Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QKoQ2TZpinIP3AP55LVhkL50Ec0.roa
File: QKoQ2TZpinIP3AP55LVhkL50Ec0.roa (raw, json)
Hash identifier: vQDCCXfxVh6CtE89JPLYskk3OE2zE0RX9c2x0Mf9JHU=
Subject key identifier: 40:AA:10:D9:36:69:8A:72:0F:DC:03:F9:E4:B5:61:90:BE:74:11:CD
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 018C7C116E88B4900C70E8BB7E75598B9AE9
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QKoQ2TZpinIP3AP55LVhkL50Ec0.roa
Signing time: Mon 18 Dec 2023 08:36:06 +0000
ROA not before: Mon 18 Dec 2023 08:36:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206446
IP address blocks: 213.137.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:11:6e:88:b4:90:0c:70:e8:bb:7e:75:59:8b:9a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Dec 18 08:36:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40aa10d936698a720fdc03f9e4b56190be7411cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6d:51:9e:dc:0b:5b:ac:5b:c9:ef:dd:07:2b:
73:17:4c:8d:0c:e5:ba:5d:4e:3e:84:7e:80:e9:ec:
20:c7:83:c4:cd:55:aa:3a:cf:9c:ad:f5:48:ec:01:
e7:fa:49:a4:40:ac:9c:13:23:14:ad:0a:cc:dd:57:
33:d3:cc:9e:78:2f:55:e7:9c:f4:70:05:62:34:eb:
5f:83:fc:c2:e8:b2:c5:af:e1:48:62:a0:b9:87:ba:
1f:59:bc:20:b5:01:0b:2b:3e:f5:7c:78:13:7b:e6:
e1:f1:26:4d:11:38:00:ba:0b:e4:91:9e:4a:a8:d4:
ce:08:d8:65:36:60:53:6f:23:a9:64:d4:83:f7:9c:
eb:25:ad:75:ec:e7:97:32:bf:4d:57:b6:92:e5:b5:
13:49:34:7b:45:c4:1c:89:0c:7f:a5:f5:d6:3a:e8:
b3:35:18:33:bc:9a:e8:be:f6:aa:e0:27:64:72:e2:
08:69:4a:2f:56:57:cd:d2:2c:0d:6f:e2:91:f7:ef:
72:d8:20:8e:1c:ec:69:b6:13:20:d1:bf:b4:6f:a1:
e5:b4:67:03:38:c5:55:36:95:b0:29:56:25:31:eb:
4b:e6:a1:1d:55:56:fe:ce:a3:d8:4a:b5:ae:72:9b:
8f:be:a0:c8:59:92:0c:b1:84:f2:d6:17:c9:fc:98:
b7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AA:10:D9:36:69:8A:72:0F:DC:03:F9:E4:B5:61:90:BE:74:11:CD
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/QKoQ2TZpinIP3AP55LVhkL50Ec0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.137.84.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:87:a8:3b:66:2e:b9:66:a4:5a:4f:54:cd:bf:20:5c:b3:b4:
50:9d:13:47:53:13:00:61:d7:cc:30:b4:c9:04:19:27:ae:62:
56:f3:6d:c9:45:0f:c1:59:fa:38:42:1e:d3:16:39:cd:78:e5:
b4:9f:15:68:bc:8a:17:66:66:49:f8:c1:6c:d6:0c:51:a1:bd:
ad:f8:ad:55:8b:13:0e:bd:d7:37:e8:bd:fd:39:ba:00:d8:9d:
3a:1e:27:0d:d3:b9:2f:d2:ec:c4:81:44:89:52:35:ac:19:d3:
46:cd:1e:de:1d:16:a9:b5:17:41:77:f1:9c:34:31:91:4f:00:
9d:54:09:b9:82:a9:38:ab:d6:db:65:03:c2:57:67:73:49:38:
72:e2:61:02:5d:46:ff:8b:33:3c:7b:2a:62:5c:c1:4d:f7:f2:
41:e5:e5:d3:c4:04:52:34:46:92:a1:2c:58:86:19:11:7b:20:
71:4f:b4:ad:8e:e3:0f:4d:b1:35:8e:21:f3:5e:34:66:99:2c:
3c:ad:e7:8a:77:38:22:30:57:dd:be:d1:35:be:92:7f:04:01:
df:69:9a:f1:d2:f9:6c:2d:8e:e9:12:99:92:fb:07:db:4c:73:
1e:b4:36:22:e6:37:29:07:0f:f2:0c:4a:b2:76:b0:db:94:66:
69:63:51:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx8EW6ItJAMcOi7fnVZi5rpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjMxMjE4MDgzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGFhMTBkOTM2Njk4YTcyMGZkYzAzZjllNGI1NjE5MGJlNzQxMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG1RntwLW6xbye/dBytzF0yNDOW6
XU4+hH6A6ewgx4PEzVWqOs+crfVI7AHn+kmkQKycEyMUrQrM3Vcz08yeeC9V55z0
cAViNOtfg/zC6LLFr+FIYqC5h7ofWbwgtQELKz71fHgTe+bh8SZNETgAugvkkZ5K
qNTOCNhlNmBTbyOpZNSD95zrJa117OeXMr9NV7aS5bUTSTR7RcQciQx/pfXWOuiz
NRgzvJrovvaq4CdkcuIIaUovVlfN0iwNb+KR9+9y2CCOHOxpthMg0b+0b6HltGcD
OMVVNpWwKVYlMetL5qEdVVb+zqPYSrWucpuPvqDIWZIMsYTy1hfJ/Ji3QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECqENk2aYpyD9wD+eS1YZC+dBHNMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvUUtvUTJUWnBpbklQM0FQNTVMVmhrTDUwRWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1YlUMA0G
CSqGSIb3DQEBCwUAA4IBAQAOh6g7Zi65ZqRaT1TNvyBcs7RQnRNHUxMAYdfMMLTJ
BBknrmJW823JRQ/BWfo4Qh7TFjnNeOW0nxVovIoXZmZJ+MFs1gxRob2t+K1VixMO
vdc36L39OboA2J06HicN07kv0uzEgUSJUjWsGdNGzR7eHRaptRdBd/GcNDGRTwCd
VAm5gqk4q9bbZQPCV2dzSThy4mECXUb/izM8eypiXMFN9/JB5eXTxARSNEaSoSxY
hhkReyBxT7StjuMPTbE1jiHzXjRmmSw8reeKdzgiMFfdvtE1vpJ/BAHfaZrx0vls
LY7pEpmS+wfbTHMetDYi5jcpBw/yDEqydrDblGZpY1EQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:38 2024 by rpki-client on console-ams.rpki-client.org