Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/QmIVS4SjhM2I2MR5_x1UJmmhVdA.roa
File: QmIVS4SjhM2I2MR5_x1UJmmhVdA.roa (raw, json)
Hash identifier: wTrSgOZO2eObqXY1EtkZfvv5D6apMIQgd0ERD58mZJY=
Subject key identifier: 42:62:15:4B:84:A3:84:CD:88:D8:C4:79:FF:1D:54:26:69:A1:55:D0
Certificate issuer: /CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14
Certificate serial: 018573716C494A87A86D1EE6C25FECE10600
Authority key identifier: EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/QmIVS4SjhM2I2MR5_x1UJmmhVdA.roa
Signing time: Mon 02 Jan 2023 17:04:51 +0000
ROA not before: Mon 02 Jan 2023 17:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12735
IP address blocks: 212.102.103.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:6c:49:4a:87:a8:6d:1e:e6:c2:5f:ec:e1:06:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14
Validity
Not Before: Jan 2 17:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4262154b84a384cd88d8c479ff1d542669a155d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3d:ab:bf:35:42:0f:00:43:ab:35:b9:de:19:
c9:03:bb:b7:62:d3:cd:87:19:72:40:f7:6d:97:ad:
66:95:33:78:4f:e2:cb:dd:de:3c:9e:e1:e3:d6:ed:
2b:7a:7e:e9:14:74:fa:4b:1e:13:f3:e0:b5:7f:ef:
4a:91:cb:a0:eb:7d:f9:6d:c7:3f:26:7a:75:45:f5:
c0:21:c2:4e:04:fd:5b:b9:34:a4:43:38:3c:b0:95:
f0:a4:ae:9a:b4:0d:aa:70:e6:54:65:c6:00:4f:ef:
2c:e3:c8:35:35:23:d9:65:24:d7:c8:35:5d:32:78:
33:e6:1e:fc:9b:b5:12:21:34:e2:07:71:93:52:3f:
3d:05:82:96:25:df:1d:49:de:72:09:eb:72:79:64:
65:74:55:bc:3c:a1:9c:66:16:06:61:57:bb:20:b3:
f8:bf:d5:07:b7:53:78:07:88:34:61:5b:81:4e:8b:
c5:cb:46:9f:f0:e1:9a:48:5a:54:7e:97:67:06:3d:
c2:d4:d0:16:22:58:c0:80:0b:e4:6f:9d:a2:5b:01:
8b:5d:1f:80:7d:ae:40:e7:45:c4:fb:09:c3:0d:fd:
77:c7:16:7b:99:82:ed:23:3b:48:58:77:b5:4b:88:
ef:53:ef:ea:11:44:99:47:d2:34:b4:4d:d9:9a:b5:
e0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:62:15:4B:84:A3:84:CD:88:D8:C4:79:FF:1D:54:26:69:A1:55:D0
X509v3 Authority Key Identifier:
keyid:EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/QmIVS4SjhM2I2MR5_x1UJmmhVdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.103.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:50:02:b3:2a:68:fc:4f:10:8c:37:68:85:84:45:f2:cd:9e:
2c:5a:ef:11:0e:1f:72:e8:78:6f:50:e8:24:83:4b:4c:1d:35:
95:f5:1d:52:a1:a9:2d:24:05:23:36:66:03:5c:9b:79:0e:a4:
b1:89:4f:b5:f0:52:cc:fd:62:ee:f9:e5:74:4a:b2:30:db:6d:
5b:71:96:48:0b:ab:3c:9d:db:9d:d1:0c:a0:54:a2:ee:ca:3b:
1a:eb:f4:83:9f:da:44:30:54:a3:3f:f8:b7:8e:16:78:19:42:
73:91:1c:06:46:01:64:c9:dc:2c:48:4c:4d:44:9c:99:cc:59:
e5:e5:68:74:95:8b:bb:29:7b:de:27:5e:e6:ee:3f:4a:06:fe:
33:67:62:f1:bd:23:f9:39:50:57:71:62:68:f5:45:fd:33:29:
27:48:09:3d:80:aa:d8:6b:71:65:c9:69:9f:13:be:48:c4:87:
c7:c5:8b:35:58:21:f6:26:a5:2e:26:8c:08:df:3b:01:b6:48:
d8:d1:48:a5:87:5c:ae:19:ca:91:e3:8a:0a:9b:6f:b3:ef:de:
b4:67:6a:b6:0a:84:40:fc:3a:e4:7d:5f:2d:16:66:d2:0b:f3:
8e:36:8e:31:45:05:10:fd:e7:fe:e2:03:ca:2f:a2:ca:52:a0:
85:20:d3:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzcWxJSoeobR7mwl/s4QYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMjI1OWYxNThiOWFhNzZhYWQwYjFhZGZhNjJjMWVlZDQ1
NTlkMTQwHhcNMjMwMTAyMTcwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjYyMTU0Yjg0YTM4NGNkODhkOGM0NzlmZjFkNTQyNjY5YTE1NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj2rvzVCDwBDqzW53hnJA7u3YtPN
hxlyQPdtl61mlTN4T+LL3d48nuHj1u0ren7pFHT6Sx4T8+C1f+9Kkcug6335bcc/
Jnp1RfXAIcJOBP1buTSkQzg8sJXwpK6atA2qcOZUZcYAT+8s48g1NSPZZSTXyDVd
Mngz5h78m7USITTiB3GTUj89BYKWJd8dSd5yCetyeWRldFW8PKGcZhYGYVe7ILP4
v9UHt1N4B4g0YVuBTovFy0af8OGaSFpUfpdnBj3C1NAWIljAgAvkb52iWwGLXR+A
fa5A50XE+wnDDf13xxZ7mYLtIztIWHe1S4jvU+/qEUSZR9I0tE3ZmrXgSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJiFUuEo4TNiNjEef8dVCZpoVXQMB8GA1UdIwQY
MBaAFO4iWfFYuap2qtCxrfpiwe7UVZ0UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQt
MzQ5N2NlMWI3MWJmLzEvUW1JVlM0U2poTTJJMk1SNV94MVVKbW1oVmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQtMzQ5N2NlMWI3MWJm
LzEvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GZnMA0G
CSqGSIb3DQEBCwUAA4IBAQB6UAKzKmj8TxCMN2iFhEXyzZ4sWu8RDh9y6HhvUOgk
g0tMHTWV9R1SoaktJAUjNmYDXJt5DqSxiU+18FLM/WLu+eV0SrIw221bcZZIC6s8
ndud0QygVKLuyjsa6/SDn9pEMFSjP/i3jhZ4GUJzkRwGRgFkydwsSExNRJyZzFnl
5Wh0lYu7KXveJ17m7j9KBv4zZ2LxvSP5OVBXcWJo9UX9MyknSAk9gKrYa3FlyWmf
E75IxIfHxYs1WCH2JqUuJowI3zsBtkjY0Uilh1yuGcqR44oKm2+z7960Z2q2CoRA
/DrkfV8tFmbSC/OONo4xRQUQ/ef+4gPKL6LKUqCFINMG
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:13 2024 by rpki-client on console-ams.rpki-client.org