Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/QJnD5lEtmPKanJdm57gf3t-5Bxw.roa
File: QJnD5lEtmPKanJdm57gf3t-5Bxw.roa (raw, json)
Hash identifier: 2eOXKoklCONd0V64A3SCPpS7fa6NYJQXJnOpNg8LMOI=
Subject key identifier: 40:99:C3:E6:51:2D:98:F2:9A:9C:97:66:E7:B8:1F:DE:DF:B9:07:1C
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 01856F42A8E237EFB11113E046A0A9B1E2A9
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/QJnD5lEtmPKanJdm57gf3t-5Bxw.roa
Signing time: Sun 01 Jan 2023 21:35:17 +0000
ROA not before: Sun 01 Jan 2023 21:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44592
IP address blocks: 2.58.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a8:e2:37:ef:b1:11:13:e0:46:a0:a9:b1:e2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Jan 1 21:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4099c3e6512d98f29a9c9766e7b81fdedfb9071c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:37:2c:f3:49:39:ce:3e:2a:fa:60:82:08:4b:
c7:a5:15:27:f8:6e:1b:1e:6f:17:69:c3:a8:14:29:
13:6a:65:cb:94:1e:51:f9:16:a0:5d:c6:c4:fc:21:
33:5a:21:61:5c:e3:0d:96:d3:de:84:80:4b:02:c6:
b6:fc:05:4b:d9:9f:07:12:0e:c9:03:12:40:ca:57:
53:f2:56:e0:f6:3c:75:f3:8f:0b:47:be:35:b1:c5:
36:d5:85:61:f4:c2:7a:ef:72:cc:1f:d0:97:0d:7b:
9a:98:3f:e0:78:52:65:36:7a:ba:68:5f:71:2d:72:
7f:07:8f:62:3d:1c:eb:ba:ef:f4:73:6b:03:f2:15:
40:36:18:b5:24:75:94:88:f5:55:7e:8e:a2:1c:99:
89:46:2a:62:24:19:a8:85:80:8a:0d:fd:12:d8:41:
8b:37:6e:a0:3c:44:e1:67:1b:52:e4:d3:dc:32:a5:
23:9b:3b:60:dc:14:ad:85:33:27:ff:b4:c8:a8:49:
7d:4e:5c:0b:6d:1e:b2:47:3a:0c:6f:b3:01:88:2e:
0c:59:38:77:f2:9e:7d:4c:53:9b:92:3f:a1:8b:e4:
97:08:87:e1:a6:71:a9:64:82:71:b5:67:47:a1:c6:
dd:5e:55:db:af:7d:39:e6:10:e0:64:4f:c8:4d:c8:
43:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:99:C3:E6:51:2D:98:F2:9A:9C:97:66:E7:B8:1F:DE:DF:B9:07:1C
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/QJnD5lEtmPKanJdm57gf3t-5Bxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.113.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:88:18:76:b2:a2:11:7f:4d:df:a9:3d:38:c2:ad:19:7b:6c:
fc:88:b3:46:76:e1:01:b7:50:13:5c:24:bc:51:07:3b:74:e9:
0e:96:4c:fc:35:6d:a9:53:65:23:27:8e:63:59:67:98:43:a9:
df:c1:17:88:ae:34:ab:45:4b:ff:3b:24:57:77:be:41:91:ab:
7d:39:01:b1:d0:b0:90:2d:6d:a8:71:c5:85:1f:ef:49:62:af:
d5:23:3b:ed:d8:5e:b2:f5:66:6c:03:04:28:c4:71:32:ae:fa:
48:cb:68:76:61:13:60:88:e4:04:34:f6:be:2d:11:f1:e8:07:
8e:2e:cd:06:f0:69:8f:ec:e2:be:e3:d4:e9:79:25:a6:5f:3e:
4e:6e:15:c5:66:f0:f4:52:08:d0:a2:88:0b:7d:9c:4e:d0:44:
35:d8:e4:a7:e9:65:5c:4c:c9:ac:ed:04:d3:eb:c6:cb:03:79:
7f:7c:5b:6e:fa:12:20:ac:c3:48:c2:db:6e:57:5f:1e:68:dd:
ad:6b:9f:ab:14:5e:45:ea:59:d6:a6:b2:c0:54:de:b0:b9:8b:
28:70:05:df:00:44:35:b9:e4:83:38:36:ec:49:15:d0:34:29:
5b:3a:6b:0a:15:1a:31:1a:3d:c8:c0:52:aa:92:b2:1d:be:56:
56:2b:18:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqjiN++xERPgRqCpseKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDk5YzNlNjUxMmQ5OGYyOWE5Yzk3NjZlN2I4MWZkZWRmYjkwNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTcs80k5zj4q+mCCCEvHpRUn+G4b
Hm8XacOoFCkTamXLlB5R+RagXcbE/CEzWiFhXOMNltPehIBLAsa2/AVL2Z8HEg7J
AxJAyldT8lbg9jx1848LR741scU21YVh9MJ673LMH9CXDXuamD/geFJlNnq6aF9x
LXJ/B49iPRzruu/0c2sD8hVANhi1JHWUiPVVfo6iHJmJRipiJBmohYCKDf0S2EGL
N26gPEThZxtS5NPcMqUjmztg3BSthTMn/7TIqEl9TlwLbR6yRzoMb7MBiC4MWTh3
8p59TFObkj+hi+SXCIfhpnGpZIJxtWdHocbdXlXbr3055hDgZE/ITchD6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECZw+ZRLZjympyXZue4H97fuQccMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvUUpuRDVsRXRtUEthbkpkbTU3Z2YzdC01Qnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpxMA0G
CSqGSIb3DQEBCwUAA4IBAQBtiBh2sqIRf03fqT04wq0Ze2z8iLNGduEBt1ATXCS8
UQc7dOkOlkz8NW2pU2UjJ45jWWeYQ6nfwReIrjSrRUv/OyRXd75Bkat9OQGx0LCQ
LW2occWFH+9JYq/VIzvt2F6y9WZsAwQoxHEyrvpIy2h2YRNgiOQENPa+LRHx6AeO
Ls0G8GmP7OK+49TpeSWmXz5ObhXFZvD0UgjQoogLfZxO0EQ12OSn6WVcTMms7QTT
68bLA3l/fFtu+hIgrMNIwttuV18eaN2ta5+rFF5F6lnWprLAVN6wuYsocAXfAEQ1
ueSDODbsSRXQNClbOmsKFRoxGj3IwFKqkrIdvlZWKxge
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:03 2024 by rpki-client on console-ams.rpki-client.org