Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/d3558d-9057-47db-9959-3060b36b8506/1/QQ91qOpLSxaBLFqNseBnZEq2SW8.roa
File: QQ91qOpLSxaBLFqNseBnZEq2SW8.roa (raw, json)
Hash identifier: k7uQT7PVslpJEbLbTrv7KGj/2DxAk+Cn82eBvNVg35I=
Subject key identifier: 41:0F:75:A8:EA:4B:4B:16:81:2C:5A:8D:B1:E0:67:64:4A:B6:49:6F
Certificate issuer: /CN=750ffb6552d58ae774ba424d5527b350624faafc
Certificate serial: 018570FBA0CEA9FA5BF32CCB4555EA275CB9
Authority key identifier: 75:0F:FB:65:52:D5:8A:E7:74:BA:42:4D:55:27:B3:50:62:4F:AA:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQ_7ZVLViud0ukJNVSezUGJPqvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/d3558d-9057-47db-9959-3060b36b8506/1/QQ91qOpLSxaBLFqNseBnZEq2SW8.roa
Signing time: Mon 02 Jan 2023 05:36:56 +0000
ROA not before: Mon 02 Jan 2023 05:36:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39328
IP address blocks: 45.67.180.0/22 maxlen: 24
185.154.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:a0:ce:a9:fa:5b:f3:2c:cb:45:55:ea:27:5c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=750ffb6552d58ae774ba424d5527b350624faafc
Validity
Not Before: Jan 2 05:36:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=410f75a8ea4b4b16812c5a8db1e067644ab6496f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4b:6c:8d:f3:6b:dc:65:9a:8c:8e:94:8d:1b:
aa:ef:21:3d:76:61:e9:36:42:63:74:44:0a:3f:87:
f5:a2:70:8f:e9:c9:69:31:02:57:92:f2:d5:d3:ce:
d5:f3:a6:b5:d3:c2:3d:96:1d:31:80:53:2c:fd:ba:
0e:22:68:b5:3f:00:a4:9d:b2:bf:b2:bb:c0:7d:d8:
0f:97:0f:70:ef:eb:c8:45:d9:f4:80:14:ef:d3:74:
41:eb:0e:ab:99:c3:6a:cb:96:4b:4f:93:51:ee:f3:
5b:f0:11:6d:ec:d4:32:8d:04:da:cf:31:70:64:69:
85:48:d3:2d:1b:0b:40:06:37:05:d4:07:25:26:46:
c0:78:9a:a1:a5:b1:03:c4:b6:c5:12:2b:09:35:36:
cf:1c:d0:68:1c:94:10:b4:33:df:00:d2:19:2a:15:
da:2b:f4:b1:1a:07:a4:b2:2f:dd:05:8b:c0:87:07:
10:3e:2e:97:e1:df:6c:78:4f:0f:27:da:6e:5f:71:
d3:49:e2:a8:3a:29:85:99:cd:c5:56:32:19:71:35:
70:3a:59:b6:0c:42:df:3c:55:c8:a6:f8:c8:d2:fc:
c8:44:87:c0:b2:8b:86:79:28:d9:78:ea:7f:a7:9d:
6e:1d:1c:ce:31:5d:c8:0f:c5:23:83:32:ea:16:ba:
25:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:0F:75:A8:EA:4B:4B:16:81:2C:5A:8D:B1:E0:67:64:4A:B6:49:6F
X509v3 Authority Key Identifier:
keyid:75:0F:FB:65:52:D5:8A:E7:74:BA:42:4D:55:27:B3:50:62:4F:AA:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQ_7ZVLViud0ukJNVSezUGJPqvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d3558d-9057-47db-9959-3060b36b8506/1/QQ91qOpLSxaBLFqNseBnZEq2SW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d3558d-9057-47db-9959-3060b36b8506/1/dQ_7ZVLViud0ukJNVSezUGJPqvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.180.0/22
185.154.252.0/22
Signature Algorithm: sha256WithRSAEncryption
83:b5:3d:78:ca:f5:8b:25:51:34:48:ea:3d:bd:22:dc:fc:2c:
d6:0b:d3:3c:4a:50:37:f1:d3:b8:18:fb:0d:f2:7a:a3:2b:8a:
50:bf:1f:d9:03:69:b3:3d:be:c2:18:d4:a5:ab:05:84:7f:92:
23:56:27:16:be:b6:6c:36:57:b8:94:c0:0a:ca:ee:e6:d0:55:
0f:28:29:c9:d2:dc:4d:90:84:3f:c1:60:77:e8:fd:af:33:ae:
a5:a2:2e:89:94:be:2e:15:25:b2:d5:8c:e9:87:0e:f5:85:eb:
af:8b:70:45:7e:86:11:45:02:b4:25:2f:7b:f3:cb:10:6e:3a:
0b:aa:f2:d2:30:71:ca:e3:b5:ad:7b:fd:13:49:d7:19:c9:59:
c1:f3:c0:d3:ee:a4:34:e3:cc:8b:2a:54:bf:17:23:7f:60:29:
7a:3b:32:a0:bf:7b:f3:66:90:6a:43:bc:36:5f:36:7a:44:7a:
ef:85:8d:9d:3f:74:31:03:f3:92:36:16:3d:bd:87:5e:dc:54:
73:18:51:c9:f5:da:30:88:65:92:44:66:37:3f:4b:76:3e:d3:
90:79:24:c7:fd:96:36:f1:24:7e:f9:b0:15:45:a4:3b:62:b3:
de:9b:e2:7e:79:d2:c8:d9:17:fb:e9:a8:f0:c9:ea:17:0b:4b:
59:58:3b:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw+6DOqfpb8yzLRVXqJ1y5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MGZmYjY1NTJkNThhZTc3NGJhNDI0ZDU1MjdiMzUwNjI0
ZmFhZmMwHhcNMjMwMTAyMDUzNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTBmNzVhOGVhNGI0YjE2ODEyYzVhOGRiMWUwNjc2NDRhYjY0OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyktsjfNr3GWajI6UjRuq7yE9dmHp
NkJjdEQKP4f1onCP6clpMQJXkvLV087V86a108I9lh0xgFMs/boOImi1PwCknbK/
srvAfdgPlw9w7+vIRdn0gBTv03RB6w6rmcNqy5ZLT5NR7vNb8BFt7NQyjQTazzFw
ZGmFSNMtGwtABjcF1AclJkbAeJqhpbEDxLbFEisJNTbPHNBoHJQQtDPfANIZKhXa
K/SxGgeksi/dBYvAhwcQPi6X4d9seE8PJ9puX3HTSeKoOimFmc3FVjIZcTVwOlm2
DELfPFXIpvjI0vzIRIfAsouGeSjZeOp/p51uHRzOMV3ID8UjgzLqFrol0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEEPdajqS0sWgSxajbHgZ2RKtklvMB8GA1UdIwQY
MBaAFHUP+2VS1YrndLpCTVUns1BiT6r8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFfN1pWTFZpdWQwdWtKTlZTZXpVR0pQcXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9kMzU1OGQtOTA1Ny00N2RiLTk5NTkt
MzA2MGIzNmI4NTA2LzEvUVE5MXFPcExTeGFCTEZxTnNlQm5aRXEyU1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9kMzU1OGQtOTA1Ny00N2RiLTk5NTktMzA2MGIzNmI4NTA2
LzEvZFFfN1pWTFZpdWQwdWtKTlZTZXpVR0pQcXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUO0AwQC
uZr8MA0GCSqGSIb3DQEBCwUAA4IBAQCDtT14yvWLJVE0SOo9vSLc/CzWC9M8SlA3
8dO4GPsN8nqjK4pQvx/ZA2mzPb7CGNSlqwWEf5IjVicWvrZsNle4lMAKyu7m0FUP
KCnJ0txNkIQ/wWB36P2vM66loi6JlL4uFSWy1Yzphw71heuvi3BFfoYRRQK0JS97
88sQbjoLqvLSMHHK47Wte/0TSdcZyVnB88DT7qQ048yLKlS/FyN/YCl6OzKgv3vz
ZpBqQ7w2XzZ6RHrvhY2dP3QxA/OSNhY9vYde3FRzGFHJ9dowiGWSRGY3P0t2PtOQ
eSTH/ZY28SR++bAVRaQ7YrPem+J+edLI2Rf76ajwyeoXC0tZWDuT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org