Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1b9637-2795-4e7c-b33f-e28295e54c3c/1/BQKqdxfS13teQG0XsGXE0d5qXwg.roa
File: BQKqdxfS13teQG0XsGXE0d5qXwg.roa (raw, json)
Hash identifier: +uEaRqyGdt5HnHKNvmkpxjQA0VzTzRRIpb1C22L5EZM=
Subject key identifier: 05:02:AA:77:17:D2:D7:7B:5E:40:6D:17:B0:65:C4:D1:DE:6A:5F:08
Certificate issuer: /CN=24d470214c69e430f8b385e0936ad960166acdf0
Certificate serial: 018807FE5948763B68641590976EE92EFF7C
Authority key identifier: 24:D4:70:21:4C:69:E4:30:F8:B3:85:E0:93:6A:D9:60:16:6A:CD:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNRwIUxp5DD4s4Xgk2rZYBZqzfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1b9637-2795-4e7c-b33f-e28295e54c3c/1/BQKqdxfS13teQG0XsGXE0d5qXwg.roa
Signing time: Wed 10 May 2023 23:28:09 +0000
ROA not before: Wed 10 May 2023 23:28:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 213.255.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:07:fe:59:48:76:3b:68:64:15:90:97:6e:e9:2e:ff:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d470214c69e430f8b385e0936ad960166acdf0
Validity
Not Before: May 10 23:28:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0502aa7717d2d77b5e406d17b065c4d1de6a5f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:34:77:36:7b:f6:64:f8:4d:aa:3f:26:a1:22:
8b:6c:f1:b6:8e:c7:88:ee:9a:d8:ad:fc:cd:b6:b9:
64:19:24:ce:b3:4c:08:73:e1:cf:0b:78:ec:41:3b:
93:c5:d5:3f:3f:8c:81:31:3d:e5:92:b2:cf:c3:8c:
55:6d:ca:f7:68:4b:82:36:44:39:1e:d5:ab:ed:97:
4e:e0:4b:2a:33:9e:39:b0:c9:32:fe:60:41:b7:d0:
f9:04:a7:29:11:ac:17:37:ec:8f:81:8a:68:1f:3c:
bc:29:63:5c:cc:b2:da:12:49:c0:f7:75:79:55:1e:
44:57:76:21:96:27:4d:81:69:63:cc:5c:15:67:5d:
6c:bf:4e:98:40:b2:ca:0a:41:d4:5c:cc:05:c5:3c:
85:a4:59:08:df:16:8b:e1:7b:1d:97:31:49:91:84:
ef:40:2b:88:d6:6c:29:93:b2:06:04:39:6d:d7:6b:
fc:a2:bd:39:b0:5a:ca:3d:e3:5a:7e:90:6d:dc:99:
4a:c0:5f:da:aa:b2:91:29:57:d2:f0:4c:5e:1b:5b:
30:f3:18:ab:ec:c3:75:c1:14:36:8a:0b:16:86:b5:
2d:fa:4b:cc:5f:47:bf:f8:52:4a:e6:9b:ac:4b:52:
62:3a:61:c8:a7:af:c3:1b:9f:8c:0e:61:ac:bf:a4:
87:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:02:AA:77:17:D2:D7:7B:5E:40:6D:17:B0:65:C4:D1:DE:6A:5F:08
X509v3 Authority Key Identifier:
keyid:24:D4:70:21:4C:69:E4:30:F8:B3:85:E0:93:6A:D9:60:16:6A:CD:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNRwIUxp5DD4s4Xgk2rZYBZqzfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1b9637-2795-4e7c-b33f-e28295e54c3c/1/BQKqdxfS13teQG0XsGXE0d5qXwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1b9637-2795-4e7c-b33f-e28295e54c3c/1/JNRwIUxp5DD4s4Xgk2rZYBZqzfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.255.206.0/24
Signature Algorithm: sha256WithRSAEncryption
42:40:12:13:18:98:96:6d:d5:bc:ec:6c:c2:ec:7d:55:f0:39:
2b:71:83:82:fa:b1:d4:d5:98:39:20:6c:a5:bf:5b:41:1a:cf:
08:5b:40:c9:38:5a:8b:77:e1:3e:c5:fb:ba:5f:cb:d5:c3:7c:
ba:71:9a:41:16:14:5b:61:e9:0f:94:24:76:68:a4:dc:7d:3d:
f7:6d:a5:d1:d7:fb:9c:f4:ee:68:3d:0d:51:96:e0:a3:9f:5d:
b8:b2:2f:3d:c2:6a:2a:d0:73:5a:35:66:8f:47:76:0c:b8:6f:
19:09:76:36:c1:d6:e4:bc:2c:16:cb:2d:3f:66:a0:cc:c1:99:
ea:37:5d:b0:7c:30:fb:d1:a0:25:23:73:0e:00:43:36:67:aa:
05:4c:81:7e:96:8b:da:52:88:a1:a6:fd:67:41:1c:c9:59:f1:
df:52:93:63:c9:f6:91:d5:91:1e:57:99:50:28:f6:31:1b:32:
a0:ba:b3:36:bf:90:2f:9d:37:0f:8e:fc:f6:8c:b6:11:6b:35:
9d:bd:e9:29:04:d8:ba:77:cf:10:82:ed:b8:7e:4b:25:7d:b3:
20:88:54:96:0d:fd:67:d3:fe:52:59:ae:90:8a:5f:9c:9d:f0:
9d:ed:2d:a9:da:6a:92:eb:fa:e3:25:f0:2b:6b:24:b9:4d:d1:
b4:e0:6f:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgH/llIdjtoZBWQl27pLv98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDQ3MDIxNGM2OWU0MzBmOGIzODVlMDkzNmFkOTYwMTY2
YWNkZjAwHhcNMjMwNTEwMjMyODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTAyYWE3NzE3ZDJkNzdiNWU0MDZkMTdiMDY1YzRkMWRlNmE1ZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozR3Nnv2ZPhNqj8moSKLbPG2jseI
7prYrfzNtrlkGSTOs0wIc+HPC3jsQTuTxdU/P4yBMT3lkrLPw4xVbcr3aEuCNkQ5
HtWr7ZdO4EsqM545sMky/mBBt9D5BKcpEawXN+yPgYpoHzy8KWNczLLaEknA93V5
VR5EV3YhlidNgWljzFwVZ11sv06YQLLKCkHUXMwFxTyFpFkI3xaL4XsdlzFJkYTv
QCuI1mwpk7IGBDlt12v8or05sFrKPeNafpBt3JlKwF/aqrKRKVfS8ExeG1sw8xir
7MN1wRQ2igsWhrUt+kvMX0e/+FJK5pusS1JiOmHIp6/DG5+MDmGsv6SHtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUCqncX0td7XkBtF7BlxNHeal8IMB8GA1UdIwQY
MBaAFCTUcCFMaeQw+LOF4JNq2WAWas3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5Sd0lVeHA1REQ0czRYZ2syclpZQlpxemZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xYjk2MzctMjc5NS00ZTdjLWIzM2Yt
ZTI4Mjk1ZTU0YzNjLzEvQlFLcWR4ZlMxM3RlUUcwWHNHWEUwZDVxWHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xYjk2MzctMjc5NS00ZTdjLWIzM2YtZTI4Mjk1ZTU0YzNj
LzEvSk5Sd0lVeHA1REQ0czRYZ2syclpZQlpxemZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1f/OMA0G
CSqGSIb3DQEBCwUAA4IBAQBCQBITGJiWbdW87GzC7H1V8DkrcYOC+rHU1Zg5IGyl
v1tBGs8IW0DJOFqLd+E+xfu6X8vVw3y6cZpBFhRbYekPlCR2aKTcfT33baXR1/uc
9O5oPQ1RluCjn124si89wmoq0HNaNWaPR3YMuG8ZCXY2wdbkvCwWyy0/ZqDMwZnq
N12wfDD70aAlI3MOAEM2Z6oFTIF+lovaUoihpv1nQRzJWfHfUpNjyfaR1ZEeV5lQ
KPYxGzKgurM2v5AvnTcPjvz2jLYRazWdvekpBNi6d88Qgu24fkslfbMgiFSWDf1n
0/5SWa6Qil+cnfCd7S2p2mqS6/rjJfArayS5TdG04G9E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:36 2024 by rpki-client on console-ams.rpki-client.org