Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/QSu-qw2lGDL6POX9a6co9hWwXis.roa
File: QSu-qw2lGDL6POX9a6co9hWwXis.roa (raw, json)
Hash identifier: Gy3//uw3UO3Np4+eDKT1Jcx7LIKifHBw8nQAZmGes6I=
Subject key identifier: 41:2B:BE:AB:0D:A5:18:32:FA:3C:E5:FD:6B:A7:28:F6:15:B0:5E:2B
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 01856D81992F2EEF57E2DC0FD356EEF50D84
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/QSu-qw2lGDL6POX9a6co9hWwXis.roa
Signing time: Sun 01 Jan 2023 13:24:47 +0000
ROA not before: Sun 01 Jan 2023 13:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 62.240.232.0/24 maxlen: 24
2001:a70:100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:99:2f:2e:ef:57:e2:dc:0f:d3:56:ee:f5:0d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Jan 1 13:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=412bbeab0da51832fa3ce5fd6ba728f615b05e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:08:f2:b3:61:8a:64:99:3c:fe:1c:76:8f:77:
2c:46:da:e7:29:1e:d5:32:5c:86:f5:28:a3:f2:cc:
03:1a:ab:06:3c:07:47:5b:ff:bd:26:f6:a2:2f:fe:
ae:e3:05:ad:a4:e2:fe:d3:6b:2c:ad:08:fd:3d:f0:
2c:a8:bf:04:a2:8c:1a:a0:22:4a:a1:fc:89:19:e9:
0f:76:68:a7:a1:65:97:6f:af:ee:b0:b3:c9:fa:a9:
5d:3e:37:b5:12:d5:38:0a:df:4b:5a:53:57:b0:64:
5d:79:0f:cf:29:a9:13:99:9c:b9:64:4f:67:50:c2:
3b:9e:59:2e:9e:20:46:6e:ae:00:73:75:5e:90:6c:
bf:31:ee:83:6e:8f:e6:e5:f5:91:f3:bb:01:15:1c:
b0:e7:53:6a:35:f1:9a:6c:58:99:06:41:be:a4:72:
37:8c:fe:76:d6:6e:61:f0:7f:be:f0:34:21:dd:fe:
4a:b0:a8:99:c5:ba:3a:bf:bc:27:39:54:57:c9:bf:
9e:52:27:91:80:19:94:f1:ef:ec:2c:7b:2d:e2:8a:
ee:19:62:bd:7f:ba:71:bc:10:14:a6:22:c9:f5:45:
22:a7:1e:a5:31:f5:48:f5:4f:94:bd:4e:0b:a8:fb:
8c:49:18:82:8a:cd:71:a5:d3:5c:ec:53:2e:34:df:
69:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2B:BE:AB:0D:A5:18:32:FA:3C:E5:FD:6B:A7:28:F6:15:B0:5E:2B
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/QSu-qw2lGDL6POX9a6co9hWwXis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.232.0/24
IPv6:
2001:a70:100::/48
Signature Algorithm: sha256WithRSAEncryption
3e:e4:17:e1:4b:3f:83:06:b2:e0:53:c0:64:9a:75:c7:79:41:
8f:42:d6:6c:01:00:b0:15:7e:6c:42:4d:e5:31:63:0d:50:1c:
76:9c:4b:a9:8c:71:7a:f7:96:f5:df:20:d6:90:62:11:b0:dd:
a8:89:24:e1:4d:07:15:83:08:be:3a:33:83:c1:c5:da:bf:f8:
d0:e7:ec:45:e8:11:88:ad:fe:ea:c5:0e:88:8d:d9:a3:95:45:
3d:64:36:1a:a0:e6:d9:90:f8:f6:bc:a2:05:78:7a:61:c6:d6:
1b:30:f4:04:fa:f9:5f:8d:8b:5b:9f:99:5d:70:83:3b:43:55:
e5:ce:d3:60:44:3d:48:21:c1:a6:2e:69:87:8a:4a:38:de:a1:
e7:b5:60:38:0a:35:0e:c0:42:eb:25:38:f4:5c:c0:38:93:b5:
1e:53:78:c8:02:af:0d:4c:7a:a3:b6:a6:0f:a7:b3:01:ad:c9:
3a:4a:d4:1e:a6:08:25:53:97:65:82:6a:3f:2e:f8:2d:69:26:
71:6b:18:45:08:1d:e7:a3:cf:1b:d7:8e:78:c6:07:7c:6e:a3:
50:e9:93:cf:ba:9c:71:45:41:91:67:f2:fb:ea:bc:4f:1e:5f:
75:11:65:33:c2:88:ea:3c:69:82:42:35:ba:46:31:bf:8d:5a:
da:f4:3b:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtgZkvLu9X4twP01bu9Q2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjMwMTAxMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTJiYmVhYjBkYTUxODMyZmEzY2U1ZmQ2YmE3MjhmNjE1YjA1ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAjys2GKZJk8/hx2j3csRtrnKR7V
MlyG9Sij8swDGqsGPAdHW/+9JvaiL/6u4wWtpOL+02ssrQj9PfAsqL8EoowaoCJK
ofyJGekPdminoWWXb6/usLPJ+qldPje1EtU4Ct9LWlNXsGRdeQ/PKakTmZy5ZE9n
UMI7nlkuniBGbq4Ac3VekGy/Me6Dbo/m5fWR87sBFRyw51NqNfGabFiZBkG+pHI3
jP521m5h8H++8DQh3f5KsKiZxbo6v7wnOVRXyb+eUieRgBmU8e/sLHst4oruGWK9
f7pxvBAUpiLJ9UUipx6lMfVI9U+UvU4LqPuMSRiCis1xpdNc7FMuNN9pUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEErvqsNpRgy+jzl/WunKPYVsF4rMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvUVN1LXF3MmxHREw2UE9YOWE2Y285aFd3WGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAPvDoMA8E
AgACMAkDBwAgAQpwAQAwDQYJKoZIhvcNAQELBQADggEBAD7kF+FLP4MGsuBTwGSa
dcd5QY9C1mwBALAVfmxCTeUxYw1QHHacS6mMcXr3lvXfINaQYhGw3aiJJOFNBxWD
CL46M4PBxdq/+NDn7EXoEYit/urFDoiN2aOVRT1kNhqg5tmQ+Pa8ogV4emHG1hsw
9AT6+V+Ni1ufmV1wgztDVeXO02BEPUghwaYuaYeKSjjeoee1YDgKNQ7AQuslOPRc
wDiTtR5TeMgCrw1MeqO2pg+nswGtyTpK1B6mCCVTl2WCaj8u+C1pJnFrGEUIHeej
zxvXjnjGB3xuo1Dpk8+6nHFFQZFn8vvqvE8eX3URZTPCiOo8aYJCNbpGMb+NWtr0
Oz8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:38 2024 by rpki-client on console-fra.rpki-client.org