Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/qwK8fMpeJh5VOiCgSOAD8Os7-hk.roa
File: qwK8fMpeJh5VOiCgSOAD8Os7-hk.roa (raw, json)
Hash identifier: UFSf46JhhBB8vLWkl6r7FvIuIaXuc4/Sn69P9skEC1g=
Subject key identifier: AB:02:BC:7C:CA:5E:26:1E:55:3A:20:A0:48:E0:03:F0:EB:3B:FA:19
Certificate issuer: /CN=cccd583c8d71a2427e0060e3cc924f32dc1a820b
Certificate serial: 018E13870B5F0E8999E04DF1008C8E6CDFE7
Authority key identifier: CC:CD:58:3C:8D:71:A2:42:7E:00:60:E3:CC:92:4F:32:DC:1A:82:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/qwK8fMpeJh5VOiCgSOAD8Os7-hk.roa
Signing time: Wed 06 Mar 2024 11:30:01 +0000
ROA not before: Wed 06 Mar 2024 11:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 176.124.220.0/24 maxlen: 24
176.124.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:87:0b:5f:0e:89:99:e0:4d:f1:00:8c:8e:6c:df:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cccd583c8d71a2427e0060e3cc924f32dc1a820b
Validity
Not Before: Mar 6 11:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab02bc7cca5e261e553a20a048e003f0eb3bfa19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d9:3d:1c:0c:f3:9a:95:24:1d:a5:d2:bd:eb:
fa:fd:23:90:e3:65:4f:d4:bb:a2:45:eb:cf:3a:11:
3d:c7:ee:1e:f9:19:7f:e2:13:5f:d9:7e:e1:50:71:
ab:b9:4c:27:1f:95:0e:af:a0:eb:a1:27:7a:a0:ff:
24:da:be:b8:25:5d:47:24:13:86:9b:2f:92:03:5a:
7c:ae:cb:fd:20:e5:af:ca:3e:b2:ae:ac:68:09:0a:
b1:1e:06:7d:9a:da:25:1d:ca:db:13:fe:22:5a:c9:
c0:9b:7f:c9:f2:1b:93:2d:dc:69:81:3b:a9:8b:9d:
75:2c:d6:1d:e5:d2:ba:ba:65:c8:88:47:fa:55:e2:
3a:3f:69:33:6b:a9:da:5a:a9:e7:7b:d1:48:4d:5e:
68:21:dd:59:fb:d1:92:78:89:2c:3d:b4:e5:8e:d7:
0a:5b:1a:a5:1d:fe:5f:06:24:cd:81:a6:11:04:20:
ed:a4:1d:c1:fe:94:ed:df:f9:87:5a:bc:6f:10:8a:
ea:bc:f5:5a:26:e8:52:9d:c1:31:77:1f:56:26:77:
99:6c:e7:1c:57:bf:b3:b7:e4:52:e3:47:da:29:50:
39:fe:55:19:42:ff:85:70:7e:c4:a3:81:7a:e6:38:
10:8d:4c:39:78:34:ef:19:75:05:36:6c:28:f2:49:
40:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:02:BC:7C:CA:5E:26:1E:55:3A:20:A0:48:E0:03:F0:EB:3B:FA:19
X509v3 Authority Key Identifier:
keyid:CC:CD:58:3C:8D:71:A2:42:7E:00:60:E3:CC:92:4F:32:DC:1A:82:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/qwK8fMpeJh5VOiCgSOAD8Os7-hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/zM1YPI1xokJ-AGDjzJJPMtwaggs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.220.0/23
Signature Algorithm: sha256WithRSAEncryption
89:6f:04:df:90:ea:b1:5f:f6:af:5b:4e:9b:c7:b5:1f:5f:f2:
82:fe:7b:e3:83:df:2a:4f:ac:96:c9:e5:9a:d3:3c:6c:37:c0:
bd:30:97:f5:24:83:74:ea:fe:f0:3c:19:b8:b1:a4:90:0e:8d:
17:eb:6f:c4:9b:a2:b9:e5:14:51:41:cc:67:02:fd:21:fb:51:
f9:d0:e7:35:67:2a:94:5f:f3:db:5b:aa:49:9c:81:8f:5d:67:
aa:b5:c9:f4:3d:a5:44:a8:f1:5f:82:d2:f6:80:18:f6:c2:e3:
36:27:50:e5:fb:5e:38:19:c7:ce:ea:ca:2c:e8:36:4c:ee:8a:
a7:ea:8d:97:83:93:ff:58:18:b2:73:4c:8c:7a:85:bd:a9:5c:
e4:5d:34:c6:ff:0a:b7:81:95:7e:66:18:64:53:9e:21:3c:08:
22:2b:e6:c7:32:2b:fc:df:34:08:d0:b5:71:c5:36:66:8c:31:
3c:5b:de:75:d5:0d:19:ab:db:28:62:70:a5:53:20:8d:02:a7:
a8:8c:d9:2a:5f:87:48:e0:8b:ef:65:8e:7a:4b:61:99:d0:79:
8d:b7:94:59:96:23:f1:1c:f8:ac:8f:96:b4:88:f8:03:11:39:
95:52:d7:c3:9a:b9:6d:f0:38:bf:73:2a:82:a0:c6:6e:a4:84:
3a:86:04:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4ThwtfDomZ4E3xAIyObN/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2Q1ODNjOGQ3MWEyNDI3ZTAwNjBlM2NjOTI0ZjMyZGMx
YTgyMGIwHhcNMjQwMzA2MTEzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjAyYmM3Y2NhNWUyNjFlNTUzYTIwYTA0OGUwMDNmMGViM2JmYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtk9HAzzmpUkHaXSvev6/SOQ42VP
1LuiRevPOhE9x+4e+Rl/4hNf2X7hUHGruUwnH5UOr6DroSd6oP8k2r64JV1HJBOG
my+SA1p8rsv9IOWvyj6yrqxoCQqxHgZ9mtolHcrbE/4iWsnAm3/J8huTLdxpgTup
i511LNYd5dK6umXIiEf6VeI6P2kza6naWqnne9FITV5oId1Z+9GSeIksPbTljtcK
WxqlHf5fBiTNgaYRBCDtpB3B/pTt3/mHWrxvEIrqvPVaJuhSncExdx9WJneZbOcc
V7+zt+RS40faKVA5/lUZQv+FcH7Eo4F65jgQjUw5eDTvGXUFNmwo8klATQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKsCvHzKXiYeVTogoEjgA/DrO/oZMB8GA1UdIwQY
MBaAFMzNWDyNcaJCfgBg48ySTzLcGoILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek0xWVBJMXhva0otQUdEanpKSlBNdHdhZ2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81NmEwMmEtYzVmZC00MTE5LThjNWYt
ZjQ4NTAyZDEzOTQ4LzEvcXdLOGZNcGVKaDVWT2lDZ1NPQUQ4T3M3LWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81NmEwMmEtYzVmZC00MTE5LThjNWYtZjQ4NTAyZDEzOTQ4
LzEvek0xWVBJMXhva0otQUdEanpKSlBNdHdhZ2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHzcMA0G
CSqGSIb3DQEBCwUAA4IBAQCJbwTfkOqxX/avW06bx7UfX/KC/nvjg98qT6yWyeWa
0zxsN8C9MJf1JIN06v7wPBm4saSQDo0X62/Em6K55RRRQcxnAv0h+1H50Oc1ZyqU
X/PbW6pJnIGPXWeqtcn0PaVEqPFfgtL2gBj2wuM2J1Dl+144GcfO6sos6DZM7oqn
6o2Xg5P/WBiyc0yMeoW9qVzkXTTG/wq3gZV+ZhhkU54hPAgiK+bHMiv83zQI0LVx
xTZmjDE8W9511Q0Zq9soYnClUyCNAqeojNkqX4dI4IvvZY56S2GZ0HmNt5RZliPx
HPisj5a0iPgDETmVUtfDmrlt8Di/cyqCoMZupIQ6hgQg
-----END CERTIFICATE-----
Generated at Mon Sep 2 21:05:45 2024 by rpki-client on console-ams.rpki-client.org