Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/qjfKYrP8WxDNV2MsKYp_Qimb2LE.roa
File: qjfKYrP8WxDNV2MsKYp_Qimb2LE.roa (raw, json)
Hash identifier: JspFa+p3v7tNaxqWcLO+Ivb7+fmBLM0qfYmbpuDhtSU=
Subject key identifier: AA:37:CA:62:B3:FC:5B:10:CD:57:63:2C:29:8A:7F:42:29:9B:D8:B1
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 018D45CA42B101CAAC1347AA87C5E752E130
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/qjfKYrP8WxDNV2MsKYp_Qimb2LE.roa
Signing time: Fri 26 Jan 2024 12:41:39 +0000
ROA not before: Fri 26 Jan 2024 12:41:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207551
IP address blocks: 202.181.153.0/24 maxlen: 24
212.6.53.0/24 maxlen: 24
2a10:2080::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 10:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:ca:42:b1:01:ca:ac:13:47:aa:87:c5:e7:52:e1:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: Jan 26 12:41:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa37ca62b3fc5b10cd57632c298a7f42299bd8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b5:29:e6:69:55:00:e6:a0:b9:c1:b3:6a:1f:
f5:d3:7b:2c:79:d1:80:02:ef:40:a8:5d:dc:91:d4:
3d:b8:32:87:20:8f:c4:17:78:1f:be:10:a7:d6:bd:
f1:f9:e6:54:e1:b0:c6:a9:5c:46:05:05:5b:c7:af:
7a:1c:e7:64:b7:2e:48:e2:f0:11:78:8a:bd:6a:f5:
36:e3:d2:09:cd:6a:57:44:88:54:bf:e0:34:95:a5:
5e:6a:42:a0:57:02:82:51:bb:b7:11:21:f5:db:be:
1c:43:dd:d9:33:8a:7e:7b:3e:83:66:2a:98:71:20:
f1:b4:f3:24:bb:b2:17:1c:d6:00:4b:0b:34:2f:95:
42:1e:57:0a:26:3e:5c:96:e1:0e:eb:78:d5:97:77:
03:7c:a3:d0:d5:f7:38:21:e7:06:17:ea:71:32:20:
8e:7e:ef:b6:28:84:56:44:e6:99:90:49:83:df:74:
5f:cf:fa:3f:ee:9c:99:c4:b1:0d:9c:4f:e7:ed:e4:
b2:10:11:4e:5c:a6:c6:1b:2e:c1:8c:8e:c6:1c:0f:
6a:e0:d6:6f:f7:99:02:6e:27:c3:e2:52:27:e4:3e:
a8:fd:7d:f8:b6:0e:81:e2:21:4e:d6:f4:0b:3e:79:
21:f6:40:d6:65:80:f3:ce:93:d2:6d:29:f9:23:ce:
16:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:37:CA:62:B3:FC:5B:10:CD:57:63:2C:29:8A:7F:42:29:9B:D8:B1
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/qjfKYrP8WxDNV2MsKYp_Qimb2LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.181.153.0/24
212.6.53.0/24
IPv6:
2a10:2080::/29
Signature Algorithm: sha256WithRSAEncryption
2b:3b:59:18:dc:13:47:a8:fe:08:6e:15:e4:b5:c5:ca:b3:61:
1a:30:20:d0:25:df:72:5f:3f:18:b5:cb:a2:5d:94:62:00:82:
4a:8d:0e:90:57:e9:f7:0b:e4:2b:86:65:8b:cb:e6:61:21:2d:
fc:2f:98:e6:f1:53:8e:f2:aa:b0:a3:a4:9a:a5:1d:dd:b7:45:
4d:cc:21:a1:35:8e:f8:a2:78:b9:3b:1f:7b:ef:97:ae:3f:54:
4d:7f:b6:55:b4:3d:f4:83:6a:b6:26:3d:bf:98:b7:75:a3:0f:
fd:bb:09:9f:80:dc:31:d7:c9:21:76:88:09:d8:3c:77:37:78:
d5:e1:9a:be:c6:81:c5:70:81:56:e0:24:a4:d1:64:a4:32:0d:
2e:8d:9a:a2:3d:53:22:24:33:4a:ea:4f:0f:d4:f5:fa:52:66:
1f:0d:97:a6:36:7f:63:67:dc:c6:b9:f2:22:f4:cd:35:cd:73:
8c:ba:68:ef:37:3f:d9:6f:94:90:e2:f1:3b:37:bf:a5:25:c6:
9b:7f:86:08:ce:d6:60:47:3d:e1:2b:86:0e:23:ae:90:ef:1c:
98:1f:b0:10:6d:29:c2:79:71:bb:36:f2:36:fd:02:6b:ae:8b:
6b:1f:4e:07:78:70:8d:8e:be:92:de:a0:7b:67:0b:97:31:3b:
70:69:5a:44
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY1FykKxAcqsE0eqh8XnUuEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjQwMTI2MTI0MTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTM3Y2E2MmIzZmM1YjEwY2Q1NzYzMmMyOThhN2Y0MjI5OWJkOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirUp5mlVAOagucGzah/103ssedGA
Au9AqF3ckdQ9uDKHII/EF3gfvhCn1r3x+eZU4bDGqVxGBQVbx696HOdkty5I4vAR
eIq9avU249IJzWpXRIhUv+A0laVeakKgVwKCUbu3ESH1274cQ93ZM4p+ez6DZiqY
cSDxtPMku7IXHNYASws0L5VCHlcKJj5cluEO63jVl3cDfKPQ1fc4IecGF+pxMiCO
fu+2KIRWROaZkEmD33Rfz/o/7pyZxLENnE/n7eSyEBFOXKbGGy7BjI7GHA9q4NZv
95kCbifD4lIn5D6o/X34tg6B4iFO1vQLPnkh9kDWZYDzzpPSbSn5I84WgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKo3ymKz/FsQzVdjLCmKf0Ipm9ixMB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEvcWpmS1lyUDhXeEROVjJNc0tZcF9RaW1iMkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAyrWZAwQA
1AY1MA0EAgACMAcDBQMqECCAMA0GCSqGSIb3DQEBCwUAA4IBAQArO1kY3BNHqP4I
bhXktcXKs2EaMCDQJd9yXz8YtcuiXZRiAIJKjQ6QV+n3C+QrhmWLy+ZhIS38L5jm
8VOO8qqwo6SapR3dt0VNzCGhNY74oni5Ox9775euP1RNf7ZVtD30g2q2Jj2/mLd1
ow/9uwmfgNwx18khdogJ2Dx3N3jV4Zq+xoHFcIFW4CSk0WSkMg0ujZqiPVMiJDNK
6k8P1PX6UmYfDZemNn9jZ9zGufIi9M01zXOMumjvNz/Zb5SQ4vE7N7+lJcabf4YI
ztZgRz3hK4YOI66Q7xyYH7AQbSnCeXG7NvI2/QJrrotrH04HeHCNjr6S3qB7ZwuX
MTtwaVpE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:33 2024 by rpki-client on console-ams.rpki-client.org