Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/QUjkJ18bN12vei93cDuv8ew60k4.roa
File: QUjkJ18bN12vei93cDuv8ew60k4.roa (raw, json)
Hash identifier: mWBQT/W4Iv1RymjDiPvF1KJEOUhvMoPXU4O1N1WKE5w=
Subject key identifier: 41:48:E4:27:5F:1B:37:5D:AF:7A:2F:77:70:3B:AF:F1:EC:3A:D2:4E
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01856E38C6882929358C242A05F828C9AA40
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/QUjkJ18bN12vei93cDuv8ew60k4.roa
Signing time: Sun 01 Jan 2023 16:44:52 +0000
ROA not before: Sun 01 Jan 2023 16:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12687
IP address blocks: 212.111.206.0/24 maxlen: 24
212.111.205.0/24 maxlen: 24
212.111.202.0/23 maxlen: 24
212.111.201.0/24 maxlen: 24
212.111.213.0/24 maxlen: 24
212.111.212.0/23 maxlen: 23
212.111.208.0/22 maxlen: 22
212.111.192.0/19 maxlen: 24
212.111.192.0/20 maxlen: 24
212.111.192.0/21 maxlen: 24
212.111.199.0/24 maxlen: 24
212.111.198.0/24 maxlen: 24
2a01:5c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Feb 2023 16:29:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:c6:88:29:29:35:8c:24:2a:05:f8:28:c9:aa:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 16:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4148e4275f1b375daf7a2f77703baff1ec3ad24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c6:6c:77:29:12:c5:fd:3d:f6:46:d8:d5:dc:
9d:64:b4:fb:cd:30:0c:19:2c:8f:c1:c7:88:00:c2:
a5:80:ec:9e:cb:df:40:ad:65:4c:9a:f9:cf:a2:01:
ee:5d:0a:c9:45:b6:c0:05:ae:33:af:53:8b:1b:5e:
28:0f:a3:b3:e6:8d:48:f4:21:8b:3a:e6:4d:fd:dd:
08:bb:32:8f:05:5a:e6:6c:83:c0:b8:7d:a4:35:0d:
6a:54:a1:01:c7:8c:0f:5a:5c:db:32:00:6c:89:7d:
3c:77:56:6e:de:ee:b9:42:21:16:dc:f0:b9:ee:2c:
90:a4:69:75:4a:3c:81:eb:89:59:4f:49:2e:6c:ad:
eb:e2:6e:1b:17:f2:c0:e0:a7:09:1d:c2:23:60:a4:
02:cb:29:fc:4e:92:91:6e:f7:dc:36:4f:f8:ec:fd:
f9:fe:eb:46:bd:d9:42:9d:4a:12:b3:26:da:d5:6e:
b0:bf:77:ad:f1:ec:6f:55:9a:d9:9d:b4:51:83:ed:
63:a9:76:c0:e1:3d:6a:7e:de:2d:eb:86:03:31:05:
4e:f7:f9:2d:84:13:6d:bc:d7:4a:87:57:67:27:15:
85:19:bf:4d:a9:ee:d8:95:88:8e:5c:0a:8e:a4:b9:
ab:14:6e:f3:c6:40:e4:1e:bd:09:2a:84:77:f1:9c:
cb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:48:E4:27:5F:1B:37:5D:AF:7A:2F:77:70:3B:AF:F1:EC:3A:D2:4E
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/QUjkJ18bN12vei93cDuv8ew60k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.192.0/19
IPv6:
2a01:5c40::/32
Signature Algorithm: sha256WithRSAEncryption
c7:2e:7f:1d:16:3f:b1:57:10:0b:b1:f1:28:71:f6:cd:f3:21:
6f:18:fa:c0:c2:37:b4:f9:a9:61:86:bb:53:ac:a8:fd:5e:e8:
2a:e9:f9:25:23:44:1e:50:9d:06:c2:94:cf:f9:4a:4d:74:93:
eb:cb:7e:85:ce:40:35:34:fd:c4:9f:9a:53:5b:0e:76:36:23:
de:1a:ce:e6:1c:ac:51:ed:5a:ee:13:68:0e:bc:a3:c0:d9:23:
fd:3c:af:15:3d:a2:d0:21:51:c1:8b:0f:92:24:1e:8b:2b:05:
6d:f3:94:e5:7e:ab:ad:69:19:6c:94:76:0e:30:2a:5b:b0:60:
a1:70:7e:f2:17:f6:41:4e:5f:a5:14:d6:00:ed:58:b4:58:6d:
20:2e:98:fc:2a:36:0f:f8:20:04:30:a8:1f:73:af:07:3e:f1:
74:7f:61:61:59:a8:19:56:f2:60:dc:2f:8f:7c:5d:f0:13:80:
3d:85:24:b2:99:cb:96:9c:7b:d4:81:05:b2:2b:41:0b:67:cb:
b5:d6:cf:2f:0f:66:27:fb:c1:35:92:6b:35:b1:03:db:63:8b:
f3:2f:d6:77:65:52:8c:c5:d2:d1:e4:ac:64:3f:7f:fc:ab:fb:
3a:d1:7a:48:ea:4e:59:d0:90:95:ab:ca:0d:60:ee:ad:8f:b7:
ea:82:2b:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuOMaIKSk1jCQqBfgoyapAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQ4ZTQyNzVmMWIzNzVkYWY3YTJmNzc3MDNiYWZmMWVjM2FkMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcZsdykSxf099kbY1dydZLT7zTAM
GSyPwceIAMKlgOyey99ArWVMmvnPogHuXQrJRbbABa4zr1OLG14oD6Oz5o1I9CGL
OuZN/d0IuzKPBVrmbIPAuH2kNQ1qVKEBx4wPWlzbMgBsiX08d1Zu3u65QiEW3PC5
7iyQpGl1SjyB64lZT0kubK3r4m4bF/LA4KcJHcIjYKQCyyn8TpKRbvfcNk/47P35
/utGvdlCnUoSsyba1W6wv3et8exvVZrZnbRRg+1jqXbA4T1qft4t64YDMQVO9/kt
hBNtvNdKh1dnJxWFGb9Nqe7YlYiOXAqOpLmrFG7zxkDkHr0JKoR38ZzLMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEFI5CdfGzddr3ovd3A7r/HsOtJOMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvUVVqa0oxOGJOMTJ2ZWk5M2NEdXY4ZXc2MGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1G/AMA0E
AgACMAcDBQAqAVxAMA0GCSqGSIb3DQEBCwUAA4IBAQDHLn8dFj+xVxALsfEocfbN
8yFvGPrAwje0+alhhrtTrKj9Xugq6fklI0QeUJ0GwpTP+UpNdJPry36FzkA1NP3E
n5pTWw52NiPeGs7mHKxR7VruE2gOvKPA2SP9PK8VPaLQIVHBiw+SJB6LKwVt85Tl
fqutaRlslHYOMCpbsGChcH7yF/ZBTl+lFNYA7Vi0WG0gLpj8KjYP+CAEMKgfc68H
PvF0f2FhWagZVvJg3C+PfF3wE4A9hSSymcuWnHvUgQWyK0ELZ8u11s8vD2Yn+8E1
kms1sQPbY4vzL9Z3ZVKMxdLR5KxkP3/8q/s60XpI6k5Z0JCVq8oNYO6tj7fqgis2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org