KjW/DbILpwtzi3xTkTaZx0EmUMEr15h9Tm7RMzqveYjD/VgFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkl4+1I6y1t8DSj6oMqCP6aEJplMB8GA1UdIwQY
MBaAFFFXyH0RHIBQ/VyawrBr5iMjZ1AzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVZmSWZSRWNnRkQ5WEpyQ3NHdm1JeU5uVURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80ZTdiNWMtMjkwNi00NzhhLThlZjAt
ZDI5NzAxNDg3NTM2LzEvcVNYajdVanJMVzN3TktQcWd5b0lfcG9RbW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy80ZTdiNWMtMjkwNi00NzhhLThlZjAtZDI5NzAxNDg3NTM2
LzEvVVZmSWZSRWNnRkQ5WEpyQ3NHdm1JeU5uVURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbemAMA0G
CSqGSIb3DQEBCwUAA4IBAQCsWTHDtlFV5QBO9Ypbd2D1LV8Q+8d4eglpSiDVjnKa
w815XLnV3VMs6l2chxHYl/jfbsTBOuRKJe5iqhoLjTdyhxTBZmUH60bil0Ige6yH
PPEFnOptcwYTNYYGnaq8eAEUBXmQluzAduFc23VJlRYtOy0jOks86Yrhm69Q8A34
L0Vz2l6phMdAeE2Glza/P1I4KzomzCVNYVlHDBaDi8L3jkiolaSM0qwUh//EAf0a
MA5pu+R3I8R42gRLY1JPkd5vQgBHkQa/tPkTzyz1zHq0AKB5/E1AodZwt1GaBznK
EN1evMpittPVRItFJgzTj6AY4z6RkvKpddC82AoF2WBP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:29 2024 by rpki-client on console-ams.rpki-client.org