Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/qz3mJtM5O93OEXRnJVBlpAuoCdM.roa
File: qz3mJtM5O93OEXRnJVBlpAuoCdM.roa (raw, json)
Hash identifier: SL/loDg2xe8/v6bOPGclQabTnDG7F9MBPJRK+tAB15I=
Subject key identifier: AB:3D:E6:26:D3:39:3B:DD:CE:11:74:67:25:50:65:A4:0B:A8:09:D3
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 018CC7947BDF5BA3EFDD59CAE804CED0EDDA
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/qz3mJtM5O93OEXRnJVBlpAuoCdM.roa
Signing time: Tue 02 Jan 2024 00:30:45 +0000
ROA not before: Tue 02 Jan 2024 00:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213250
IP address blocks: 134.255.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 11:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7b:df:5b:a3:ef:dd:59:ca:e8:04:ce:d0:ed:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 2 00:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab3de626d3393bddce117467255065a40ba809d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0c:55:01:0b:b2:c7:63:c2:8d:09:8f:ab:1b:
0f:a4:49:15:50:50:24:19:2d:80:4c:cd:42:fc:ae:
de:ce:b0:16:ae:52:1e:19:75:40:84:44:80:93:24:
3d:4b:34:9d:29:6d:d0:0c:b8:6b:44:34:8b:f3:7b:
db:be:b5:2a:4a:be:f6:66:15:b9:60:bc:40:d3:5f:
2b:f3:5a:35:f0:70:43:00:92:4c:65:58:6f:80:dd:
8e:f3:ba:74:dc:15:ce:e6:ba:3d:72:c0:f1:f7:20:
33:c5:9d:75:f4:36:39:9a:70:a1:91:ff:9f:f4:94:
e5:ac:df:4e:7f:25:1a:de:cd:45:5b:64:13:dd:08:
c2:40:d5:bd:a7:45:a2:06:f7:85:77:ce:1e:3e:8d:
3e:14:6c:d2:ec:68:1c:5f:e6:51:86:c1:13:ec:b2:
a5:ed:51:33:4a:33:c1:0f:09:88:02:c0:87:4e:ce:
b5:cb:c3:b4:52:13:68:74:54:a0:7d:58:0e:c5:7c:
1e:03:b1:8b:13:6d:c5:99:7a:18:01:86:53:72:e3:
67:b3:e7:7a:1e:cd:3b:cc:32:68:65:b5:fb:e8:10:
66:f4:52:a8:d1:64:df:fb:05:e3:f8:9f:f7:fc:5b:
82:5f:7a:ba:2b:63:21:21:b5:2c:9c:d4:41:cf:aa:
35:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3D:E6:26:D3:39:3B:DD:CE:11:74:67:25:50:65:A4:0B:A8:09:D3
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/qz3mJtM5O93OEXRnJVBlpAuoCdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.255.235.0/24
Signature Algorithm: sha256WithRSAEncryption
01:80:7a:ab:87:55:3a:a9:6d:f1:e7:ab:cb:4d:25:15:11:bc:
12:3d:56:66:9c:b8:0c:50:f3:0f:58:df:70:b3:a6:af:b6:5e:
d5:7c:dc:4a:d8:57:87:5e:84:64:f9:c5:0c:2c:16:e5:dc:64:
40:30:39:e7:02:57:d1:25:31:ec:e7:6d:08:17:04:5d:36:5c:
34:ae:4a:bf:29:aa:d9:d0:d9:38:08:6d:50:3b:29:82:dc:cb:
9d:70:1a:cd:2c:e2:e9:c6:c3:33:78:5c:8f:7a:1f:0f:23:1c:
e9:31:1c:33:fa:41:3d:9f:60:43:87:ae:b3:fc:c0:f9:88:7d:
a0:b8:64:42:00:e8:f0:65:0a:cd:30:0a:83:4f:c2:83:ba:42:
35:72:63:bc:3e:15:70:61:30:10:9a:b0:4c:6c:7b:0a:53:28:
ec:c3:af:bb:58:93:d5:2d:c2:db:2a:07:00:aa:c6:f6:11:4c:
17:41:81:ad:3c:0a:cc:a4:97:84:f3:72:07:3b:b4:b1:77:32:
5b:85:6a:fe:b1:fb:ac:b7:77:35:0a:4e:fd:b4:0e:6a:89:25:
db:c4:34:b7:e5:24:a1:90:ad:90:ee:e6:17:4a:4c:a2:14:65:
d4:8e:b8:8a:6d:0b:02:20:20:b0:40:66:2a:a7:5e:0f:5d:18:
42:32:f2:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlHvfW6Pv3VnK6ATO0O3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjQwMTAyMDAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNkZTYyNmQzMzkzYmRkY2UxMTc0NjcyNTUwNjVhNDBiYTgwOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQxVAQuyx2PCjQmPqxsPpEkVUFAk
GS2ATM1C/K7ezrAWrlIeGXVAhESAkyQ9SzSdKW3QDLhrRDSL83vbvrUqSr72ZhW5
YLxA018r81o18HBDAJJMZVhvgN2O87p03BXO5ro9csDx9yAzxZ119DY5mnChkf+f
9JTlrN9OfyUa3s1FW2QT3QjCQNW9p0WiBveFd84ePo0+FGzS7GgcX+ZRhsET7LKl
7VEzSjPBDwmIAsCHTs61y8O0UhNodFSgfVgOxXweA7GLE23FmXoYAYZTcuNns+d6
Hs07zDJoZbX76BBm9FKo0WTf+wXj+J/3/FuCX3q6K2MhIbUsnNRBz6o1wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKs95ibTOTvdzhF0ZyVQZaQLqAnTMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvcXozbUp0TTVPOTNPRVhSbkpWQmxwQXVvQ2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAhv/rMA0G
CSqGSIb3DQEBCwUAA4IBAQABgHqrh1U6qW3x56vLTSUVEbwSPVZmnLgMUPMPWN9w
s6avtl7VfNxK2FeHXoRk+cUMLBbl3GRAMDnnAlfRJTHs520IFwRdNlw0rkq/KarZ
0Nk4CG1QOymC3MudcBrNLOLpxsMzeFyPeh8PIxzpMRwz+kE9n2BDh66z/MD5iH2g
uGRCAOjwZQrNMAqDT8KDukI1cmO8PhVwYTAQmrBMbHsKUyjsw6+7WJPVLcLbKgcA
qsb2EUwXQYGtPArMpJeE83IHO7SxdzJbhWr+sfust3c1Ck79tA5qiSXbxDS35SSh
kK2Q7uYXSkyiFGXUjriKbQsCICCwQGYqp14PXRhCMvLF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:28 2024 by rpki-client on console-ams.rpki-client.org