Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/QWVWaMpG2AfwsgPJYv0qkVu2oSQ.roa
File: QWVWaMpG2AfwsgPJYv0qkVu2oSQ.roa (raw, json)
Hash identifier: 1UWQLhh4RlcHNn5pFjCGtRARhCwhgzbn2J2fQ4Kl/PM=
Subject key identifier: 41:65:56:68:CA:46:D8:07:F0:B2:03:C9:62:FD:2A:91:5B:B6:A1:24
Certificate issuer: /CN=9af4f122622fc3bb6fb83b7c8269036eda62466f
Certificate serial: 018E654E2AB2AFE5CAED84D5114DACC348DF
Authority key identifier: 9A:F4:F1:22:62:2F:C3:BB:6F:B8:3B:7C:82:69:03:6E:DA:62:46:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvTxImIvw7tvuDt8gmkDbtpiRm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/QWVWaMpG2AfwsgPJYv0qkVu2oSQ.roa
Signing time: Fri 22 Mar 2024 08:36:45 +0000
ROA not before: Fri 22 Mar 2024 08:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215927
IP address blocks: 45.156.177.0/24 maxlen: 24
45.156.178.0/24 maxlen: 24
45.156.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 18:16:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:4e:2a:b2:af:e5:ca:ed:84:d5:11:4d:ac:c3:48:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af4f122622fc3bb6fb83b7c8269036eda62466f
Validity
Not Before: Mar 22 08:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41655668ca46d807f0b203c962fd2a915bb6a124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:e3:fb:fb:6f:18:a8:f6:94:69:26:9a:2f:
01:66:e6:a9:09:ed:11:98:5d:35:80:7b:93:78:60:
d2:90:5c:be:b1:f0:22:21:a5:4a:03:62:8b:b1:a7:
77:96:70:e8:7d:33:56:6b:67:3b:9f:ea:ed:b6:7b:
2b:9a:56:2b:b3:02:be:78:91:78:f1:5d:89:6f:3d:
6f:5a:c6:d2:bf:34:5b:8a:a0:be:70:6d:1b:71:a3:
d6:03:83:0c:89:8a:c6:8c:b6:48:47:d0:67:36:ae:
cb:0f:ee:ab:a5:74:ca:5f:46:71:90:02:1b:d9:40:
8b:83:be:6b:3d:c5:c6:bb:3c:7a:15:56:c8:7d:1e:
f1:9b:cb:f8:d5:f9:00:13:d7:d8:24:5a:69:86:70:
5b:e1:ef:13:6d:b4:6a:7d:24:bd:c0:a5:ad:ba:51:
dd:bb:f8:b2:e2:7d:19:e3:c7:40:cb:44:df:45:e7:
22:21:91:e1:80:c6:18:ae:bd:0d:25:24:07:75:03:
e5:81:fa:06:6f:e9:b3:53:15:61:22:38:84:fb:96:
7a:66:49:7a:3e:cc:9a:dd:d5:1d:0e:74:7f:6c:6b:
85:38:0f:32:73:ea:c3:b5:fc:bb:28:06:fe:7d:a7:
12:b9:89:47:9f:8d:4c:18:dc:0a:b0:08:66:9f:ec:
1d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:65:56:68:CA:46:D8:07:F0:B2:03:C9:62:FD:2A:91:5B:B6:A1:24
X509v3 Authority Key Identifier:
keyid:9A:F4:F1:22:62:2F:C3:BB:6F:B8:3B:7C:82:69:03:6E:DA:62:46:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvTxImIvw7tvuDt8gmkDbtpiRm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/QWVWaMpG2AfwsgPJYv0qkVu2oSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/mvTxImIvw7tvuDt8gmkDbtpiRm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.177.0-45.156.179.255
Signature Algorithm: sha256WithRSAEncryption
97:26:6c:60:f1:7b:b3:3f:f1:30:76:3f:16:fc:bf:5a:42:a3:
44:fc:f6:a3:a7:40:0d:6c:72:14:96:22:1b:24:30:39:f1:5a:
7b:f2:c5:eb:cb:aa:09:c5:e4:02:ac:a1:76:fa:6c:92:77:9a:
e2:cf:c5:cf:ae:e9:25:99:ea:82:7a:ee:81:53:c8:f5:c7:7d:
6b:76:28:c0:0a:ad:c8:fe:04:bc:9f:a8:f4:53:3b:68:cc:c0:
bc:5e:40:f6:77:ab:74:9e:f6:07:5e:e0:38:4f:a2:da:1d:55:
ea:4a:42:a8:a7:9b:ec:de:a9:c3:93:c4:44:6a:77:d5:4c:17:
41:bf:85:00:47:b3:74:ed:6a:10:0d:25:0f:32:e1:70:c5:eb:
ca:6d:d9:3e:82:64:ca:2c:25:1e:95:51:19:41:d6:a7:95:30:
bf:68:5b:12:0b:2d:13:79:ea:6a:2c:5e:00:5f:a4:0b:92:9b:
91:8b:be:c3:2a:a8:c0:14:96:62:d4:62:c2:f2:de:96:ae:f4:
94:bf:58:6f:7b:bc:b6:f3:04:75:6a:d7:41:2c:ab:4b:e9:e1:
7c:30:8b:18:f5:95:2a:ff:47:60:c5:e5:b5:4d:a8:4e:29:03:
06:b0:22:ab:d2:85:0b:c5:bf:2b:e5:fa:40:5c:d0:fc:74:c2:
95:17:fa:6f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5lTiqyr+XK7YTVEU2sw0jfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjRmMTIyNjIyZmMzYmI2ZmI4M2I3YzgyNjkwMzZlZGE2
MjQ2NmYwHhcNMjQwMzIyMDgzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY1NTY2OGNhNDZkODA3ZjBiMjAzYzk2MmZkMmE5MTViYjZhMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8jj+/tvGKj2lGkmmi8BZuapCe0R
mF01gHuTeGDSkFy+sfAiIaVKA2KLsad3lnDofTNWa2c7n+rttnsrmlYrswK+eJF4
8V2Jbz1vWsbSvzRbiqC+cG0bcaPWA4MMiYrGjLZIR9BnNq7LD+6rpXTKX0ZxkAIb
2UCLg75rPcXGuzx6FVbIfR7xm8v41fkAE9fYJFpphnBb4e8TbbRqfSS9wKWtulHd
u/iy4n0Z48dAy0TfReciIZHhgMYYrr0NJSQHdQPlgfoGb+mzUxVhIjiE+5Z6Zkl6
Psya3dUdDnR/bGuFOA8yc+rDtfy7KAb+facSuYlHn41MGNwKsAhmn+wdXwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEFlVmjKRtgH8LIDyWL9KpFbtqEkMB8GA1UdIwQY
MBaAFJr08SJiL8O7b7g7fIJpA27aYkZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZUeEltSXZ3N3R2dUR0OGdta0RidHBpUm04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lYWRhY2ItZTRhNC00MWY5LTg5ZWQt
YzU3MThiZGU2NzUxLzEvUVdWV2FNcEcyQWZ3c2dQSll2MHFrVnUyb1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lYWRhY2ItZTRhNC00MWY5LTg5ZWQtYzU3MThiZGU2NzUx
LzEvbXZUeEltSXZ3N3R2dUR0OGdta0RidHBpUm04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtnLED
BAItnLAwDQYJKoZIhvcNAQELBQADggEBAJcmbGDxe7M/8TB2Pxb8v1pCo0T89qOn
QA1schSWIhskMDnxWnvyxevLqgnF5AKsoXb6bJJ3muLPxc+u6SWZ6oJ67oFTyPXH
fWt2KMAKrcj+BLyfqPRTO2jMwLxeQPZ3q3Se9gde4DhPotodVepKQqinm+zeqcOT
xERqd9VMF0G/hQBHs3TtahANJQ8y4XDF68pt2T6CZMosJR6VURlB1qeVML9oWxIL
LRN56mosXgBfpAuSm5GLvsMqqMAUlmLUYsLy3pau9JS/WG97vLbzBHVq10Esq0vp
4Xwwixj1lSr/R2DF5bVNqE4pAwawIqvShQvFvyvl+kBc0Px0wpUX+m8=
-----END CERTIFICATE-----
Generated at Mon Mar 25 21:47:54 2024 by rpki-client on console-ams.rpki-client.org