Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/QnZL-V2kJUx37P10Y4U_Turdl9g.roa
File: QnZL-V2kJUx37P10Y4U_Turdl9g.roa (raw, json)
Hash identifier: kZaURbIDnIiOCvzeaLpnargCcoH2DRtrAmXL+NCxAIs=
Subject key identifier: 42:76:4B:F9:5D:A4:25:4C:77:EC:FD:74:63:85:3F:4E:EA:DD:97:D8
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01856E38D61CD5906826E63C012C86293820
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/QnZL-V2kJUx37P10Y4U_Turdl9g.roa
Signing time: Sun 01 Jan 2023 16:44:56 +0000
ROA not before: Sun 01 Jan 2023 16:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 212.111.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:d6:1c:d5:90:68:26:e6:3c:01:2c:86:29:38:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 16:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42764bf95da4254c77ecfd7463853f4eeadd97d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a9:f0:07:83:7e:5c:8c:3c:02:aa:04:82:a5:
33:ae:37:83:67:81:6f:76:ca:21:22:9d:a4:1a:cc:
ad:c6:49:3c:d4:55:28:49:ef:4c:f0:ef:81:5a:c6:
fd:fc:6e:94:32:c4:1e:1c:7c:ea:fc:65:b6:2d:e8:
13:06:46:fc:40:04:0c:57:ec:c5:3b:09:04:b8:24:
82:a0:b3:75:93:fd:af:e9:5d:b6:75:3a:2f:e8:9d:
40:40:ae:6a:d5:eb:9e:74:e1:f3:5a:13:f0:ce:5f:
31:6c:46:c5:83:3f:41:e5:3b:88:cf:9c:a5:23:16:
7c:f6:47:17:a1:98:a8:d2:63:9f:03:a1:ab:08:3f:
37:0e:18:cb:83:b4:a1:eb:2f:60:60:c9:13:f1:f7:
2e:3f:fc:08:cb:3e:c0:3b:be:61:3a:79:a1:62:f6:
6f:a5:2b:a8:da:d9:ab:3c:e3:d6:50:f6:44:65:16:
96:52:a2:0b:7a:2b:78:b7:04:99:1c:a0:00:54:c9:
96:cb:37:d8:b5:cf:af:4a:88:37:36:b1:78:54:19:
49:08:28:77:be:9a:0d:a8:1d:2e:38:fb:eb:3d:5e:
b9:e1:d6:e1:bb:ef:54:6c:4f:d2:e4:f4:71:12:de:
b9:30:f5:b8:b6:fa:4f:cd:6b:b1:a7:17:19:43:36:
b4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:76:4B:F9:5D:A4:25:4C:77:EC:FD:74:63:85:3F:4E:EA:DD:97:D8
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/QnZL-V2kJUx37P10Y4U_Turdl9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:20:d7:64:88:c7:35:ac:ce:5b:3b:77:dd:4a:fb:0c:1a:c3:
57:b6:4e:8d:1c:e5:9f:6a:7e:2c:1e:1c:2c:83:d4:69:51:c6:
b3:41:4f:d3:84:ad:e1:d2:a4:91:ca:e3:d7:da:83:10:41:ae:
4a:d1:f6:8d:ad:82:77:57:f8:32:87:37:00:8a:18:d9:15:82:
87:2d:17:d2:1a:d3:61:f3:fe:72:fa:60:f3:d1:30:8c:19:61:
0b:1b:a9:79:8c:5d:ef:f8:45:71:62:8b:7e:e1:e4:f3:58:8b:
c0:c8:51:30:d0:d9:c1:99:04:21:68:87:d7:a8:51:ea:56:05:
16:6a:d5:1d:d2:5f:5f:9a:67:78:b8:d9:27:19:35:e0:93:d9:
4d:7e:6b:44:93:5e:5a:72:c4:e4:d2:71:53:3d:8a:7d:25:8e:
71:df:94:86:ec:58:94:6c:f6:da:30:71:68:bb:58:73:73:f8:
2b:69:49:55:3b:d0:87:77:57:48:bf:da:37:f0:e1:99:2f:00:
e4:bb:b0:ee:82:bc:fc:c8:d8:14:20:71:3a:09:76:59:f6:0b:
29:b2:a0:8a:35:a9:f0:ef:5e:0c:37:4e:78:d5:5c:1c:60:3f:
4c:78:a1:b9:3b:7a:e9:48:19:4e:07:7c:95:9d:02:90:19:d1:
ca:50:bf:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuONYc1ZBoJuY8ASyGKTggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjc2NGJmOTVkYTQyNTRjNzdlY2ZkNzQ2Mzg1M2Y0ZWVhZGQ5N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqnwB4N+XIw8AqoEgqUzrjeDZ4Fv
dsohIp2kGsytxkk81FUoSe9M8O+BWsb9/G6UMsQeHHzq/GW2LegTBkb8QAQMV+zF
OwkEuCSCoLN1k/2v6V22dTov6J1AQK5q1euedOHzWhPwzl8xbEbFgz9B5TuIz5yl
IxZ89kcXoZio0mOfA6GrCD83DhjLg7Sh6y9gYMkT8fcuP/wIyz7AO75hOnmhYvZv
pSuo2tmrPOPWUPZEZRaWUqILeit4twSZHKAAVMmWyzfYtc+vSog3NrF4VBlJCCh3
vpoNqB0uOPvrPV654dbhu+9UbE/S5PRxEt65MPW4tvpPzWuxpxcZQza0JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJ2S/ldpCVMd+z9dGOFP07q3ZfYMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvUW5aTC1WMmtKVXgzN1AxMFk0VV9UdXJkbDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1G/cMA0G
CSqGSIb3DQEBCwUAA4IBAQB/INdkiMc1rM5bO3fdSvsMGsNXtk6NHOWfan4sHhws
g9RpUcazQU/ThK3h0qSRyuPX2oMQQa5K0faNrYJ3V/gyhzcAihjZFYKHLRfSGtNh
8/5y+mDz0TCMGWELG6l5jF3v+EVxYot+4eTzWIvAyFEw0NnBmQQhaIfXqFHqVgUW
atUd0l9fmmd4uNknGTXgk9lNfmtEk15acsTk0nFTPYp9JY5x35SG7FiUbPbaMHFo
u1hzc/graUlVO9CHd1dIv9o38OGZLwDku7Dugrz8yNgUIHE6CXZZ9gspsqCKNanw
714MN0541VwcYD9MeKG5O3rpSBlOB3yVnQKQGdHKUL++
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org