Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/QKr3xhr59lzbG9YtDfSuQ53RqTg.roa
File: QKr3xhr59lzbG9YtDfSuQ53RqTg.roa (raw, json)
Hash identifier: w2uA/6mJz9hEYBmIeH3+oYamzQLR9yXhi4mskXCLYHA=
Subject key identifier: 40:AA:F7:C6:1A:F9:F6:5C:DB:1B:D6:2D:0D:F4:AE:43:9D:D1:A9:38
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01859F8F2F6A1DC168D60176E2937C9D5418
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/QKr3xhr59lzbG9YtDfSuQ53RqTg.roa
Signing time: Wed 11 Jan 2023 06:40:39 +0000
ROA not before: Wed 11 Jan 2023 06:40:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 5.249.188.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9f:8f:2f:6a:1d:c1:68:d6:01:76:e2:93:7c:9d:54:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 11 06:40:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40aaf7c61af9f65cdb1bd62d0df4ae439dd1a938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:47:f3:1a:f8:60:5c:40:f6:ef:bb:1e:4e:f1:
37:64:b0:b2:8b:28:78:f3:23:c8:3b:8f:e1:08:7f:
59:29:07:f8:50:4e:c6:92:56:52:b4:0e:35:17:55:
01:a2:b7:d2:6a:18:57:d8:62:19:42:37:30:7f:52:
dd:a0:be:91:42:a7:f3:07:74:d1:00:0c:71:44:72:
47:ee:ad:d3:93:a7:7f:6d:04:ff:a0:fd:a8:4e:a3:
30:d6:01:f6:95:3a:0f:62:d9:a3:16:1b:21:dd:35:
58:5d:ba:66:b6:bb:28:c1:13:30:9d:65:4d:8b:34:
38:52:4d:cd:52:ef:b1:01:bf:9e:8e:e8:fd:73:e0:
8b:f9:fb:54:8e:00:51:d1:b4:fa:b8:1c:e0:c0:81:
c4:9b:85:99:ab:9a:ef:db:13:46:3d:4d:59:03:b4:
43:68:e8:87:40:04:7b:3f:5e:94:50:a3:f6:0b:8e:
ac:bc:e7:cc:8f:ca:e5:c3:5a:61:dd:ec:d3:16:70:
32:4e:3a:cd:ec:06:ce:68:ac:c1:f5:42:5e:ee:57:
21:4a:a9:12:51:b7:8d:1d:66:27:ba:c8:e8:e0:69:
6f:96:48:bd:03:70:b6:6b:8d:16:87:20:22:53:2d:
ab:ae:96:db:92:7d:58:11:bf:fa:00:50:9e:a0:db:
53:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AA:F7:C6:1A:F9:F6:5C:DB:1B:D6:2D:0D:F4:AE:43:9D:D1:A9:38
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/QKr3xhr59lzbG9YtDfSuQ53RqTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.188.0/22
Signature Algorithm: sha256WithRSAEncryption
37:e9:91:30:46:4b:57:af:9a:24:20:02:dc:d7:bc:eb:4c:5b:
d1:36:6e:23:91:70:67:cc:86:f6:0c:59:7e:74:5a:6d:5e:20:
ff:17:12:41:2a:35:67:ae:94:85:7c:78:7c:e8:a4:1d:cb:6b:
be:3a:98:e4:7c:12:fb:55:95:b0:ef:6b:84:77:76:a6:8a:8e:
9e:17:54:da:93:2b:b4:84:fb:32:00:85:44:64:2f:b9:b7:c7:
4e:db:a3:e2:43:e8:81:45:08:98:63:64:94:0b:45:f9:b2:0a:
84:c3:db:09:81:d1:d6:96:de:ef:75:ca:1d:34:5f:b5:0b:27:
a7:65:ef:2d:4c:cb:46:03:9f:cb:9f:54:e8:b4:4c:be:b0:eb:
5d:6c:93:76:4d:6a:42:e2:a4:3e:47:0f:e2:42:1b:4e:dd:6c:
54:80:13:57:68:9f:2b:2e:3e:35:cd:bf:7f:6d:ca:0d:32:ca:
44:d8:87:db:07:d5:ec:51:06:6b:4b:c0:b0:54:ad:60:63:b0:
40:a4:14:e7:01:82:c1:d0:91:60:e8:67:40:21:59:3e:4b:96:
6a:6d:40:b5:7f:57:eb:65:da:88:ed:9d:78:48:ec:a8:ea:28:
29:27:b3:ce:77:d7:57:a9:76:cb:cc:88:58:eb:dd:36:8b:34:
e3:2d:fa:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWfjy9qHcFo1gF24pN8nVQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTExMDY0MDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGFhZjdjNjFhZjlmNjVjZGIxYmQ2MmQwZGY0YWU0MzlkZDFhOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEfzGvhgXED277seTvE3ZLCyiyh4
8yPIO4/hCH9ZKQf4UE7GklZStA41F1UBorfSahhX2GIZQjcwf1LdoL6RQqfzB3TR
AAxxRHJH7q3Tk6d/bQT/oP2oTqMw1gH2lToPYtmjFhsh3TVYXbpmtrsowRMwnWVN
izQ4Uk3NUu+xAb+ejuj9c+CL+ftUjgBR0bT6uBzgwIHEm4WZq5rv2xNGPU1ZA7RD
aOiHQAR7P16UUKP2C46svOfMj8rlw1ph3ezTFnAyTjrN7AbOaKzB9UJe7lchSqkS
UbeNHWYnusjo4Glvlki9A3C2a40WhyAiUy2rrpbbkn1YEb/6AFCeoNtTHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECq98Ya+fZc2xvWLQ30rkOd0ak4MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvUUtyM3hocjU5bHpiRzlZdERmU3VRNTNScVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfm8MA0G
CSqGSIb3DQEBCwUAA4IBAQA36ZEwRktXr5okIALc17zrTFvRNm4jkXBnzIb2DFl+
dFptXiD/FxJBKjVnrpSFfHh86KQdy2u+OpjkfBL7VZWw72uEd3amio6eF1Takyu0
hPsyAIVEZC+5t8dO26PiQ+iBRQiYY2SUC0X5sgqEw9sJgdHWlt7vdcodNF+1Cyen
Ze8tTMtGA5/Ln1TotEy+sOtdbJN2TWpC4qQ+Rw/iQhtO3WxUgBNXaJ8rLj41zb9/
bcoNMspE2IfbB9XsUQZrS8CwVK1gY7BApBTnAYLB0JFg6GdAIVk+S5ZqbUC1f1fr
ZdqI7Z14SOyo6igpJ7POd9dXqXbLzIhY6902izTjLfp9
-----END CERTIFICATE-----
Generated at Thu Aug 17 12:42:56 2023 by rpki-client on console-fra.rpki-client.org