Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/QXoYuk6kE705gS_2JBmEypiBRcI.roa
File: QXoYuk6kE705gS_2JBmEypiBRcI.roa (raw, json)
Hash identifier: dhetaiPiKT3NfzJ85P4WRTWTlL+CqtqxY3zHldRu6Z0=
Subject key identifier: 41:7A:18:BA:4E:A4:13:BD:39:81:2F:F6:24:19:84:CA:98:81:45:C2
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01857246CB37D25DCFB6BCEBCF9D369C469E
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/QXoYuk6kE705gS_2JBmEypiBRcI.roa
Signing time: Mon 02 Jan 2023 11:38:40 +0000
ROA not before: Mon 02 Jan 2023 11:38:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212179
IP address blocks: 212.172.0.0/16 maxlen: 24
212.172.20.0/24 maxlen: 32
212.172.165.128/27 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:cb:37:d2:5d:cf:b6:bc:eb:cf:9d:36:9c:46:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 2 11:38:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=417a18ba4ea413bd39812ff6241984ca988145c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a6:0e:96:fa:8d:6f:81:ea:be:76:cf:9e:1b:
1a:20:9c:d2:d5:3b:7d:93:3d:1b:73:15:71:14:c3:
62:95:15:7e:8f:27:2a:57:58:33:41:87:6d:ac:0d:
06:46:5a:db:09:3c:f3:c8:7d:e6:8e:ad:cd:9a:8b:
48:98:fc:b1:3c:a2:4c:a6:c0:e1:71:f1:15:51:83:
fe:09:78:97:3e:bc:b9:1d:84:15:76:05:81:c8:43:
6a:6f:88:32:a5:2f:57:19:5b:07:a4:f2:12:48:d6:
b5:75:54:8c:04:f8:02:cf:00:14:71:ea:ef:44:f5:
d3:5f:e7:58:41:86:a0:1e:8e:b3:6a:a9:83:e4:7d:
aa:f5:9c:23:5c:3f:a4:4f:97:ec:e8:0b:be:e6:e0:
eb:e0:ea:86:6c:f9:73:d1:77:5f:d4:b0:a4:bc:83:
7c:09:52:6c:ae:10:85:52:36:e2:e6:a4:58:fe:39:
fe:37:9d:c0:2a:0d:bf:62:c0:41:97:b4:84:07:c1:
c9:71:c7:cc:9a:19:10:a5:28:29:4d:5a:83:82:e9:
89:31:46:44:b1:36:e9:a0:ba:09:e3:60:96:eb:c9:
75:62:be:57:85:21:ac:a6:ae:e9:28:f3:0c:2d:73:
d4:5d:98:4b:79:a3:16:1b:4a:a9:17:40:a7:13:b0:
6c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7A:18:BA:4E:A4:13:BD:39:81:2F:F6:24:19:84:CA:98:81:45:C2
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/QXoYuk6kE705gS_2JBmEypiBRcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.172.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:7b:90:cb:77:78:b9:36:cf:b1:f5:0f:ef:a1:76:33:10:f5:
09:8d:fe:4c:7a:95:b0:2f:74:8f:ad:df:45:de:76:3f:58:73:
55:a7:62:4e:c9:5e:91:27:d3:24:1f:75:ac:4b:5c:ef:f8:3b:
f2:17:f6:06:e5:9b:ba:61:bf:3e:c5:ee:f4:81:a8:2e:5e:94:
1a:d5:e5:7b:24:4f:25:d5:ee:01:0d:30:09:d6:09:82:e8:c2:
51:a3:9c:9e:fd:f7:f5:06:0c:09:3e:00:dc:ad:f2:5d:08:e4:
08:87:18:44:9d:d7:2b:12:8e:85:4b:cb:62:30:39:32:55:31:
da:17:c3:69:87:22:6e:2a:78:8e:32:ac:2e:03:29:08:85:f3:
29:45:58:56:3f:dc:5f:fb:1e:91:1d:25:16:0f:fc:f9:8e:4f:
5c:9b:53:7b:ad:5b:f1:ff:8d:ce:6e:ad:12:98:fe:63:31:b6:
aa:a1:2a:15:cf:34:b9:53:f7:67:e6:13:ec:46:2a:b1:e0:93:
98:b8:1c:70:05:d0:2a:62:6d:b3:b2:99:30:dd:6f:fd:e0:72:
b1:be:6c:06:84:41:7e:b4:68:82:db:c0:c5:43:79:92:49:0d:
a4:ff:fd:4e:ff:91:74:dc:4a:f1:5d:8f:13:53:84:3c:ee:ec:
98:86:18:1f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVyRss30l3Ptrzrz502nEaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTdhMThiYTRlYTQxM2JkMzk4MTJmZjYyNDE5ODRjYTk4ODE0NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KYOlvqNb4HqvnbPnhsaIJzS1Tt9
kz0bcxVxFMNilRV+jycqV1gzQYdtrA0GRlrbCTzzyH3mjq3NmotImPyxPKJMpsDh
cfEVUYP+CXiXPry5HYQVdgWByENqb4gypS9XGVsHpPISSNa1dVSMBPgCzwAUcerv
RPXTX+dYQYagHo6zaqmD5H2q9ZwjXD+kT5fs6Au+5uDr4OqGbPlz0Xdf1LCkvIN8
CVJsrhCFUjbi5qRY/jn+N53AKg2/YsBBl7SEB8HJccfMmhkQpSgpTVqDgumJMUZE
sTbpoLoJ42CW68l1Yr5XhSGspq7pKPMMLXPUXZhLeaMWG0qpF0CnE7BsgwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEF6GLpOpBO9OYEv9iQZhMqYgUXCMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvUVhvWXVrNmtFNzA1Z1NfMkpCbUV5cGlCUmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA1KwwDQYJ
KoZIhvcNAQELBQADggEBABt7kMt3eLk2z7H1D++hdjMQ9QmN/kx6lbAvdI+t30Xe
dj9Yc1WnYk7JXpEn0yQfdaxLXO/4O/IX9gblm7phvz7F7vSBqC5elBrV5XskTyXV
7gENMAnWCYLowlGjnJ799/UGDAk+ANyt8l0I5AiHGESd1ysSjoVLy2IwOTJVMdoX
w2mHIm4qeI4yrC4DKQiF8ylFWFY/3F/7HpEdJRYP/PmOT1ybU3utW/H/jc5urRKY
/mMxtqqhKhXPNLlT92fmE+xGKrHgk5i4HHAF0CpibbOymTDdb/3gcrG+bAaEQX60
aILbwMVDeZJJDaT//U7/kXTcSvFdjxNThDzu7JiGGB8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:41 2024 by rpki-client on console-fra.rpki-client.org