Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QEGbkt-qer2BPGvKKT2hsrCmIwQ.roa
File: QEGbkt-qer2BPGvKKT2hsrCmIwQ.roa (raw, json)
Hash identifier: fvLR15NhNWMEIk7YuGq3iCexfuNhFTb53dtQu78K1rc=
Subject key identifier: 40:41:9B:92:DF:AA:7A:BD:81:3C:6B:CA:29:3D:A1:B2:B0:A6:23:04
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EBF3E3D48798B33A8752E03CA8D8F
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QEGbkt-qer2BPGvKKT2hsrCmIwQ.roa
Signing time: Mon 02 Jan 2023 12:04:50 +0000
ROA not before: Mon 02 Jan 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 138.128.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Feb 2023 16:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:bf:3e:3d:48:79:8b:33:a8:75:2e:03:ca:8d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40419b92dfaa7abd813c6bca293da1b2b0a62304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:55:7f:55:af:3f:5f:65:ff:46:b7:d5:99:6c:
b1:c2:de:76:6b:2b:a1:ec:7b:13:09:76:f9:0c:66:
da:c6:a7:03:4b:b8:26:b5:63:3e:1e:a8:3e:dc:8c:
b4:b3:96:7b:bb:39:d6:fc:31:33:cb:db:37:9a:09:
33:f5:68:af:f4:40:8c:e4:9a:14:41:50:6b:68:63:
f9:02:f5:c9:44:a0:92:37:28:44:69:ca:1c:d6:cc:
ba:1c:81:e4:39:ef:c2:f2:6b:2c:e1:d4:d1:80:64:
72:fe:87:d8:6b:ec:b4:40:6a:73:cb:82:27:29:75:
09:fe:7f:18:66:b8:e5:ec:b3:b3:83:b5:d8:55:a9:
13:f9:19:8d:ac:ef:5b:5b:1e:aa:60:b4:46:9f:e1:
00:53:2c:4d:f2:ba:34:6e:d6:1e:17:2b:39:1f:88:
4a:46:ce:57:9d:d7:21:38:5a:05:dc:7e:9c:f7:96:
1a:5f:54:6b:e2:4a:31:c2:e7:93:a3:43:7e:c5:99:
60:6d:a5:55:12:3a:3d:e7:f0:bb:50:ff:10:6c:70:
05:3b:85:27:36:fa:9b:e1:57:63:5f:56:93:cb:14:
ff:40:6e:8f:c1:b1:c6:98:5a:e3:6c:97:5a:67:e7:
c3:4d:cf:28:f6:44:d0:a3:a6:ba:75:8b:93:15:0e:
72:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:41:9B:92:DF:AA:7A:BD:81:3C:6B:CA:29:3D:A1:B2:B0:A6:23:04
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QEGbkt-qer2BPGvKKT2hsrCmIwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.128.145.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:5d:cf:d8:0a:49:23:41:ac:91:1d:7d:08:fd:ea:41:73:9d:
e6:14:0d:67:d6:da:1c:3b:34:d0:72:b7:d0:33:a3:b6:92:97:
c4:f5:77:e4:01:70:a6:ff:ed:95:1b:84:6f:92:45:24:34:96:
20:57:3b:42:f2:6b:0e:ba:c3:80:eb:52:65:f4:f6:31:c5:71:
18:13:81:ae:7b:6a:d8:11:6a:0e:42:3f:59:fd:a3:58:3d:5c:
21:5c:e2:07:0f:a7:bf:11:4e:78:48:26:59:a2:49:23:89:6e:
cd:48:4f:03:4e:ba:09:4a:c6:07:9e:4d:93:31:67:e9:f5:78:
bf:3a:4e:7b:95:12:96:35:db:cd:fd:19:43:ab:fa:12:d4:a5:
64:ce:90:d1:8e:68:31:c6:07:9f:47:8b:7e:fc:f3:f3:3d:dc:
17:be:86:0e:c4:5b:0b:f0:2f:f5:54:fd:23:49:da:66:e3:a8:
6d:01:ea:bd:98:52:02:c4:c2:2c:4d:01:79:75:50:7b:4b:4a:
e5:bd:af:90:81:ca:c8:67:71:68:30:07:1e:2c:b0:95:6d:a6:
1a:d3:3f:f9:b8:ef:44:72:70:b7:92:78:d1:a1:dd:be:94:2d:
7d:9a:bd:08:48:99:30:c5:a4:d1:ab:8a:ab:99:c0:23:13:2f:
10:00:66:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyXr8+PUh5izOodS4Dyo2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQxOWI5MmRmYWE3YWJkODEzYzZiY2EyOTNkYTFiMmIwYTYyMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVV/Va8/X2X/RrfVmWyxwt52ayuh
7HsTCXb5DGbaxqcDS7gmtWM+Hqg+3Iy0s5Z7uznW/DEzy9s3mgkz9Wiv9ECM5JoU
QVBraGP5AvXJRKCSNyhEacoc1sy6HIHkOe/C8mss4dTRgGRy/ofYa+y0QGpzy4In
KXUJ/n8YZrjl7LOzg7XYVakT+RmNrO9bWx6qYLRGn+EAUyxN8ro0btYeFys5H4hK
Rs5XndchOFoF3H6c95YaX1Rr4koxwueTo0N+xZlgbaVVEjo95/C7UP8QbHAFO4Un
Nvqb4VdjX1aTyxT/QG6PwbHGmFrjbJdaZ+fDTc8o9kTQo6a6dYuTFQ5yowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBBm5Lfqnq9gTxryik9obKwpiMEMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUUVHYmt0LXFlcjJCUEd2S0tUMmhzckNtSXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAioCRMA0G
CSqGSIb3DQEBCwUAA4IBAQAqXc/YCkkjQayRHX0I/epBc53mFA1n1tocOzTQcrfQ
M6O2kpfE9XfkAXCm/+2VG4RvkkUkNJYgVztC8msOusOA61Jl9PYxxXEYE4Gue2rY
EWoOQj9Z/aNYPVwhXOIHD6e/EU54SCZZokkjiW7NSE8DTroJSsYHnk2TMWfp9Xi/
Ok57lRKWNdvN/RlDq/oS1KVkzpDRjmgxxgefR4t+/PPzPdwXvoYOxFsL8C/1VP0j
Sdpm46htAeq9mFICxMIsTQF5dVB7S0rlva+QgcrIZ3FoMAceLLCVbaYa0z/5uO9E
cnC3knjRod2+lC19mr0ISJkwxaTRq4qrmcAjEy8QAGYx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org