Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QnXSufHK79IWNNZuzuJtpKyWOD0.roa
File: QnXSufHK79IWNNZuzuJtpKyWOD0.roa (raw, json)
Hash identifier: lYUxZwJzFJOz4E63WDoxn1FRjZzwL5s8saKZP975QPw=
Subject key identifier: 42:75:D2:B9:F1:CA:EF:D2:16:34:D6:6E:CE:E2:6D:A4:AC:96:38:3D
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018E9507DFDB8A5E403577ABA8E8D0B43437
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QnXSufHK79IWNNZuzuJtpKyWOD0.roa
Signing time: Sun 31 Mar 2024 15:01:44 +0000
ROA not before: Sun 31 Mar 2024 15:01:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 62.204.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 19:44:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:95:07:df:db:8a:5e:40:35:77:ab:a8:e8:d0:b4:34:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Mar 31 15:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4275d2b9f1caefd21634d66ecee26da4ac96383d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:db:a6:8f:2b:34:c7:bc:86:b2:d0:36:2f:ec:
2c:b1:15:3e:0c:4d:75:fe:cb:fe:4f:6b:31:b6:f3:
53:d8:cd:7d:0a:9c:42:49:8e:12:b5:53:96:2d:3d:
79:34:7c:ee:08:71:ff:0e:f7:83:98:1e:37:6c:99:
09:75:c0:7a:36:86:c7:0d:08:e2:7c:62:4f:9a:61:
65:8a:33:a2:1a:cd:f8:b2:0f:62:03:46:c9:c2:b4:
d2:7e:6c:65:df:a2:ce:58:f9:59:a6:64:ca:50:8b:
e6:4a:5b:de:bc:84:9e:33:29:ea:ac:1c:91:6b:9f:
16:40:67:25:96:6b:2c:da:93:15:f1:d8:e7:21:c1:
91:c3:53:54:18:82:bf:e3:3e:ec:11:4d:db:69:bf:
1c:fb:15:d0:f8:34:75:ef:ac:4c:e9:c3:f3:b4:89:
72:e6:9c:65:cd:30:20:4f:48:1a:4f:44:5c:d9:7c:
fd:f9:df:07:0c:1b:e6:a5:70:b9:7c:9b:36:b9:dc:
6c:60:bb:60:d7:7f:34:e6:27:69:f2:3e:01:4d:f2:
8b:5e:79:3f:14:e5:9c:4f:fd:38:14:6d:33:7f:f4:
4e:c3:8e:a9:3f:f0:67:79:1e:a6:3b:42:d8:5e:01:
2c:20:df:27:8d:ae:26:90:fa:52:94:f9:77:df:09:
37:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:75:D2:B9:F1:CA:EF:D2:16:34:D6:6E:CE:E2:6D:A4:AC:96:38:3D
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QnXSufHK79IWNNZuzuJtpKyWOD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.37.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:96:3d:b4:38:6b:6a:fa:72:d1:9d:b4:4f:96:80:0c:df:f6:
78:71:d0:a4:98:38:1c:b7:61:7c:c7:8d:50:89:74:44:47:82:
cd:ae:62:c4:8e:b1:25:eb:b2:45:72:c5:f8:68:18:aa:49:92:
e2:e7:3f:ff:01:f3:fe:4f:d3:dd:78:1e:6f:31:b7:1f:80:58:
db:64:aa:15:73:5e:76:e9:99:f7:fc:7f:8e:01:be:e2:95:f1:
5b:21:1d:68:02:0f:e2:a3:f0:d2:16:24:c0:8c:2a:9c:bf:d4:
4f:d2:04:6e:2c:f0:cd:0d:da:7d:00:4c:fd:62:71:62:1c:25:
38:bf:ff:c3:82:d3:c1:e7:b1:6f:86:a7:3b:d8:bd:5f:e4:97:
da:29:a4:54:58:57:82:59:3e:85:6f:1b:cb:87:6c:60:bf:ba:
ea:30:6c:8e:b0:54:98:2f:dc:18:42:5d:e0:c7:41:51:ac:12:
52:8b:c6:3c:df:a0:c4:5c:19:c4:af:97:e8:c7:04:25:33:f1:
e9:07:d0:95:aa:18:a8:9c:40:e0:ef:f2:37:25:59:36:96:5b:
ff:b7:51:bd:4e:2c:80:f2:11:3b:22:12:e2:f9:9f:1b:0f:e2:
14:c2:a4:8a:70:70:d5:ac:b4:31:14:ee:d5:64:df:57:ba:9d:
a6:d8:90:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6VB9/bil5ANXerqOjQtDQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMzMxMTUwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjc1ZDJiOWYxY2FlZmQyMTYzNGQ2NmVjZWUyNmRhNGFjOTYzODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotumjys0x7yGstA2L+wssRU+DE11
/sv+T2sxtvNT2M19CpxCSY4StVOWLT15NHzuCHH/DveDmB43bJkJdcB6NobHDQji
fGJPmmFlijOiGs34sg9iA0bJwrTSfmxl36LOWPlZpmTKUIvmSlvevISeMynqrByR
a58WQGcllmss2pMV8djnIcGRw1NUGIK/4z7sEU3bab8c+xXQ+DR176xM6cPztIly
5pxlzTAgT0gaT0Rc2Xz9+d8HDBvmpXC5fJs2udxsYLtg13805idp8j4BTfKLXnk/
FOWcT/04FG0zf/ROw46pP/BneR6mO0LYXgEsIN8nja4mkPpSlPl33wk3GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJ10rnxyu/SFjTWbs7ibaSsljg9MB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvUW5YU3VmSEs3OUlXTk5adXp1SnRwS3lXT0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPswlMA0G
CSqGSIb3DQEBCwUAA4IBAQA6lj20OGtq+nLRnbRPloAM3/Z4cdCkmDgct2F8x41Q
iXRER4LNrmLEjrEl67JFcsX4aBiqSZLi5z//AfP+T9PdeB5vMbcfgFjbZKoVc152
6Zn3/H+OAb7ilfFbIR1oAg/io/DSFiTAjCqcv9RP0gRuLPDNDdp9AEz9YnFiHCU4
v//DgtPB57Fvhqc72L1f5JfaKaRUWFeCWT6FbxvLh2xgv7rqMGyOsFSYL9wYQl3g
x0FRrBJSi8Y836DEXBnEr5foxwQlM/HpB9CVqhionEDg7/I3JVk2llv/t1G9TiyA
8hE7IhLi+Z8bD+IUwqSKcHDVrLQxFO7VZN9Xup2m2JDz
-----END CERTIFICATE-----
Generated at Mon Jul 1 20:56:00 2024 by rpki-client on console-fra.rpki-client.org