Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/qs2k2syoWwQtb4TrROXG_KC5SV0.roa
File: qs2k2syoWwQtb4TrROXG_KC5SV0.roa (raw, json)
Hash identifier: pc3OvYR3Af/cuRpwdeSj/BxoOKe20zqHERHHBmvyTzQ=
Subject key identifier: AA:CD:A4:DA:CC:A8:5B:04:2D:6F:84:EB:44:E5:C6:FC:A0:B9:49:5D
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018880FB9875CD7E3BBA05C56F507FF9A8DC
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/qs2k2syoWwQtb4TrROXG_KC5SV0.roa
Signing time: Sat 03 Jun 2023 11:19:12 +0000
ROA not before: Sat 03 Jun 2023 11:19:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197343
IP address blocks: 2.189.128.0/20 maxlen: 24
2.189.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:80:fb:98:75:cd:7e:3b:ba:05:c5:6f:50:7f:f9:a8:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jun 3 11:19:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aacda4dacca85b042d6f84eb44e5c6fca0b9495d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:15:69:b1:50:0a:cf:c4:2c:0a:d8:3c:0c:a0:
d5:a6:c4:c9:ad:21:4b:2b:39:f6:ad:8e:48:aa:e0:
a8:e8:1e:2e:e6:35:6c:40:d6:9f:67:61:c1:b0:15:
63:5e:03:39:a4:f7:19:a7:9f:ec:14:d6:f1:fb:cc:
0c:00:c3:f2:b2:3d:98:2e:ea:05:19:b2:15:ed:40:
37:a6:6c:3a:97:f7:3d:9d:ee:2f:94:38:58:8f:fb:
7b:b5:ca:c1:fc:d4:48:bb:e2:8c:9b:03:27:e7:95:
14:0e:67:56:21:ae:49:19:00:64:85:2a:4e:7e:45:
5a:86:60:d1:a6:ce:41:35:02:10:77:9e:84:f7:94:
66:5c:e2:5b:7e:d9:75:1c:0b:ab:ac:42:38:8f:34:
06:08:65:54:98:89:7c:a8:81:87:f8:1e:75:e0:98:
23:05:01:cf:3d:48:7a:2d:5f:c0:1a:ee:e8:87:ea:
7f:18:2e:72:d3:ea:9e:b5:a1:c4:83:91:f9:50:a9:
52:b2:8c:6e:d0:90:e1:bf:7b:63:6a:3a:91:b3:cc:
f1:fd:58:ca:7f:8f:a0:d6:63:dc:c5:80:f3:f5:29:
2c:e7:e1:8d:c5:5a:4f:44:f5:85:e0:db:ee:27:3d:
f9:ce:56:ae:f4:78:91:51:b0:ec:16:0b:66:46:9c:
0a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CD:A4:DA:CC:A8:5B:04:2D:6F:84:EB:44:E5:C6:FC:A0:B9:49:5D
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/qs2k2syoWwQtb4TrROXG_KC5SV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.128.0/19
Signature Algorithm: sha256WithRSAEncryption
10:ca:ae:b3:3f:4c:fd:7b:1a:33:31:5c:9c:32:71:3c:8c:91:
73:f3:05:35:65:1f:7b:bb:b7:bc:e3:09:c0:32:ea:de:a2:0c:
18:72:28:31:42:62:8c:7c:83:00:29:fe:67:7b:66:cd:25:6b:
f2:ea:d8:4f:1e:72:b0:a2:46:ae:a4:a8:dd:7e:cd:fb:a2:eb:
66:24:33:06:c2:7e:41:98:76:b4:15:f4:29:53:78:85:60:3f:
0a:9f:9f:b2:bb:b6:c2:3f:2e:dd:82:07:b2:ff:1f:c0:4e:21:
e4:36:da:b9:8f:50:3c:6f:e5:47:e2:cf:53:1e:19:b9:b0:e0:
b6:b0:00:8e:ce:c3:59:ab:4d:38:06:35:08:69:c3:7f:f6:ca:
04:64:7b:e9:4c:1e:6d:cb:11:b4:95:e5:b3:cd:4d:c3:61:00:
b1:4b:ea:3c:bd:ec:35:a9:31:49:29:54:67:d0:8c:74:3f:a1:
6d:96:51:f4:83:76:f7:18:f0:37:a1:65:80:ab:5a:e8:54:5e:
03:1d:04:3f:ba:bc:e5:37:ba:eb:af:af:d6:eb:5d:2d:3e:1c:
9c:f2:6a:4a:5f:c7:15:64:da:8a:b7:2d:b5:78:7d:ae:20:05:
4b:01:3e:16:8e:68:29:27:6e:1c:30:1d:1a:ee:ee:72:44:c9:
1a:fb:1a:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiA+5h1zX47ugXFb1B/+ajcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNjAzMTExOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNkYTRkYWNjYTg1YjA0MmQ2Zjg0ZWI0NGU1YzZmY2EwYjk0OTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBVpsVAKz8QsCtg8DKDVpsTJrSFL
Kzn2rY5IquCo6B4u5jVsQNafZ2HBsBVjXgM5pPcZp5/sFNbx+8wMAMPysj2YLuoF
GbIV7UA3pmw6l/c9ne4vlDhYj/t7tcrB/NRIu+KMmwMn55UUDmdWIa5JGQBkhSpO
fkVahmDRps5BNQIQd56E95RmXOJbftl1HAurrEI4jzQGCGVUmIl8qIGH+B514Jgj
BQHPPUh6LV/AGu7oh+p/GC5y0+qetaHEg5H5UKlSsoxu0JDhv3tjajqRs8zx/VjK
f4+g1mPcxYDz9Sks5+GNxVpPRPWF4NvuJz35zlau9HiRUbDsFgtmRpwKlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrNpNrMqFsELW+E60TlxvyguUldMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvcXMyazJzeW9Xd1F0YjRUclJPWEdfS0M1U1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFAr2AMA0G
CSqGSIb3DQEBCwUAA4IBAQAQyq6zP0z9exozMVycMnE8jJFz8wU1ZR97u7e84wnA
MureogwYcigxQmKMfIMAKf5ne2bNJWvy6thPHnKwokaupKjdfs37outmJDMGwn5B
mHa0FfQpU3iFYD8Kn5+yu7bCPy7dggey/x/ATiHkNtq5j1A8b+VH4s9THhm5sOC2
sACOzsNZq004BjUIacN/9soEZHvpTB5tyxG0leWzzU3DYQCxS+o8vew1qTFJKVRn
0Ix0P6FtllH0g3b3GPA3oWWAq1roVF4DHQQ/urzlN7rrr6/W610tPhyc8mpKX8cV
ZNqKty21eH2uIAVLAT4WjmgpJ24cMB0a7u5yRMka+xqa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org