Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QTyY6pjjq8sI8CiQiSljFdvUynw.roa
File: QTyY6pjjq8sI8CiQiSljFdvUynw.roa (raw, json)
Hash identifier: ujZOGrlHydhh+8qFlitbt7B8Ix3/hUEutZCl2U7rh10=
Subject key identifier: 41:3C:98:EA:98:E3:AB:CB:08:F0:28:90:89:29:63:15:DB:D4:CA:7C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018A22155ED2F198E9D6CADBBCBCE39BF992
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QTyY6pjjq8sI8CiQiSljFdvUynw.roa
Signing time: Wed 23 Aug 2023 11:09:00 +0000
ROA not before: Wed 23 Aug 2023 11:09:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 213.209.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 10:29:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:15:5e:d2:f1:98:e9:d6:ca:db:bc:bc:e3:9b:f9:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 23 11:09:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=413c98ea98e3abcb08f0289089296315dbd4ca7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a5:38:15:e2:c8:bc:77:fa:b1:29:e8:b4:49:
a8:47:e0:84:76:e2:fb:4c:7e:91:2a:9c:ba:b5:eb:
7d:e5:24:0f:e0:7b:7e:47:14:b3:1f:e7:39:0b:93:
35:a7:2a:f9:9c:0d:99:87:e3:a9:c7:5f:a3:99:bf:
05:40:04:88:d1:d4:8e:4a:e4:57:e4:91:c4:dc:b8:
dd:50:3e:78:14:2a:55:94:51:b3:98:d0:f0:88:e6:
71:e9:68:92:17:e5:ae:ae:ee:67:9f:40:0f:5a:8f:
1e:13:cb:d5:fb:8a:cf:8b:8b:42:ce:88:bc:db:9f:
b9:79:80:1f:db:c2:41:56:b5:0a:cc:eb:6c:cc:3d:
46:b0:b2:50:de:ab:b0:24:4e:c5:40:50:d2:99:1e:
80:b9:af:2c:2b:de:3a:3e:6b:34:74:d5:76:0d:60:
1a:b3:af:16:76:7d:2f:24:a3:a5:2e:a4:9f:41:49:
da:5e:15:18:3a:d5:9a:01:49:8e:b4:a5:8c:f2:e3:
09:79:17:79:76:aa:61:eb:c8:24:c2:63:7c:02:8f:
ba:47:80:15:12:db:64:cc:0d:ab:df:b6:1b:20:fe:
b4:19:be:49:f2:b6:92:c8:ea:36:5c:d4:46:df:cc:
f7:a8:3a:c6:2c:e0:34:16:47:82:2b:36:57:43:8b:
bb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3C:98:EA:98:E3:AB:CB:08:F0:28:90:89:29:63:15:DB:D4:CA:7C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QTyY6pjjq8sI8CiQiSljFdvUynw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.129.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:8d:2d:61:68:37:cc:64:18:8f:50:1f:84:07:52:9b:14:3e:
88:9d:08:8b:2b:08:00:5c:0a:3b:22:5c:6d:11:c9:6c:91:71:
28:84:6d:dd:93:67:5b:26:67:0d:bb:c1:fb:37:c7:62:78:9d:
d9:93:8e:3d:62:4d:3c:30:54:de:21:87:4d:0b:d8:8d:48:ed:
17:0f:f9:8f:a4:75:24:a4:f7:82:dd:59:f3:2c:2b:31:82:e7:
95:c3:cb:d5:40:89:7a:20:1a:6b:d0:1e:71:d0:33:c4:51:4a:
9f:e0:0a:60:62:72:dc:f6:58:c3:96:98:73:f9:1f:45:10:de:
11:d6:a4:57:21:61:03:d6:de:b8:7a:0a:23:d7:53:5a:43:e8:
fd:37:0b:f0:30:32:96:b1:c7:30:cd:48:5c:c1:61:4d:2c:9d:
ce:3a:a1:e5:da:ec:d9:61:72:c1:a5:03:6b:d9:e7:3d:5a:f8:
db:8f:cb:6a:e8:f0:8e:4d:fd:ce:40:05:f6:a3:0d:98:a7:ff:
b7:2d:94:52:ea:ef:9a:b4:cd:61:b2:70:8b:a7:99:30:b5:58:
1c:93:9b:cc:04:7e:19:e2:36:d3:4e:8e:27:85:14:90:9e:76:
43:41:b7:a5:4c:ac:c3:d0:5a:f1:16:42:6a:e2:5f:7a:9d:2b:
56:d8:78:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoiFV7S8Zjp1srbvLzjm/mSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODIzMTEwOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNjOThlYTk4ZTNhYmNiMDhmMDI4OTA4OTI5NjMxNWRiZDRjYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aU4FeLIvHf6sSnotEmoR+CEduL7
TH6RKpy6tet95SQP4Ht+RxSzH+c5C5M1pyr5nA2Zh+Opx1+jmb8FQASI0dSOSuRX
5JHE3LjdUD54FCpVlFGzmNDwiOZx6WiSF+Wuru5nn0APWo8eE8vV+4rPi4tCzoi8
25+5eYAf28JBVrUKzOtszD1GsLJQ3quwJE7FQFDSmR6Aua8sK946Pms0dNV2DWAa
s68Wdn0vJKOlLqSfQUnaXhUYOtWaAUmOtKWM8uMJeRd5dqph68gkwmN8Ao+6R4AV
EttkzA2r37YbIP60Gb5J8raSyOo2XNRG38z3qDrGLOA0FkeCKzZXQ4u7lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEE8mOqY46vLCPAokIkpYxXb1Mp8MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvUVR5WTZwampxOHNJOENpUWlTbGpGZHZVeW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGBMA0G
CSqGSIb3DQEBCwUAA4IBAQAcjS1haDfMZBiPUB+EB1KbFD6InQiLKwgAXAo7Ilxt
EclskXEohG3dk2dbJmcNu8H7N8dieJ3Zk449Yk08MFTeIYdNC9iNSO0XD/mPpHUk
pPeC3VnzLCsxgueVw8vVQIl6IBpr0B5x0DPEUUqf4ApgYnLc9ljDlphz+R9FEN4R
1qRXIWED1t64egoj11NaQ+j9NwvwMDKWsccwzUhcwWFNLJ3OOqHl2uzZYXLBpQNr
2ec9Wvjbj8tq6PCOTf3OQAX2ow2Yp/+3LZRS6u+atM1hsnCLp5kwtVgck5vMBH4Z
4jbTTo4nhRSQnnZDQbelTKzD0FrxFkJq4l96nStW2Hgj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org