Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QCXU_yfEuUnJhe-pkDGL7qS6U_w.roa
File: QCXU_yfEuUnJhe-pkDGL7qS6U_w.roa (raw, json)
Hash identifier: PFOeAGXiYN3OdfO3/ifvwN69UxtWJhaz+biDU1M/l5k=
Subject key identifier: 40:25:D4:FF:27:C4:B9:49:C9:85:EF:A9:90:31:8B:EE:A4:BA:53:FC
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018E615419556FF6266ED73FABC544A061A4
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QCXU_yfEuUnJhe-pkDGL7qS6U_w.roa
Signing time: Thu 21 Mar 2024 14:04:45 +0000
ROA not before: Thu 21 Mar 2024 14:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.141.204.0/23 maxlen: 23
45.148.51.0/24 maxlen: 24
45.149.90.0/23 maxlen: 23
45.152.56.0/23 maxlen: 23
195.88.190.0/23 maxlen: 24
195.88.210.0/23 maxlen: 24
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 15 Apr 2024 09:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:54:19:55:6f:f6:26:6e:d7:3f:ab:c5:44:a0:61:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 21 14:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4025d4ff27c4b949c985efa990318beea4ba53fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cd:0f:e6:f5:71:84:6c:d3:f9:7d:45:20:4b:
29:44:8b:c3:9e:6c:59:1c:24:8a:b2:88:cd:54:84:
cb:42:d0:29:0e:a5:36:8e:46:0c:c4:85:4b:df:d2:
e8:c8:1a:c1:5a:17:55:c2:57:08:8a:5c:3a:f9:83:
85:ae:44:50:75:ea:55:6d:7c:5f:26:e9:43:38:58:
f3:8c:1c:f5:6c:59:bf:89:24:89:02:59:80:5b:2a:
80:cc:fe:b0:7c:85:a9:8e:3c:9f:39:fe:34:87:46:
1d:9b:23:5f:dc:83:b2:bc:e8:aa:f1:f0:98:30:e8:
6c:9f:10:da:d9:29:4b:f0:63:db:a6:1f:36:17:82:
ed:95:4a:d4:3e:0f:91:5c:02:f0:e0:5e:14:a0:3e:
63:38:1a:22:a7:5d:79:c0:61:16:98:5a:a7:5f:38:
f4:eb:df:9a:cb:bb:bd:6e:62:8c:8b:46:ba:b1:7a:
5d:25:28:ce:26:18:08:47:23:04:e6:b3:a5:8d:e9:
77:c9:ea:72:2b:2f:0a:c8:64:34:9f:89:19:a4:d7:
d2:17:76:d3:79:e9:70:c1:19:8a:10:77:21:28:e1:
9f:7f:34:92:59:17:9f:d3:47:92:ee:16:27:37:18:
53:9f:aa:63:45:27:bf:2c:e5:63:d5:a7:14:17:42:
23:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:25:D4:FF:27:C4:B9:49:C9:85:EF:A9:90:31:8B:EE:A4:BA:53:FC
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QCXU_yfEuUnJhe-pkDGL7qS6U_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
45.149.90.0/23
45.152.56.0/23
195.88.190.0/23
195.88.210.0/23
IPv6:
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
51:26:6e:5d:95:4c:34:b8:33:96:6f:0f:1b:b7:25:48:e7:12:
f0:9b:2f:4a:98:4b:3e:e5:8b:b9:a2:45:b0:b6:7d:8a:ca:d4:
df:a2:9b:68:2e:2b:5f:6e:9f:56:e8:b9:1c:13:41:11:30:2e:
48:a8:44:4c:6d:f2:b7:25:70:dd:e0:b6:37:a0:87:c3:d0:5d:
c9:6c:26:3b:43:96:aa:8b:a0:ff:5c:27:f1:80:7d:d4:db:71:
2e:0b:c4:08:6e:26:b6:ca:a5:fa:a4:06:aa:b4:db:3c:76:8c:
5c:91:5b:6e:8c:bc:ae:76:d0:8a:5e:73:92:8e:bd:d7:19:94:
15:82:76:1a:27:54:c1:4b:b4:c5:51:3b:b5:b1:9f:d3:6f:5b:
fa:be:d2:93:5d:57:fd:af:77:1d:51:35:1e:6a:8f:dc:c7:fc:
c3:5c:e2:fe:5d:bb:42:bb:e3:4b:fc:a5:7c:ac:5c:9f:0d:ab:
4a:15:f0:c3:9c:d2:d8:dc:f1:ad:2e:e1:7b:9d:a0:4c:13:26:
04:d2:5a:3e:0c:a9:60:67:b9:4b:04:e7:7e:d1:a4:1c:b7:f6:
20:13:8e:a0:43:e5:35:d1:9e:11:3e:6c:03:9e:09:37:d6:a0:
43:c7:4f:93:85:4e:0a:90:92:17:fb:2c:95:3e:80:c6:4c:eb:
56:85:68:ac
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY5hVBlVb/Ymbtc/q8VEoGGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMzIxMTQwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI1ZDRmZjI3YzRiOTQ5Yzk4NWVmYTk5MDMxOGJlZWE0YmE1M2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs0P5vVxhGzT+X1FIEspRIvDnmxZ
HCSKsojNVITLQtApDqU2jkYMxIVL39LoyBrBWhdVwlcIilw6+YOFrkRQdepVbXxf
JulDOFjzjBz1bFm/iSSJAlmAWyqAzP6wfIWpjjyfOf40h0YdmyNf3IOyvOiq8fCY
MOhsnxDa2SlL8GPbph82F4LtlUrUPg+RXALw4F4UoD5jOBoip115wGEWmFqnXzj0
69+ay7u9bmKMi0a6sXpdJSjOJhgIRyME5rOljel3yepyKy8KyGQ0n4kZpNfSF3bT
eelwwRmKEHchKOGffzSSWRef00eS7hYnNxhTn6pjRSe/LOVj1acUF0IjgQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEAl1P8nxLlJyYXvqZAxi+6kulP8MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvUUNYVV95ZkV1VW5KaGUtcGtER0w3cVM2VV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBLY3MAwQA
LZQzAwQBLZVaAwQBLZg4AwQBw1i+AwQBw1jSMA0EAgACMAcDBQIqDzuAMA0GCSqG
SIb3DQEBCwUAA4IBAQBRJm5dlUw0uDOWbw8btyVI5xLwmy9KmEs+5Yu5okWwtn2K
ytTfoptoLitfbp9W6LkcE0ERMC5IqERMbfK3JXDd4LY3oIfD0F3JbCY7Q5aqi6D/
XCfxgH3U23EuC8QIbia2yqX6pAaqtNs8doxckVtujLyudtCKXnOSjr3XGZQVgnYa
J1TBS7TFUTu1sZ/Tb1v6vtKTXVf9r3cdUTUeao/cx/zDXOL+XbtCu+NL/KV8rFyf
DatKFfDDnNLY3PGtLuF7naBMEyYE0lo+DKlgZ7lLBOd+0aQct/YgE46gQ+U10Z4R
PmwDngk31qBDx0+ThU4KkJIX+yyVPoDGTOtWhWis
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org