Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/txhmcow7nJMU9X55MUCOwVkZCCY.roa
File: txhmcow7nJMU9X55MUCOwVkZCCY.roa (raw, json)
Hash identifier: SRfiL1+Bk8Lc9vdDTmtSQsV9f/oasg1oVOcsDZCWbSE=
Subject key identifier: B7:18:66:72:8C:3B:9C:93:14:F5:7E:79:31:40:8E:C1:59:19:08:26
Certificate issuer: /CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Certificate serial: 01856FF95189D88874091EDF91A9526681E0
Authority key identifier: 40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/txhmcow7nJMU9X55MUCOwVkZCCY.roa
Signing time: Mon 02 Jan 2023 00:54:48 +0000
ROA not before: Mon 02 Jan 2023 00:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207697
IP address blocks: 193.22.137.0/24 maxlen: 24
193.22.138.0/24 maxlen: 24
193.22.139.0/24 maxlen: 24
193.22.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:51:89:d8:88:74:09:1e:df:91:a9:52:66:81:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Validity
Not Before: Jan 2 00:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b71866728c3b9c9314f57e7931408ec159190826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b5:6b:8c:eb:a2:a8:98:fc:51:b0:a3:20:66:
00:42:80:4b:22:2a:82:e5:e8:ee:63:73:a6:0a:cd:
ed:df:6f:3a:63:28:dd:de:c0:1b:ba:84:7e:23:01:
97:32:89:b2:93:a6:92:cb:0a:bd:77:00:7c:81:a2:
d6:0e:e3:05:83:7d:df:68:58:4b:2e:fc:f4:e3:57:
f1:9f:9d:0d:d1:7a:a7:98:34:75:10:de:0a:e5:fd:
96:d2:f7:df:2e:48:7e:1e:e1:5d:fb:fd:26:84:d6:
27:e2:e1:f0:2c:10:a8:ad:be:f6:0c:31:f6:1b:18:
ee:8a:26:a9:c8:9a:8b:bb:68:0b:33:14:40:f0:26:
f5:9f:a7:b9:28:f3:16:da:10:b0:6d:17:59:de:d9:
09:af:11:53:88:50:5c:ed:ba:4a:4e:c2:8a:92:ae:
09:16:57:cf:2c:f8:d0:60:c7:e1:0e:26:c4:f9:65:
61:17:6a:bb:ca:fe:19:c3:9f:0c:8c:ed:93:b9:a5:
b3:a7:1e:14:48:5c:cd:93:2a:7f:f8:ae:56:00:fb:
eb:15:f4:45:f0:a3:84:b6:97:ae:5d:88:ca:2f:fc:
7b:7d:9c:93:2f:fb:af:57:9e:81:a5:88:4c:84:cc:
bb:9f:c3:58:ec:7e:ed:cd:5e:3d:6d:8a:61:c5:66:
e6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:18:66:72:8C:3B:9C:93:14:F5:7E:79:31:40:8E:C1:59:19:08:26
X509v3 Authority Key Identifier:
keyid:40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/txhmcow7nJMU9X55MUCOwVkZCCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.136.0/22
Signature Algorithm: sha256WithRSAEncryption
42:6d:73:93:b0:8b:83:4f:21:7d:7d:11:17:84:84:f7:ac:37:
dd:e0:d8:84:4e:e1:a1:98:f3:e1:0a:b1:d2:22:1f:ff:cd:5b:
6e:3a:13:25:1d:64:99:33:4c:cc:e5:73:90:7a:2b:6b:c1:c0:
d4:2c:f2:cd:3f:31:6a:d1:bb:a6:34:4c:f2:08:9c:6f:46:43:
dd:49:6d:1e:3d:b6:da:e8:4b:52:cd:59:1a:b9:f5:62:7a:9d:
af:67:eb:8b:7f:db:8b:85:d5:9d:0b:81:a1:2a:be:ea:76:b2:
bf:71:91:ea:f0:a3:f4:ea:d1:f4:a1:ef:48:96:74:67:25:60:
97:c0:47:10:a6:b7:37:7f:23:53:60:2a:05:25:f8:32:17:ab:
73:a4:15:12:3a:87:51:b5:d6:39:92:29:e0:e4:6f:bc:fc:5a:
0a:e7:01:68:df:be:78:07:be:5d:1c:0e:00:d5:59:30:67:5f:
97:93:3e:63:6f:bc:80:96:3e:6c:1a:dd:a6:4d:14:8d:7f:0c:
f4:da:be:8b:1f:63:df:3b:32:24:73:97:8b:87:29:6c:78:e8:
76:5b:5e:7e:e2:b9:e2:5e:f3:d4:be:ce:8b:6e:7b:57:4f:ff:
e0:5b:78:9d:5e:54:71:38:61:11:1e:85:d2:ee:91:68:84:c9:
46:b8:cd:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+VGJ2Ih0CR7fkalSZoHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGY5NDJlYjA3MzM1Y2EzZTdmYmQxOGYwNmMxNThkYjM3
Y2ZkNGIwHhcNMjMwMTAyMDA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzE4NjY3MjhjM2I5YzkzMTRmNTdlNzkzMTQwOGVjMTU5MTkwODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7VrjOuiqJj8UbCjIGYAQoBLIiqC
5ejuY3OmCs3t3286Yyjd3sAbuoR+IwGXMomyk6aSywq9dwB8gaLWDuMFg33faFhL
Lvz041fxn50N0XqnmDR1EN4K5f2W0vffLkh+HuFd+/0mhNYn4uHwLBCorb72DDH2
GxjuiiapyJqLu2gLMxRA8Cb1n6e5KPMW2hCwbRdZ3tkJrxFTiFBc7bpKTsKKkq4J
FlfPLPjQYMfhDibE+WVhF2q7yv4Zw58MjO2TuaWzpx4USFzNkyp/+K5WAPvrFfRF
8KOEtpeuXYjKL/x7fZyTL/uvV56BpYhMhMy7n8NY7H7tzV49bYphxWbmVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcYZnKMO5yTFPV+eTFAjsFZGQgmMB8GA1UdIwQY
MBaAFEAPlC6wczXKPn+9GPBsFY2zfP1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUt
YWNkNzJkMmM2Y2I2LzEvdHhobWNvdzduSk1VOVg1NU1VQ093VmtaQ0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUtYWNkNzJkMmM2Y2I2
LzEvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwRaIMA0G
CSqGSIb3DQEBCwUAA4IBAQBCbXOTsIuDTyF9fREXhIT3rDfd4NiETuGhmPPhCrHS
Ih//zVtuOhMlHWSZM0zM5XOQeitrwcDULPLNPzFq0bumNEzyCJxvRkPdSW0ePbba
6EtSzVkaufViep2vZ+uLf9uLhdWdC4GhKr7qdrK/cZHq8KP06tH0oe9IlnRnJWCX
wEcQprc3fyNTYCoFJfgyF6tzpBUSOodRtdY5king5G+8/FoK5wFo3754B75dHA4A
1VkwZ1+Xkz5jb7yAlj5sGt2mTRSNfwz02r6LH2PfOzIkc5eLhylseOh2W15+4rni
XvPUvs6LbntXT//gW3idXlRxOGERHoXS7pFohMlGuM39
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:14 2024 by rpki-client on console-ams.rpki-client.org