Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/qgxLo2_k-svEE2sffCbGz2l-7vk.roa
File: qgxLo2_k-svEE2sffCbGz2l-7vk.roa (raw, json)
Hash identifier: oIy4ErY35vm2osPHObqO48T5qujdqt+FMElNvd20x+I=
Subject key identifier: AA:0C:4B:A3:6F:E4:FA:CB:C4:13:6B:1F:7C:26:C6:CF:69:7E:EE:F9
Certificate issuer: /CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Certificate serial: 01856F8B8CCB2CEE23685974C9D393499A8A
Authority key identifier: CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/qgxLo2_k-svEE2sffCbGz2l-7vk.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 213.170.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Dec 2023 11:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8c:cb:2c:ee:23:68:59:74:c9:d3:93:49:9a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa0c4ba36fe4facbc4136b1f7c26c6cf697eeef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0b:6f:39:49:a2:1d:ee:3c:2e:3e:22:2b:34:
2c:2c:6f:3c:84:8b:b4:7a:2a:7a:66:ad:5b:64:10:
f8:4a:9c:65:47:85:a9:dd:69:20:92:2d:2d:ab:4e:
a4:6e:a4:ab:98:69:94:c5:62:d9:e1:7a:3f:cb:ef:
45:40:fd:cc:a3:64:5c:a5:fd:7a:97:65:f4:f0:36:
03:21:ed:10:45:91:83:27:c9:c0:a8:03:24:0c:78:
32:0a:42:60:98:0f:6b:87:87:b6:01:85:dc:b5:96:
10:ec:8e:55:1e:dd:eb:82:40:69:95:3b:97:c5:b4:
d0:1f:d0:af:59:a3:c5:bd:ae:81:59:bf:27:19:4e:
08:4c:a2:6a:d3:d2:5d:b6:bd:d7:46:ab:22:f0:7d:
7a:d4:a4:4b:b6:19:fd:22:00:74:ca:3d:97:2e:51:
45:3e:95:36:c6:db:6e:24:35:f4:3f:3e:18:37:d6:
e0:54:c3:66:ad:66:f6:bd:03:60:ea:d0:55:db:7c:
0f:55:1e:30:d4:2c:bb:f3:27:23:2a:4d:31:41:13:
51:20:17:56:34:c1:77:bf:fc:a1:f5:e1:bf:30:16:
39:91:53:e6:92:1e:b9:31:80:3f:9b:74:30:38:9f:
67:e8:48:33:bb:eb:f5:8d:1d:7b:79:f8:e8:cd:46:
9e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:0C:4B:A3:6F:E4:FA:CB:C4:13:6B:1F:7C:26:C6:CF:69:7E:EE:F9
X509v3 Authority Key Identifier:
keyid:CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/qgxLo2_k-svEE2sffCbGz2l-7vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.170.202.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ba:b4:e7:81:1f:e2:2a:48:25:5d:bd:9b:a0:00:d1:48:ec:
cc:c5:7b:e6:18:5f:09:48:3e:06:fc:87:80:57:39:2b:9b:7e:
81:7b:41:00:12:36:64:4a:48:dd:33:8e:d1:4b:46:6d:e4:4a:
ac:61:e2:dd:fe:5b:e0:a7:71:c1:20:6d:ac:b8:e1:f5:18:8c:
42:ef:75:14:4f:ad:7f:3b:c9:66:00:8f:ea:f1:08:4e:4d:61:
35:64:26:58:a0:af:57:0e:35:38:f7:6c:7c:1f:d0:0d:ef:8e:
ea:f6:41:22:34:60:c5:d4:62:28:77:34:e1:6a:dd:3d:46:3a:
cd:83:7a:f5:b5:a1:d8:5e:5a:a4:ad:cf:33:b1:f0:c3:ba:b2:
1c:84:33:90:75:50:4a:75:3a:d0:51:79:9b:14:f4:f5:37:50:
34:7e:1f:37:41:09:3a:0c:dc:b8:e0:9a:ea:07:e3:ce:14:da:
7a:f5:42:7d:42:f5:98:b2:3b:f6:00:7b:8c:75:26:2f:38:41:
e7:90:d6:6e:05:6c:df:05:3b:ba:fb:0e:52:d2:22:fb:b0:48:
24:89:dd:5c:b3:5d:e3:ef:d1:6a:30:31:c9:8c:ee:94:9c:8d:
cd:d5:e0:bf:73:0f:dc:b4:ff:8e:84:42:76:e7:c0:94:5d:06:
8d:2d:16:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi4zLLO4jaFl0ydOTSZqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYmY5NWI0N2FiMmI5OWMyMjJiZmU1NDUyMWVmZDFhYjY3
ZDI2N2YwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTBjNGJhMzZmZTRmYWNiYzQxMzZiMWY3YzI2YzZjZjY5N2VlZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAtvOUmiHe48Lj4iKzQsLG88hIu0
eip6Zq1bZBD4SpxlR4Wp3Wkgki0tq06kbqSrmGmUxWLZ4Xo/y+9FQP3Mo2Rcpf16
l2X08DYDIe0QRZGDJ8nAqAMkDHgyCkJgmA9rh4e2AYXctZYQ7I5VHt3rgkBplTuX
xbTQH9CvWaPFva6BWb8nGU4ITKJq09Jdtr3XRqsi8H161KRLthn9IgB0yj2XLlFF
PpU2xttuJDX0Pz4YN9bgVMNmrWb2vQNg6tBV23wPVR4w1Cy78ycjKk0xQRNRIBdW
NMF3v/yh9eG/MBY5kVPmkh65MYA/m3QwOJ9n6Egzu+v1jR17efjozUaeRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKoMS6Nv5PrLxBNrH3wmxs9pfu75MB8GA1UdIwQY
MBaAFMy/lbR6srmcIiv+VFIe/Rq2fSZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekwtVnRIcXl1WndpS181VVVoNzlHclo5Sm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMjliOTUtY2NiMy00NjdiLWFiN2Et
YWM1YjYxNDkzZTAxLzEvcWd4TG8yX2stc3ZFRTJzZmZDYkd6MmwtN3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMjliOTUtY2NiMy00NjdiLWFiN2EtYWM1YjYxNDkzZTAx
LzEvekwtVnRIcXl1WndpS181VVVoNzlHclo5Sm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1arKMA0G
CSqGSIb3DQEBCwUAA4IBAQA7urTngR/iKkglXb2boADRSOzMxXvmGF8JSD4G/IeA
Vzkrm36Be0EAEjZkSkjdM47RS0Zt5EqsYeLd/lvgp3HBIG2suOH1GIxC73UUT61/
O8lmAI/q8QhOTWE1ZCZYoK9XDjU492x8H9AN747q9kEiNGDF1GIodzThat09RjrN
g3r1taHYXlqkrc8zsfDDurIchDOQdVBKdTrQUXmbFPT1N1A0fh83QQk6DNy44Jrq
B+POFNp69UJ9QvWYsjv2AHuMdSYvOEHnkNZuBWzfBTu6+w5S0iL7sEgkid1cs13j
79FqMDHJjO6UnI3N1eC/cw/ctP+OhEJ258CUXQaNLRZP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:58 2024 by rpki-client on console-ams.rpki-client.org