Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/QpNZ1940lx8TyAD3IOUYKflI4BA.roa
File: QpNZ1940lx8TyAD3IOUYKflI4BA.roa (raw, json)
Hash identifier: zcnBPGpt4Za9YiNr0Xwe7st0HQXFNa8GM6C02eDGqn4=
Subject key identifier: 42:93:59:D7:DE:34:97:1F:13:C8:00:F7:20:E5:18:29:F9:48:E0:10
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0187BDBBE9901E5F396AF258914CD49FEBEC
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/QpNZ1940lx8TyAD3IOUYKflI4BA.roa
Signing time: Wed 26 Apr 2023 13:23:41 +0000
ROA not before: Wed 26 Apr 2023 13:23:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 2.58.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:bb:e9:90:1e:5f:39:6a:f2:58:91:4c:d4:9f:eb:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Apr 26 13:23:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=429359d7de34971f13c800f720e51829f948e010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:83:26:ed:35:48:d3:a1:91:73:79:c0:fa:ff:
55:bc:cf:a6:1c:11:2d:5e:66:a8:0c:3f:74:82:4f:
5e:50:06:6e:a6:ed:3f:d1:70:f4:2d:40:24:d2:84:
fa:c3:da:65:65:01:10:73:c8:32:48:23:0e:ef:9f:
2f:32:23:c8:c8:1f:41:da:49:9f:f1:fd:e0:77:0b:
04:9c:76:19:07:87:e4:62:5a:15:80:51:2b:af:0b:
df:70:18:2b:91:1e:d9:c8:77:0c:5b:ec:56:d8:98:
bb:8d:5b:e5:82:01:55:c0:f8:cd:7a:bd:f2:46:54:
4e:48:5f:d2:23:e8:b8:d6:b3:75:f8:7c:c2:c4:6b:
01:ad:88:a6:03:94:01:2b:d4:66:08:e2:d7:01:62:
f6:1c:9e:54:5d:33:d1:ba:ff:58:15:bc:f9:20:04:
78:58:e0:e2:12:7e:c6:b5:de:4d:cb:4b:e8:63:68:
5b:12:fd:90:b1:65:cb:08:b1:77:ce:4d:eb:2e:0c:
7c:13:f0:72:22:fa:66:03:29:47:57:e6:3a:7b:fa:
cc:55:58:65:44:04:84:52:8d:9f:a1:e5:fa:e8:1b:
c3:f3:95:3b:86:f9:a0:04:07:bd:f3:83:fc:bd:a9:
5d:1b:9b:cc:dd:25:62:ff:43:d1:b7:09:a9:ed:e6:
8c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:93:59:D7:DE:34:97:1F:13:C8:00:F7:20:E5:18:29:F9:48:E0:10
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/QpNZ1940lx8TyAD3IOUYKflI4BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.54.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:1f:44:7a:1b:8b:84:a9:3e:45:4b:83:64:dd:39:26:b0:a3:
b0:c8:e3:58:e2:ba:48:5c:ca:23:e9:11:14:16:5a:54:00:58:
3a:68:e4:87:5a:c4:56:d4:17:a9:66:35:72:a7:a7:d8:34:12:
3a:63:6a:c1:d1:a8:69:92:65:ae:8b:46:24:15:e3:ab:b4:f8:
9c:31:32:17:d9:e9:e5:01:01:2d:10:55:1d:dd:26:32:c9:96:
08:1c:11:e6:d3:9f:a4:72:09:f8:9d:66:f7:b1:9e:38:f6:58:
5b:7e:be:9c:0c:53:47:ec:18:4f:3e:2c:82:51:8f:2c:c1:04:
0d:5e:50:ea:21:db:df:c3:d8:a6:b2:a5:c7:19:8d:92:f3:1e:
45:15:d1:43:52:32:12:05:54:a1:39:1d:c7:ee:4d:ae:6c:6e:
4c:1b:cc:05:92:ed:ae:79:88:fa:81:41:f0:2a:29:4b:14:1c:
67:19:13:6b:24:cb:33:7a:e7:8f:42:48:e7:fc:80:bb:25:d6:
1d:01:2f:56:3d:f3:0b:f6:71:0a:08:cc:60:9e:09:9a:54:81:
2d:cf:f3:58:7a:80:75:e9:f1:da:2e:a1:0d:5d:36:e7:3f:eb:
cf:a9:99:3c:30:ff:eb:71:44:d5:9f:9c:5e:37:63:21:ec:07:
8c:e7:19:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe9u+mQHl85avJYkUzUn+vsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwNDI2MTMyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjkzNTlkN2RlMzQ5NzFmMTNjODAwZjcyMGU1MTgyOWY5NDhlMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooMm7TVI06GRc3nA+v9VvM+mHBEt
XmaoDD90gk9eUAZupu0/0XD0LUAk0oT6w9plZQEQc8gySCMO758vMiPIyB9B2kmf
8f3gdwsEnHYZB4fkYloVgFErrwvfcBgrkR7ZyHcMW+xW2Ji7jVvlggFVwPjNer3y
RlROSF/SI+i41rN1+HzCxGsBrYimA5QBK9RmCOLXAWL2HJ5UXTPRuv9YFbz5IAR4
WODiEn7Gtd5Ny0voY2hbEv2QsWXLCLF3zk3rLgx8E/ByIvpmAylHV+Y6e/rMVVhl
RASEUo2foeX66BvD85U7hvmgBAe984P8valdG5vM3SVi/0PRtwmp7eaM1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKTWdfeNJcfE8gA9yDlGCn5SOAQMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvUXBOWjE5NDBseDhUeUFEM0lPVVlLZmxJNEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjo2MA0G
CSqGSIb3DQEBCwUAA4IBAQBuH0R6G4uEqT5FS4Nk3TkmsKOwyONY4rpIXMoj6REU
FlpUAFg6aOSHWsRW1BepZjVyp6fYNBI6Y2rB0ahpkmWui0YkFeOrtPicMTIX2enl
AQEtEFUd3SYyyZYIHBHm05+kcgn4nWb3sZ449lhbfr6cDFNH7BhPPiyCUY8swQQN
XlDqIdvfw9imsqXHGY2S8x5FFdFDUjISBVShOR3H7k2ubG5MG8wFku2ueYj6gUHw
KilLFBxnGRNrJMszeuePQkjn/IC7JdYdAS9WPfML9nEKCMxgngmaVIEtz/NYeoB1
6fHaLqENXTbnP+vPqZk8MP/rcUTVn5xeN2Mh7AeM5xl8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org