Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/QtHDHVYIqQbxiiPWIttW8ixINu0.roa
File: QtHDHVYIqQbxiiPWIttW8ixINu0.roa (raw, json)
Hash identifier: LdXl73LDIUbPFXQUaWtYMwg3z3SvDcTZwRJRzFLYE9w=
Subject key identifier: 42:D1:C3:1D:56:08:A9:06:F1:8A:23:D6:22:DB:56:F2:2C:48:36:ED
Certificate issuer: /CN=ffe70693454bc33485dec69d219d0502654ac04a
Certificate serial: 01856FD4F8D8446EDC8245E3DC53EA5E3C6E
Authority key identifier: FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/QtHDHVYIqQbxiiPWIttW8ixINu0.roa
Signing time: Mon 02 Jan 2023 00:15:06 +0000
ROA not before: Mon 02 Jan 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57099
IP address blocks: 5.181.57.0/24 maxlen: 24
5.181.58.0/23 maxlen: 23
5.181.58.0/24 maxlen: 24
5.181.56.0/24 maxlen: 24
5.181.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 10:27:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f8:d8:44:6e:dc:82:45:e3:dc:53:ea:5e:3c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffe70693454bc33485dec69d219d0502654ac04a
Validity
Not Before: Jan 2 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42d1c31d5608a906f18a23d622db56f22c4836ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5e:7b:aa:3c:52:f0:c5:d4:e0:09:2b:82:3c:
30:ce:ad:75:8a:ea:d9:19:fd:3d:15:37:35:4e:27:
9f:dc:32:5f:b7:8a:5e:43:7f:c2:ab:cf:20:92:fc:
ed:eb:cb:fa:90:8f:6a:6c:3d:29:37:39:16:f1:71:
a5:d5:9f:7f:f2:ca:6f:fe:38:d8:34:df:06:57:08:
b8:e5:c1:18:cd:74:80:10:a7:fc:bd:18:09:4f:f4:
07:f8:3b:05:69:25:59:57:49:f4:8a:74:0c:af:88:
c9:9d:c8:e2:20:09:94:ea:6e:f3:5c:72:7d:36:13:
4d:76:ac:6a:f9:6e:0a:b2:70:a4:c7:9f:10:dc:99:
12:b5:30:72:a1:77:36:c4:f2:d6:41:41:cc:b0:49:
21:83:b6:cb:65:a9:49:9b:0a:d6:eb:d8:b5:1a:a5:
1e:0f:9e:dd:82:77:dd:79:c6:c5:60:c0:82:6c:5d:
4a:8f:e4:47:00:ac:cd:32:e6:81:0a:3e:8b:03:a3:
07:83:50:95:69:4b:62:89:a9:72:42:20:7d:0e:96:
fd:48:a2:e0:ea:9f:e3:36:b6:5a:56:c4:b2:5c:f5:
63:68:d3:7c:ae:db:bb:7c:99:1a:ab:18:6f:9f:4f:
eb:86:62:4c:d7:87:24:a4:32:64:55:50:24:ae:2a:
a8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D1:C3:1D:56:08:A9:06:F1:8A:23:D6:22:DB:56:F2:2C:48:36:ED
X509v3 Authority Key Identifier:
keyid:FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/QtHDHVYIqQbxiiPWIttW8ixINu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.56.0/22
Signature Algorithm: sha256WithRSAEncryption
88:5a:6e:9a:85:a6:4a:d0:f7:5a:a7:46:df:bb:ae:56:2e:b6:
27:64:83:e2:5f:31:16:21:57:27:92:d9:70:55:de:f2:a0:f0:
8a:9e:56:52:08:c0:c4:fa:3b:31:07:aa:a1:56:8e:bc:3f:3c:
71:d8:e9:0b:1a:b2:36:e8:56:a5:ce:6e:c3:27:58:27:20:2c:
4e:d0:33:22:e3:98:37:d3:4b:a2:49:2c:2c:cf:e8:75:75:f1:
8e:87:33:3a:9b:20:c7:e4:87:2b:b1:88:90:53:11:9a:74:72:
08:29:10:cc:28:eb:55:73:b9:a4:8f:e0:0e:1b:c3:82:8f:cc:
b6:b7:a8:40:ad:c6:d1:26:f2:d5:6e:f8:06:b1:aa:7a:51:5a:
c2:cd:30:60:72:90:ed:93:65:5d:54:2f:f0:46:b3:8e:93:06:
0d:96:de:5e:8c:e8:13:6a:e8:94:81:22:d6:6a:d0:23:30:72:
78:76:66:09:50:23:08:b6:c9:f0:73:a9:ab:08:ab:e0:fc:c0:
8e:97:3c:f1:1f:13:a5:d7:80:9c:34:c3:76:5c:39:6c:85:0c:
2f:b1:5c:9d:d3:27:c4:77:a1:bb:9b:11:0c:c4:81:0e:7d:bb:
38:8d:86:8f:e1:fd:18:6b:ee:42:97:d5:08:ac:88:9f:11:2e:
dd:4e:c8:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1PjYRG7cgkXj3FPqXjxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZTcwNjkzNDU0YmMzMzQ4NWRlYzY5ZDIxOWQwNTAyNjU0
YWMwNGEwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQxYzMxZDU2MDhhOTA2ZjE4YTIzZDYyMmRiNTZmMjJjNDgzNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjF57qjxS8MXU4Akrgjwwzq11iurZ
Gf09FTc1Tief3DJft4peQ3/Cq88gkvzt68v6kI9qbD0pNzkW8XGl1Z9/8spv/jjY
NN8GVwi45cEYzXSAEKf8vRgJT/QH+DsFaSVZV0n0inQMr4jJncjiIAmU6m7zXHJ9
NhNNdqxq+W4KsnCkx58Q3JkStTByoXc2xPLWQUHMsEkhg7bLZalJmwrW69i1GqUe
D57dgnfdecbFYMCCbF1Kj+RHAKzNMuaBCj6LA6MHg1CVaUtiialyQiB9Dpb9SKLg
6p/jNrZaVsSyXPVjaNN8rtu7fJkaqxhvn0/rhmJM14ckpDJkVVAkriqocwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELRwx1WCKkG8Yoj1iLbVvIsSDbtMB8GA1UdIwQY
MBaAFP/nBpNFS8M0hd7GnSGdBQJlSsBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUt
MzUwMjY1OGFlNmY1LzEvUXRIREhWWUlxUWJ4aWlQV0l0dFc4aXhJTnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUtMzUwMjY1OGFlNmY1
LzEvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbU4MA0G
CSqGSIb3DQEBCwUAA4IBAQCIWm6ahaZK0Pdap0bfu65WLrYnZIPiXzEWIVcnktlw
Vd7yoPCKnlZSCMDE+jsxB6qhVo68Pzxx2OkLGrI26Falzm7DJ1gnICxO0DMi45g3
00uiSSwsz+h1dfGOhzM6myDH5IcrsYiQUxGadHIIKRDMKOtVc7mkj+AOG8OCj8y2
t6hArcbRJvLVbvgGsap6UVrCzTBgcpDtk2VdVC/wRrOOkwYNlt5ejOgTauiUgSLW
atAjMHJ4dmYJUCMItsnwc6mrCKvg/MCOlzzxHxOl14CcNMN2XDlshQwvsVyd0yfE
d6G7mxEMxIEOfbs4jYaP4f0Ya+5Cl9UIrIifES7dTsih
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:54 2024 by rpki-client on console-fra.rpki-client.org