Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/QXk34IasF7k99ipbzmgD4kqQR5M.roa
File: QXk34IasF7k99ipbzmgD4kqQR5M.roa (raw, json)
Hash identifier: jMM+RyAaF+CoXbrsXxzeTkrz0JjYlNbbwEJrmrxAGBg=
Subject key identifier: 41:79:37:E0:86:AC:17:B9:3D:F6:2A:5B:CE:68:03:E2:4A:90:47:93
Certificate issuer: /CN=9c620f31b4997c7345bc66b46b43d686bf00931a
Certificate serial: 0191B7C9352D81F8C8D049A484B3B45A871E
Authority key identifier: 9C:62:0F:31:B4:99:7C:73:45:BC:66:B4:6B:43:D6:86:BF:00:93:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGIPMbSZfHNFvGa0a0PWhr8Akxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/QXk34IasF7k99ipbzmgD4kqQR5M.roa
Signing time: Tue 03 Sep 2024 12:08:22 +0000
ROA not before: Tue 03 Sep 2024 12:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20618
IP address blocks: 213.132.0.0/19 maxlen: 19
2a02:4bc0::/29 maxlen: 29
2a02:4bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:c9:35:2d:81:f8:c8:d0:49:a4:84:b3:b4:5a:87:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c620f31b4997c7345bc66b46b43d686bf00931a
Validity
Not Before: Sep 3 12:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=417937e086ac17b93df62a5bce6803e24a904793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:86:75:32:ae:35:98:07:95:b6:73:1b:96:a0:
00:7b:df:8b:16:76:82:47:e5:9b:2b:ec:c7:33:b4:
fc:24:cb:fb:08:2e:63:76:d0:d2:98:67:4d:20:57:
00:04:3d:b7:ec:53:91:7d:47:27:d3:50:f8:4f:e0:
4a:71:11:32:c9:a1:2b:07:18:5a:ab:6e:d2:79:39:
12:e9:41:fe:57:bd:4f:b2:28:75:13:2f:fd:05:ef:
6b:5a:a6:1e:33:37:83:cf:e4:f9:98:53:e1:d0:c2:
a7:aa:76:43:34:9c:5f:ca:85:ab:08:56:f2:80:18:
85:ee:93:ad:f8:88:20:4b:46:ea:51:d1:df:2b:5c:
61:fc:e8:be:9e:aa:db:10:c5:3a:83:51:08:8e:f7:
35:ba:7a:00:a7:a2:3a:a5:f9:27:61:01:9b:04:c4:
cf:4a:ad:3a:d6:d3:23:be:82:76:3b:3b:7e:ea:ab:
89:dd:7e:e9:95:07:da:79:c4:84:a2:8c:25:cc:66:
88:eb:e0:15:95:77:a8:45:78:3d:fa:fa:3b:fc:ef:
18:f0:df:3e:82:44:f6:d8:f9:9f:a8:cc:dd:76:bd:
74:ef:e2:fe:89:54:d6:62:b5:71:c0:1e:04:99:32:
1f:5b:c4:bd:8e:16:03:f4:37:9a:25:98:14:1c:f9:
aa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:79:37:E0:86:AC:17:B9:3D:F6:2A:5B:CE:68:03:E2:4A:90:47:93
X509v3 Authority Key Identifier:
keyid:9C:62:0F:31:B4:99:7C:73:45:BC:66:B4:6B:43:D6:86:BF:00:93:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGIPMbSZfHNFvGa0a0PWhr8Akxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/QXk34IasF7k99ipbzmgD4kqQR5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/nGIPMbSZfHNFvGa0a0PWhr8Akxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.132.0.0/19
IPv6:
2a02:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
99:b1:de:f2:75:9b:3a:f6:d2:59:d6:18:9d:ba:60:b9:b0:0c:
92:fa:de:1a:16:cc:0b:05:76:2b:bd:56:8d:27:bf:84:7c:51:
46:26:6d:a0:42:90:c1:7e:7a:1a:56:1d:a8:4e:78:4f:16:9c:
e0:57:6b:2f:40:1b:75:5d:8f:17:6a:d6:f8:d5:51:60:5b:09:
a4:91:8c:d0:72:32:95:2f:87:15:5b:44:23:df:90:7d:6c:ff:
5b:d4:9e:5f:75:3a:1e:0a:0a:bc:f3:04:25:39:9c:b2:a7:da:
9b:50:49:04:5e:49:c4:2c:e0:30:63:93:bd:10:74:3e:bc:0f:
cc:6c:02:e4:67:d7:72:8e:6c:d4:9c:87:46:97:7e:34:00:11:
4f:de:d0:e8:d3:7b:9c:0f:be:a7:ef:2c:33:9f:5e:a1:c1:aa:
2d:2a:83:2d:27:be:2e:04:93:92:43:b5:e3:65:ef:c3:b5:97:
93:b1:77:7a:06:e7:d5:79:0e:6b:5f:59:bc:d6:33:4c:45:12:
40:a8:71:9f:2b:de:01:29:eb:bd:fd:3b:9b:83:4c:2f:ad:1d:
91:5f:36:ee:4e:71:91:b9:d9:57:5e:3a:f6:c3:08:87:f5:00:
a5:ee:79:45:a8:ee:0d:17:28:49:c3:1f:48:f6:9f:2c:89:f8:
45:d2:70:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZG3yTUtgfjI0EmkhLO0WoceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjIwZjMxYjQ5OTdjNzM0NWJjNjZiNDZiNDNkNjg2YmYw
MDkzMWEwHhcNMjQwOTAzMTIwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc5MzdlMDg2YWMxN2I5M2RmNjJhNWJjZTY4MDNlMjRhOTA0NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoZ1Mq41mAeVtnMblqAAe9+LFnaC
R+WbK+zHM7T8JMv7CC5jdtDSmGdNIFcABD237FORfUcn01D4T+BKcREyyaErBxha
q27SeTkS6UH+V71Psih1Ey/9Be9rWqYeMzeDz+T5mFPh0MKnqnZDNJxfyoWrCFby
gBiF7pOt+IggS0bqUdHfK1xh/Oi+nqrbEMU6g1EIjvc1unoAp6I6pfknYQGbBMTP
Sq061tMjvoJ2Ozt+6quJ3X7plQfaecSEoowlzGaI6+AVlXeoRXg9+vo7/O8Y8N8+
gkT22PmfqMzddr107+L+iVTWYrVxwB4EmTIfW8S9jhYD9DeaJZgUHPmqJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEF5N+CGrBe5PfYqW85oA+JKkEeTMB8GA1UdIwQY
MBaAFJxiDzG0mXxzRbxmtGtD1oa/AJMaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdJUE1iU1pmSE5GdkdhMGEwUFdocjhBa3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84OTI4ZjEtODYxOC00YzE5LTlmM2Qt
NGI4NzkzZGI3NDYwLzEvUVhrMzRJYXNGN2s5OWlwYnptZ0Q0a3FRUjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84OTI4ZjEtODYxOC00YzE5LTlmM2QtNGI4NzkzZGI3NDYw
LzEvbkdJUE1iU1pmSE5GdkdhMGEwUFdocjhBa3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1YQAMA0E
AgACMAcDBQMqAkvAMA0GCSqGSIb3DQEBCwUAA4IBAQCZsd7ydZs69tJZ1hidumC5
sAyS+t4aFswLBXYrvVaNJ7+EfFFGJm2gQpDBfnoaVh2oTnhPFpzgV2svQBt1XY8X
atb41VFgWwmkkYzQcjKVL4cVW0Qj35B9bP9b1J5fdToeCgq88wQlOZyyp9qbUEkE
XknELOAwY5O9EHQ+vA/MbALkZ9dyjmzUnIdGl340ABFP3tDo03ucD76n7ywzn16h
waotKoMtJ74uBJOSQ7XjZe/DtZeTsXd6BufVeQ5rX1m81jNMRRJAqHGfK94BKeu9
/Tubg0wvrR2RXzbuTnGRudlXXjr2wwiH9QCl7nlFqO4NFyhJwx9I9p8sifhF0nDj
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:03 2025 by rpki-client