Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_QGjHIalhLRchOKjEA4ne79kiWc.roa
File: _QGjHIalhLRchOKjEA4ne79kiWc.roa (raw, json)
Hash identifier: 2EjOjbnQbaQLTnw8fxPqtm06Tz3yhW1giT5gA7Nnlu0=
Subject key identifier: FD:01:A3:1C:86:A5:84:B4:5C:84:E2:A3:10:0E:27:7B:BF:64:89:67
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01856F42ACE3E3B9DC74A7160DA70E06DFF4
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_QGjHIalhLRchOKjEA4ne79kiWc.roa
Signing time: Sun 01 Jan 2023 21:35:18 +0000
ROA not before: Sun 01 Jan 2023 21:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197726
IP address blocks: 212.86.111.0/24 maxlen: 24
212.86.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ac:e3:e3:b9:dc:74:a7:16:0d:a7:0e:06:df:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 21:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd01a31c86a584b45c84e2a3100e277bbf648967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c7:6e:54:3a:45:8b:34:56:f9:6d:e7:bc:41:
e7:9d:7b:22:f2:4c:4b:ea:8c:4e:cc:0d:33:c4:4b:
db:d9:e3:b6:c7:c8:2c:d9:e8:f5:33:75:9e:81:c0:
ad:9a:70:f9:86:69:c6:43:6b:47:7a:20:ff:51:1a:
77:bb:58:9a:5c:69:60:71:d6:32:85:56:26:f5:52:
dc:73:7c:1c:32:cc:ba:75:70:3a:ac:0c:e6:02:5e:
ce:1f:e5:0f:66:a9:e3:11:2c:f4:aa:a4:1d:84:e6:
77:df:c7:db:e3:ca:00:8e:a4:6a:8a:15:b1:f0:c6:
b0:e7:1d:f2:b6:7f:8f:b4:2b:19:7d:87:3a:58:9b:
51:8b:36:a0:3a:cd:4c:fa:40:27:03:a5:2a:4d:7a:
21:8b:60:29:1c:ed:b2:92:38:14:d9:08:5d:26:2d:
dc:34:c4:ad:ac:1b:f4:e0:d1:94:0b:11:62:c5:ad:
fa:09:bf:52:94:f9:cc:d2:e0:7f:30:c4:39:f5:39:
53:ad:e8:74:6a:95:31:1e:c4:90:39:84:1c:30:d8:
24:54:17:c9:bb:f0:e6:df:8e:13:d7:ca:1e:85:ae:
87:d0:2c:95:c4:bb:ad:65:7a:1e:a2:4b:43:dd:ed:
83:3d:b8:a8:c3:03:b3:33:41:83:c6:58:aa:46:dd:
65:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:01:A3:1C:86:A5:84:B4:5C:84:E2:A3:10:0E:27:7B:BF:64:89:67
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_QGjHIalhLRchOKjEA4ne79kiWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.86.110.0/23
Signature Algorithm: sha256WithRSAEncryption
04:d0:95:44:52:57:8f:60:29:e8:ef:af:6c:44:c0:79:50:17:
ae:0d:b8:1e:ad:a8:06:b4:60:3f:ec:63:36:56:b6:d6:c9:ae:
73:ff:ff:48:43:03:4a:85:0f:88:93:ec:2d:94:be:b4:b4:85:
8c:d8:ca:e3:fc:02:a2:ca:e7:9a:7d:de:67:45:37:fb:7e:ff:
4a:53:f4:fd:29:96:d2:79:12:c3:91:5e:97:6c:2a:7f:33:ea:
a2:6e:98:1e:1c:44:3e:c5:93:79:c5:44:22:d9:99:e4:1b:f7:
83:52:b9:ba:ed:a0:9e:c9:23:35:e6:fa:e4:c5:84:ee:25:ac:
28:b8:96:f1:46:42:42:85:f9:86:cd:6b:29:0f:a9:0c:0f:6c:
98:9f:f7:7c:f5:cc:51:be:4a:30:07:fa:c9:20:d7:63:61:85:
92:52:a5:52:df:9e:26:17:4f:31:66:eb:ed:d0:51:75:ce:c5:
d8:c9:30:ce:dd:b9:85:28:aa:4d:19:e3:5b:46:04:bb:63:9c:
3f:41:f6:7e:70:7e:45:4c:42:b6:32:db:9f:19:6e:ee:4b:77:
69:df:28:a6:d4:ee:3b:99:84:23:3c:54:2f:9e:bf:a1:2b:2b:
34:05:3c:bc:3c:6e:32:5b:58:0a:61:c7:df:2c:1e:22:cc:20:
26:7c:af:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqzj47ncdKcWDacOBt/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAxYTMxYzg2YTU4NGI0NWM4NGUyYTMxMDBlMjc3YmJmNjQ4OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsduVDpFizRW+W3nvEHnnXsi8kxL
6oxOzA0zxEvb2eO2x8gs2ej1M3WegcCtmnD5hmnGQ2tHeiD/URp3u1iaXGlgcdYy
hVYm9VLcc3wcMsy6dXA6rAzmAl7OH+UPZqnjESz0qqQdhOZ338fb48oAjqRqihWx
8Maw5x3ytn+PtCsZfYc6WJtRizagOs1M+kAnA6UqTXohi2ApHO2ykjgU2QhdJi3c
NMStrBv04NGUCxFixa36Cb9SlPnM0uB/MMQ59TlTreh0apUxHsSQOYQcMNgkVBfJ
u/Dm344T18oeha6H0CyVxLutZXoeoktD3e2DPbiowwOzM0GDxliqRt1lLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0BoxyGpYS0XITioxAOJ3u/ZIlnMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvX1FHakhJYWxoTFJjaE9LakVBNG5lNzlraVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FZuMA0G
CSqGSIb3DQEBCwUAA4IBAQAE0JVEUlePYCno769sRMB5UBeuDbgeragGtGA/7GM2
VrbWya5z//9IQwNKhQ+Ik+wtlL60tIWM2Mrj/AKiyueafd5nRTf7fv9KU/T9KZbS
eRLDkV6XbCp/M+qibpgeHEQ+xZN5xUQi2ZnkG/eDUrm67aCeySM15vrkxYTuJawo
uJbxRkJChfmGzWspD6kMD2yYn/d89cxRvkowB/rJINdjYYWSUqVS354mF08xZuvt
0FF1zsXYyTDO3bmFKKpNGeNbRgS7Y5w/QfZ+cH5FTEK2MtufGW7uS3dp3yim1O47
mYQjPFQvnr+hKys0BTy8PG4yW1gKYcffLB4izCAmfK8t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org