Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/QLDaqgcTfdipSRCrWgZllJsvsKg.roa
File: QLDaqgcTfdipSRCrWgZllJsvsKg.roa (raw, json)
Hash identifier: pBYamSlHKFQuL5UgKjcwRE2MBYXxGc+XQkwGA4634Yw=
Subject key identifier: 40:B0:DA:AA:07:13:7D:D8:A9:49:10:AB:5A:06:65:94:9B:2F:B0:A8
Certificate issuer: /CN=1232303d1638e0735240491aaa9e42b1887adaca
Certificate serial: 01884CDBF92555E804720F4390A61E8BE9A5
Authority key identifier: 12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/QLDaqgcTfdipSRCrWgZllJsvsKg.roa
Signing time: Wed 24 May 2023 08:24:24 +0000
ROA not before: Wed 24 May 2023 08:24:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50330
IP address blocks: 31.220.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4c:db:f9:25:55:e8:04:72:0f:43:90:a6:1e:8b:e9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1232303d1638e0735240491aaa9e42b1887adaca
Validity
Not Before: May 24 08:24:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40b0daaa07137dd8a94910ab5a0665949b2fb0a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:eb:da:d9:bf:01:4a:ed:c7:3a:76:76:69:a2:
1e:c2:e2:f9:3b:a1:9a:1b:1e:72:79:cc:cb:6b:71:
e0:21:ff:72:d2:c2:c2:6e:57:b1:bc:b5:03:86:53:
5e:b5:b4:7f:6d:7b:57:a1:26:7d:f6:51:df:6a:c1:
ce:2b:d0:5e:f8:84:d3:1a:5d:2f:fd:a8:21:df:4a:
3f:78:33:bb:65:d4:72:bd:25:7b:c2:eb:01:0d:eb:
b7:4a:68:0a:8f:37:0b:3e:96:31:0a:d0:2b:d4:e5:
09:07:34:6f:7a:ee:0e:ef:37:b5:0f:66:0f:25:23:
26:f4:54:ba:ea:28:74:1d:30:a7:f1:6f:72:eb:56:
bb:32:69:1b:11:7a:e7:16:9a:e5:51:b9:b3:0a:4a:
cb:44:1e:0d:7c:9f:a1:01:2f:73:37:7d:fd:ec:64:
d4:aa:d6:26:8c:82:cd:1e:09:6d:6b:01:92:2b:8d:
1e:f7:ac:65:2c:f9:2b:bc:c8:84:8b:4c:86:4b:1c:
a2:9f:bb:16:9d:61:7b:f4:24:89:39:cd:9a:09:de:
5a:31:0a:9e:3a:0f:e1:fb:c4:4d:77:6a:bc:65:27:
75:c7:ef:b8:00:be:c6:1b:3f:a0:26:79:7a:8b:c1:
b8:02:a1:3f:65:06:33:be:c2:ad:c6:ab:db:7c:d8:
b6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B0:DA:AA:07:13:7D:D8:A9:49:10:AB:5A:06:65:94:9B:2F:B0:A8
X509v3 Authority Key Identifier:
keyid:12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/QLDaqgcTfdipSRCrWgZllJsvsKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.148.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:ca:db:fb:81:e1:ee:0f:8f:68:06:1f:db:89:d4:bb:be:0c:
cf:10:b2:1b:6c:5f:62:88:f1:99:fa:57:d5:9c:f3:80:a0:7f:
5e:00:9a:be:6d:c0:1c:eb:1f:47:91:8d:f0:ae:8d:5e:f8:e0:
22:02:e4:d9:5d:70:bb:0d:36:5c:f1:40:56:bd:35:f6:60:52:
7a:33:88:fa:75:f0:a4:f7:48:f0:cd:82:06:6d:35:55:a6:40:
e1:a4:a0:e1:64:0d:32:05:a1:f2:dd:56:a0:0e:47:b1:11:f3:
eb:9a:b2:20:da:da:e9:06:6d:f1:8c:95:7e:c4:ef:79:18:19:
4f:50:c4:95:7e:d5:e9:8c:85:43:14:44:8f:a2:23:f9:84:be:
9c:37:8d:ab:c8:52:94:e1:db:70:ae:c3:3a:58:af:51:5f:56:
8f:e5:ea:05:52:7d:a4:96:58:24:67:f6:d1:31:e1:bc:d1:0c:
44:df:6a:95:e2:53:d4:5a:36:01:7d:b3:e9:3f:d5:b6:59:de:
9b:23:f4:ad:c0:e2:72:e3:81:73:a1:e9:06:39:7c:e4:91:d0:
84:09:4d:0e:7b:cb:03:06:68:76:09:4b:a7:0d:36:88:42:f2:
45:e2:fb:15:5c:6f:26:10:3a:e6:f8:1a:b7:c6:9b:27:8c:d1:
b9:3a:c7:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhM2/klVegEcg9DkKYei+mlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzIzMDNkMTYzOGUwNzM1MjQwNDkxYWFhOWU0MmIxODg3
YWRhY2EwHhcNMjMwNTI0MDgyNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGIwZGFhYTA3MTM3ZGQ4YTk0OTEwYWI1YTA2NjU5NDliMmZiMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeva2b8BSu3HOnZ2aaIewuL5O6Ga
Gx5yeczLa3HgIf9y0sLCblexvLUDhlNetbR/bXtXoSZ99lHfasHOK9Be+ITTGl0v
/agh30o/eDO7ZdRyvSV7wusBDeu3SmgKjzcLPpYxCtAr1OUJBzRveu4O7ze1D2YP
JSMm9FS66ih0HTCn8W9y61a7MmkbEXrnFprlUbmzCkrLRB4NfJ+hAS9zN3397GTU
qtYmjILNHgltawGSK40e96xlLPkrvMiEi0yGSxyin7sWnWF79CSJOc2aCd5aMQqe
Og/h+8RNd2q8ZSd1x++4AL7GGz+gJnl6i8G4AqE/ZQYzvsKtxqvbfNi2JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECw2qoHE33YqUkQq1oGZZSbL7CoMB8GA1UdIwQY
MBaAFBIyMD0WOOBzUkBJGqqeQrGIetrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEt
MDY0NDE0ZDAzNDBmLzEvUUxEYXFnY1RmZGlwU1JDcldnWmxsSnN2c0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEtMDY0NDE0ZDAzNDBm
LzEvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH9yUMA0G
CSqGSIb3DQEBCwUAA4IBAQAfytv7geHuD49oBh/bidS7vgzPELIbbF9iiPGZ+lfV
nPOAoH9eAJq+bcAc6x9HkY3wro1e+OAiAuTZXXC7DTZc8UBWvTX2YFJ6M4j6dfCk
90jwzYIGbTVVpkDhpKDhZA0yBaHy3VagDkexEfPrmrIg2trpBm3xjJV+xO95GBlP
UMSVftXpjIVDFESPoiP5hL6cN42ryFKU4dtwrsM6WK9RX1aP5eoFUn2kllgkZ/bR
MeG80QxE32qV4lPUWjYBfbPpP9W2Wd6bI/StwOJy44FzoekGOXzkkdCECU0Oe8sD
Bmh2CUunDTaIQvJF4vsVXG8mEDrm+Bq3xpsnjNG5Osek
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:09 2024 by rpki-client on console-fra.rpki-client.org