Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/kJQMOgsJxBjRp7NgK_6sQzGN_9o.roa
File: kJQMOgsJxBjRp7NgK_6sQzGN_9o.roa (raw, json)
Hash identifier: Ec0zxFPTKkHobgF9cY2ACo68peu6kZ0QzisVLvZdCT4=
Subject key identifier: 90:94:0C:3A:0B:09:C4:18:D1:A7:B3:60:2B:FE:AC:43:31:8D:FF:DA
Certificate issuer: /CN=412ac83a27ca8723c61b1446c3e678110c650689
Certificate serial: 01856C011ED7588C50D19C31E53924D5F4D6
Authority key identifier: 41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/kJQMOgsJxBjRp7NgK_6sQzGN_9o.roa
Signing time: Sun 01 Jan 2023 06:24:50 +0000
ROA not before: Sun 01 Jan 2023 06:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44207
IP address blocks: 193.111.112.0/23 maxlen: 23
193.111.108.0/22 maxlen: 22
194.9.168.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:1e:d7:58:8c:50:d1:9c:31:e5:39:24:d5:f4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=412ac83a27ca8723c61b1446c3e678110c650689
Validity
Not Before: Jan 1 06:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90940c3a0b09c418d1a7b3602bfeac43318dffda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:85:9a:da:80:75:b0:7d:c6:1c:63:ae:6e:1a:
05:7a:82:b6:c6:aa:38:cd:a5:e9:67:0b:48:72:cf:
20:97:00:59:78:98:23:65:7d:53:66:4e:01:cc:94:
76:73:c4:e4:bc:4b:75:b1:b3:3d:7f:8e:3b:60:72:
54:7f:d7:72:6a:4c:65:2d:33:48:c4:c8:50:b6:a6:
5a:8d:f5:6e:1a:0e:78:b3:7d:0c:a1:cd:56:00:3a:
ee:67:73:a0:d3:0a:10:94:ed:a9:9f:05:70:21:f1:
2d:11:99:51:cd:f3:5e:5b:16:ae:f1:31:b6:83:5a:
7c:32:10:84:cd:4d:21:90:ef:b6:35:d7:ba:f0:e3:
1d:6d:8a:34:e4:31:6c:48:db:e9:3e:fc:cb:59:99:
16:e7:f3:9a:90:1f:d6:7d:3a:80:4c:63:0f:74:53:
37:7e:a4:19:55:6e:d3:72:c0:49:3b:2e:21:60:8e:
28:fc:48:8e:64:9f:54:ec:c3:47:02:5c:49:bf:c6:
8c:26:6e:2d:0f:3f:9a:90:c1:50:c5:44:54:94:47:
5b:af:08:10:68:90:48:72:15:a7:59:8a:ef:90:44:
8f:64:65:7d:ca:61:d8:32:01:5b:d7:e1:13:04:1b:
a3:6d:f5:99:83:a6:f2:51:55:18:ce:f2:a8:22:31:
5b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:94:0C:3A:0B:09:C4:18:D1:A7:B3:60:2B:FE:AC:43:31:8D:FF:DA
X509v3 Authority Key Identifier:
keyid:41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/kJQMOgsJxBjRp7NgK_6sQzGN_9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/QSrIOifKhyPGGxRGw-Z4EQxlBok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.108.0-193.111.113.255
194.9.168.0/23
Signature Algorithm: sha256WithRSAEncryption
47:58:48:f1:ef:eb:55:76:e0:4a:24:e2:79:f0:8d:5c:ae:50:
70:8f:07:27:7f:45:b2:54:23:c6:8c:ae:a8:95:9f:91:d6:79:
8e:7e:cf:6d:3b:d6:d6:e5:86:4f:b0:ed:fc:f3:0a:cf:37:33:
49:77:e4:58:41:7b:18:65:e4:ba:a8:a6:70:f5:18:79:92:2f:
ca:53:44:1a:16:b1:48:58:c5:61:6d:a2:3f:d4:72:d1:4d:e1:
ba:9f:4e:9f:45:05:9b:3f:63:cb:00:31:ef:0b:38:37:60:ae:
b6:e8:e3:39:ef:45:51:c3:98:33:b2:0c:19:20:ba:d7:75:d3:
5e:da:e5:cd:b8:ee:ad:ff:1e:5f:f3:65:75:c6:fd:d9:7f:21:
b5:f3:0a:ce:f2:60:62:fe:5b:b9:5c:e3:ec:28:52:69:49:3a:
ef:47:f1:e6:ed:3a:e7:cb:4f:6a:93:ab:28:b8:c8:b9:bf:be:
28:cc:dc:0e:8c:60:0f:70:48:c6:25:1b:60:05:6a:43:e9:79:
cb:4a:ee:d6:8d:4a:fa:b4:be:62:df:df:a0:07:cb:04:91:78:
d2:16:a7:72:07:2b:64:97:ed:76:7d:05:5f:d8:2f:d7:40:10:
10:34:74:08:eb:e8:35:a3:bc:0a:a7:78:f8:40:af:b9:ce:bd:
28:11:2d:6d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVsAR7XWIxQ0Zwx5Tkk1fTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmFjODNhMjdjYTg3MjNjNjFiMTQ0NmMzZTY3ODExMGM2
NTA2ODkwHhcNMjMwMTAxMDYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDk0MGMzYTBiMDljNDE4ZDFhN2IzNjAyYmZlYWM0MzMxOGRmZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoWa2oB1sH3GHGOubhoFeoK2xqo4
zaXpZwtIcs8glwBZeJgjZX1TZk4BzJR2c8TkvEt1sbM9f447YHJUf9dyakxlLTNI
xMhQtqZajfVuGg54s30Moc1WADruZ3Og0woQlO2pnwVwIfEtEZlRzfNeWxau8TG2
g1p8MhCEzU0hkO+2Nde68OMdbYo05DFsSNvpPvzLWZkW5/OakB/WfTqATGMPdFM3
fqQZVW7TcsBJOy4hYI4o/EiOZJ9U7MNHAlxJv8aMJm4tDz+akMFQxURUlEdbrwgQ
aJBIchWnWYrvkESPZGV9ymHYMgFb1+ETBBujbfWZg6byUVUYzvKoIjFbiwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJCUDDoLCcQY0aezYCv+rEMxjf/aMB8GA1UdIwQY
MBaAFEEqyDonyocjxhsURsPmeBEMZQaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5Mzct
MWY4NTZjMDkzYWU4LzEva0pRTU9nc0p4QmpScDdOZ0tfNnNRekdOXzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5MzctMWY4NTZjMDkzYWU4
LzEvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALBb2wD
BAHBb3ADBAHCCagwDQYJKoZIhvcNAQELBQADggEBAEdYSPHv61V24Eok4nnwjVyu
UHCPByd/RbJUI8aMrqiVn5HWeY5+z2071tblhk+w7fzzCs83M0l35FhBexhl5Lqo
pnD1GHmSL8pTRBoWsUhYxWFtoj/UctFN4bqfTp9FBZs/Y8sAMe8LODdgrrbo4znv
RVHDmDOyDBkgutd1017a5c247q3/Hl/zZXXG/dl/IbXzCs7yYGL+W7lc4+woUmlJ
Ou9H8ebtOufLT2qTqyi4yLm/vijM3A6MYA9wSMYlG2AFakPpectK7taNSvq0vmLf
36AHywSReNIWp3IHK2SX7XZ9BV/YL9dAEBA0dAjr6DWjvAqnePhAr7nOvSgRLW0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:10 2024 by rpki-client on console-ams.rpki-client.org