Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/QAb0A4WE6wf-OZd71H4qoyQjoaU.roa
File: QAb0A4WE6wf-OZd71H4qoyQjoaU.roa (raw, json)
Hash identifier: WIWGNY7FIf1/kt4EZ+3QU5PHkvM2ev1G2p6LmUiInfc=
Subject key identifier: 40:06:F4:03:85:84:EB:07:FE:39:97:7B:D4:7E:2A:A3:24:23:A1:A5
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14A922834103723827D332E05C22F6
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/QAb0A4WE6wf-OZd71H4qoyQjoaU.roa
Signing time: Sun 01 Jan 2023 20:45:02 +0000
ROA not before: Sun 01 Jan 2023 20:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41269
IP address blocks: 212.110.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a9:22:83:41:03:72:38:27:d3:32:e0:5c:22:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4006f4038584eb07fe39977bd47e2aa32423a1a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a3:f9:67:c6:00:d4:d7:45:fb:11:8a:0d:0b:
56:1a:09:c6:0d:94:2f:cb:8e:6e:60:60:79:66:75:
50:e8:e6:4c:11:8e:0d:38:3a:3e:db:38:11:60:88:
8d:15:bc:ed:9e:13:7c:46:c0:ed:2b:ef:7d:30:07:
e0:18:ac:89:ea:26:7e:b8:49:b5:94:b2:3f:0e:d6:
34:4e:af:11:b9:5b:ee:6f:6f:93:9f:12:6c:af:20:
ba:53:8f:0e:91:74:47:2f:e4:fc:1a:30:99:8c:43:
40:b1:a7:79:65:da:a1:d9:15:f3:c3:fa:54:b3:30:
35:6f:5d:22:4b:74:00:68:bd:a5:71:f9:8d:59:b4:
76:dd:00:9d:11:21:72:58:46:2e:e1:32:ca:53:9b:
a9:25:1e:55:68:fc:ad:99:a0:83:f7:c6:12:c3:e6:
79:0e:27:7f:17:03:9a:8b:54:96:24:08:b9:ed:0c:
fe:46:26:6c:e2:20:06:fc:ac:d3:3d:07:fd:88:a2:
e0:16:fa:d7:e0:ed:2f:04:8d:a5:ee:d8:1e:48:01:
33:6d:2e:d2:d4:ef:57:fe:d6:65:ef:f7:b2:9b:fa:
c1:cc:93:f3:3d:bb:69:bc:94:18:d9:ab:8a:2b:ac:
b5:fc:f0:8d:7a:7d:f2:50:21:a9:00:21:fa:6f:94:
7e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:06:F4:03:85:84:EB:07:FE:39:97:7B:D4:7E:2A:A3:24:23:A1:A5
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/QAb0A4WE6wf-OZd71H4qoyQjoaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.110.158.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:1c:c5:52:36:e5:f7:d2:0b:96:17:ef:24:66:0b:60:41:b7:
7f:1e:e0:a6:80:9f:23:fb:ff:32:d1:5e:9a:2b:a8:80:6a:37:
9c:93:02:a3:91:9a:16:03:24:e0:bb:05:a1:43:38:2b:50:c5:
63:0f:4b:96:73:16:e2:24:d4:a0:33:5c:cf:d1:d8:63:4c:64:
64:07:fb:58:07:3b:b8:d1:ea:e0:f1:c5:c5:d3:08:c8:7f:e9:
5b:16:16:72:03:70:9d:46:3e:76:4c:39:7a:77:a2:d0:35:a1:
3b:69:93:bc:a8:2f:86:54:99:b8:1a:25:32:1c:f9:b2:86:bf:
b1:72:db:6d:78:76:8a:36:20:a2:ee:56:1f:cb:1e:af:e0:e2:
bc:47:87:fd:4e:f1:e7:b8:fe:49:34:33:86:dc:7b:f7:8f:2b:
e4:09:b9:e4:5f:76:77:3f:ae:e2:a7:bb:fe:60:5f:86:2b:f4:
dd:06:25:3d:b6:7a:1e:d3:f6:10:92:b6:df:95:94:94:a3:be:
66:e4:d6:4a:e0:9d:7e:23:d4:bc:ec:d0:77:4f:7e:8f:92:3f:
6d:07:13:cd:02:1d:b7:06:1a:82:2a:a3:06:a7:a4:e9:b7:36:
cf:1f:de:2c:58:b5:87:af:f2:d5:fd:54:0b:82:11:3a:13:f5:
31:b3:cb:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFKkig0EDcjgn0zLgXCL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDA2ZjQwMzg1ODRlYjA3ZmUzOTk3N2JkNDdlMmFhMzI0MjNhMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaP5Z8YA1NdF+xGKDQtWGgnGDZQv
y45uYGB5ZnVQ6OZMEY4NODo+2zgRYIiNFbztnhN8RsDtK+99MAfgGKyJ6iZ+uEm1
lLI/DtY0Tq8RuVvub2+TnxJsryC6U48OkXRHL+T8GjCZjENAsad5Zdqh2RXzw/pU
szA1b10iS3QAaL2lcfmNWbR23QCdESFyWEYu4TLKU5upJR5VaPytmaCD98YSw+Z5
Did/FwOai1SWJAi57Qz+RiZs4iAG/KzTPQf9iKLgFvrX4O0vBI2l7tgeSAEzbS7S
1O9X/tZl7/eym/rBzJPzPbtpvJQY2auKK6y1/PCNen3yUCGpACH6b5R+zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAG9AOFhOsH/jmXe9R+KqMkI6GlMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvUUFiMEE0V0U2d2YtT1pkNzFINHFveVFqb2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1G6eMA0G
CSqGSIb3DQEBCwUAA4IBAQC0HMVSNuX30guWF+8kZgtgQbd/HuCmgJ8j+/8y0V6a
K6iAajeckwKjkZoWAyTguwWhQzgrUMVjD0uWcxbiJNSgM1zP0dhjTGRkB/tYBzu4
0erg8cXF0wjIf+lbFhZyA3CdRj52TDl6d6LQNaE7aZO8qC+GVJm4GiUyHPmyhr+x
cttteHaKNiCi7lYfyx6v4OK8R4f9TvHnuP5JNDOG3Hv3jyvkCbnkX3Z3P67ip7v+
YF+GK/TdBiU9tnoe0/YQkrbflZSUo75m5NZK4J1+I9S87NB3T36Pkj9tBxPNAh23
BhqCKqMGp6TptzbPH94sWLWHr/LV/VQLghE6E/Uxs8vJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:53 2024 by rpki-client on console-ams.rpki-client.org