Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/QBv0tHLCHykO-j4fsjTQErlQiTU.roa
File: QBv0tHLCHykO-j4fsjTQErlQiTU.roa (raw, json)
Hash identifier: /ZW/owDHCr948r26djATkeXKeu/iCUd/SiKC/q+HYoA=
Subject key identifier: 40:1B:F4:B4:72:C2:1F:29:0E:FA:3E:1F:B2:34:D0:12:B9:50:89:35
Certificate issuer: /CN=335525f5e51b622fdfee730cda8cda311b4400dd
Certificate serial: 01856CE5FFF97B1AAD5F01A6CB839DCB7CA2
Authority key identifier: 33:55:25:F5:E5:1B:62:2F:DF:EE:73:0C:DA:8C:DA:31:1B:44:00:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/QBv0tHLCHykO-j4fsjTQErlQiTU.roa
Signing time: Sun 01 Jan 2023 10:34:50 +0000
ROA not before: Sun 01 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211413
IP address blocks: 193.56.135.0/24 maxlen: 24
2a10:e8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:ff:f9:7b:1a:ad:5f:01:a6:cb:83:9d:cb:7c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335525f5e51b622fdfee730cda8cda311b4400dd
Validity
Not Before: Jan 1 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=401bf4b472c21f290efa3e1fb234d012b9508935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8f:a4:86:c4:1b:cd:ae:d2:34:ac:ff:a7:69:
9b:2a:a3:6f:a7:86:df:7a:1e:34:01:f6:13:b8:d0:
c0:cc:c6:b2:8b:8b:cb:a6:4f:89:10:fa:14:f5:6e:
d4:71:e4:1a:a3:1b:eb:89:30:82:fd:c6:d5:0c:e2:
30:94:cb:ab:47:f2:f1:bd:37:0c:64:5e:41:6c:ee:
97:3f:02:b6:d9:ff:69:ec:c8:b8:08:99:c1:ce:90:
5d:ae:a6:4d:9f:6e:5b:c0:b2:f1:f1:46:34:e3:71:
15:fe:f1:bc:cb:ba:8d:db:4c:1e:14:49:0e:42:17:
45:74:f3:b6:67:9f:3c:a3:44:81:be:b2:f4:ff:da:
f6:64:eb:4d:f3:54:ee:6e:4d:04:b8:6c:39:b9:f3:
e6:0d:0b:8e:54:1f:96:8a:ee:c1:74:3a:3b:b1:4b:
e2:76:27:38:dd:65:65:24:2c:59:8e:62:fb:61:20:
0e:f9:f2:67:7b:cc:08:f2:88:6c:d1:71:e7:78:f9:
78:9a:5a:68:a4:f2:65:aa:8f:d5:0d:a5:93:49:75:
f3:d8:37:00:43:de:93:bf:c5:29:00:88:7b:d7:4f:
c8:39:02:c5:26:df:24:aa:17:4c:53:b5:90:a3:bf:
35:5f:0e:0c:d0:80:57:61:5d:0c:ed:88:5a:c6:f0:
9b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1B:F4:B4:72:C2:1F:29:0E:FA:3E:1F:B2:34:D0:12:B9:50:89:35
X509v3 Authority Key Identifier:
keyid:33:55:25:F5:E5:1B:62:2F:DF:EE:73:0C:DA:8C:DA:31:1B:44:00:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/QBv0tHLCHykO-j4fsjTQErlQiTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3040df-768d-4c70-9aa0-011ba072f42c/1/M1Ul9eUbYi_f7nMM2ozaMRtEAN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.135.0/24
IPv6:
2a10:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:35:a2:6c:64:6d:c6:99:2e:9b:9e:58:17:5c:f5:36:82:99:
4f:0e:22:74:b8:0c:09:4b:67:1f:35:f0:0e:85:1f:36:0e:6d:
c9:7b:69:17:56:60:02:09:4f:dc:0c:2a:eb:4b:14:f9:61:bd:
ac:55:72:56:e6:9e:43:28:0c:d9:07:f9:2b:17:bf:53:96:c6:
fd:32:9f:d6:94:ff:fc:3a:8d:8d:81:1f:6c:8b:34:d4:fd:df:
96:45:49:8d:1c:8e:42:b6:c0:18:62:e1:75:28:b0:77:bf:7b:
35:3d:d0:59:83:2a:36:42:72:8b:e7:90:63:5c:16:43:99:d2:
52:59:4d:d3:f8:57:ab:6e:a2:00:55:48:7a:d7:f3:3e:15:3a:
cc:fd:e0:53:d4:05:b3:95:7b:c5:f6:3a:bd:30:be:6a:43:d8:
11:0a:47:47:24:3b:1c:49:29:39:16:23:3c:3e:c0:a1:9a:50:
00:d1:b7:d0:53:8b:06:d4:3f:d3:5a:6b:73:f4:2c:8a:c7:77:
e7:08:0b:06:8a:31:25:ea:d7:30:01:7e:95:18:94:65:7d:d8:
d5:4f:70:62:32:b5:2a:43:c5:fa:09:86:4b:83:bd:b9:a7:0f:
4b:46:2e:87:12:0f:88:77:28:fb:fe:e3:db:ec:40:8d:5f:d3:
df:0e:d3:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs5f/5exqtXwGmy4Ody3yiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTUyNWY1ZTUxYjYyMmZkZmVlNzMwY2RhOGNkYTMxMWI0
NDAwZGQwHhcNMjMwMTAxMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDFiZjRiNDcyYzIxZjI5MGVmYTNlMWZiMjM0ZDAxMmI5NTA4OTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4+khsQbza7SNKz/p2mbKqNvp4bf
eh40AfYTuNDAzMayi4vLpk+JEPoU9W7UceQaoxvriTCC/cbVDOIwlMurR/LxvTcM
ZF5BbO6XPwK22f9p7Mi4CJnBzpBdrqZNn25bwLLx8UY043EV/vG8y7qN20weFEkO
QhdFdPO2Z588o0SBvrL0/9r2ZOtN81Tubk0EuGw5ufPmDQuOVB+Wiu7BdDo7sUvi
dic43WVlJCxZjmL7YSAO+fJne8wI8ohs0XHnePl4mlpopPJlqo/VDaWTSXXz2DcA
Q96Tv8UpAIh710/IOQLFJt8kqhdMU7WQo781Xw4M0IBXYV0M7YhaxvCbGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEAb9LRywh8pDvo+H7I00BK5UIk1MB8GA1UdIwQY
MBaAFDNVJfXlG2Iv3+5zDNqM2jEbRADdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFVbDllVWJZaV9mN25NTTJvemFNUnRFQU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMDQwZGYtNzY4ZC00YzcwLTlhYTAt
MDExYmEwNzJmNDJjLzEvUUJ2MHRITENIeWtPLWo0ZnNqVFFFcmxRaVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMDQwZGYtNzY4ZC00YzcwLTlhYTAtMDExYmEwNzJmNDJj
LzEvTTFVbDllVWJZaV9mN25NTTJvemFNUnRFQU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTiHMA0E
AgACMAcDBQMqEOjAMA0GCSqGSIb3DQEBCwUAA4IBAQCcNaJsZG3GmS6bnlgXXPU2
gplPDiJ0uAwJS2cfNfAOhR82Dm3Je2kXVmACCU/cDCrrSxT5Yb2sVXJW5p5DKAzZ
B/krF79Tlsb9Mp/WlP/8Oo2NgR9sizTU/d+WRUmNHI5CtsAYYuF1KLB3v3s1PdBZ
gyo2QnKL55BjXBZDmdJSWU3T+FerbqIAVUh61/M+FTrM/eBT1AWzlXvF9jq9ML5q
Q9gRCkdHJDscSSk5FiM8PsChmlAA0bfQU4sG1D/TWmtz9CyKx3fnCAsGijEl6tcw
AX6VGJRlfdjVT3BiMrUqQ8X6CYZLg725pw9LRi6HEg+Idyj7/uPb7ECNX9PfDtPU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:24 2024 by rpki-client on console-ams.rpki-client.org