Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qkU8D4V8A1-Q-5qOhwY9HicfrvM.roa
File: qkU8D4V8A1-Q-5qOhwY9HicfrvM.roa (raw, json)
Hash identifier: XT8GS4fq0LNRMuMNg+lqzwo3qFnU0zQ6DPjn39EOP2c=
Subject key identifier: AA:45:3C:0F:85:7C:03:5F:90:FB:9A:8E:87:06:3D:1E:27:1F:AE:F3
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018E664ADA5576F259A51AD381A391F5584A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qkU8D4V8A1-Q-5qOhwY9HicfrvM.roa
Signing time: Fri 22 Mar 2024 13:12:45 +0000
ROA not before: Fri 22 Mar 2024 13:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211270
IP address blocks: 147.45.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 09:54:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:4a:da:55:76:f2:59:a5:1a:d3:81:a3:91:f5:58:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 22 13:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa453c0f857c035f90fb9a8e87063d1e271faef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a0:c0:4a:0e:ac:31:c8:b8:fd:e3:31:42:a6:
8e:6f:e1:4b:84:dc:13:c7:53:9e:4a:f9:0b:61:cd:
1a:a8:8d:02:2e:85:ad:a0:bf:d2:24:b9:43:25:cd:
ec:83:6f:79:d6:a5:8d:56:52:7a:b6:d7:8c:0f:2b:
9b:3e:ed:79:f7:15:af:ea:c1:ad:cd:61:18:8d:c5:
e4:7c:24:66:14:7e:c0:a4:19:6e:0d:d4:7f:a5:32:
8a:ed:40:a2:c1:0d:9b:ab:7c:23:93:d0:92:68:fa:
ec:7b:9b:cf:14:22:ab:e8:5b:8e:7e:a2:5c:a2:ef:
b5:1f:b2:f8:22:1e:c4:98:7c:99:ae:6a:7b:96:9a:
b7:5e:bf:da:ca:9b:b8:fd:50:1b:23:ee:47:9f:db:
e4:81:97:da:fa:bf:1b:ec:f0:00:82:cc:91:f1:21:
c6:7e:80:95:a1:fb:c6:ad:b3:ee:6d:2b:34:cb:c0:
02:d6:42:94:bf:89:3e:98:e9:94:92:1c:d2:83:28:
4a:19:7b:d1:ba:fd:c5:a3:73:1b:af:1e:8f:ad:6d:
b7:5d:5d:9d:fe:2e:07:7a:32:9d:55:85:b6:16:2f:
0b:75:d2:e9:d5:61:f2:84:4f:3a:a8:57:8a:33:c1:
23:cd:ef:af:ee:19:95:c6:a9:b6:1d:b1:9a:5f:0e:
7d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:45:3C:0F:85:7C:03:5F:90:FB:9A:8E:87:06:3D:1E:27:1F:AE:F3
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qkU8D4V8A1-Q-5qOhwY9HicfrvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.112.0/24
Signature Algorithm: sha256WithRSAEncryption
33:3c:9d:38:d1:6c:a9:e0:f0:67:f0:b4:3e:d4:c0:d8:ee:73:
d5:88:d2:26:f9:5a:4a:24:1a:8e:69:bb:78:16:b6:e4:10:6e:
92:7b:dd:cf:7f:80:04:09:12:06:3d:39:99:85:69:d4:72:aa:
45:07:d6:6c:9d:c0:0c:64:7a:8e:b5:6f:6f:12:b9:cb:aa:9d:
64:78:3b:3f:5f:f2:9b:af:20:ba:6b:19:e9:2c:05:69:3f:0e:
b7:70:4d:45:26:c8:32:b0:2f:7e:3a:25:9f:0e:2d:8a:29:54:
7e:b3:ee:09:63:17:3b:f9:2b:15:88:52:ad:7b:d7:1d:c2:f3:
e7:90:75:db:9d:cf:2e:7b:fd:16:f3:14:61:de:c9:52:5b:bd:
57:e2:2f:02:61:75:fc:eb:76:b0:11:6e:06:e5:89:96:c0:10:
b6:33:e2:82:fe:df:bc:ce:20:2f:69:f8:04:17:bc:19:5e:03:
27:09:2d:4d:f0:d1:71:aa:44:20:e6:13:f0:22:b4:2d:d6:cb:
e4:dc:e8:91:6a:83:f4:05:f8:6b:1c:c8:92:34:b9:53:9e:2e:
1d:de:5e:36:c3:06:7a:0a:4b:3d:0b:0d:23:93:28:a4:e4:aa:
fa:f7:2d:4d:f6:09:50:29:8e:7e:1b:4f:b1:11:ed:81:66:d6:
44:5d:72:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5mStpVdvJZpRrTgaOR9VhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzIyMTMxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQ1M2MwZjg1N2MwMzVmOTBmYjlhOGU4NzA2M2QxZTI3MWZhZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6DASg6sMci4/eMxQqaOb+FLhNwT
x1OeSvkLYc0aqI0CLoWtoL/SJLlDJc3sg2951qWNVlJ6tteMDyubPu159xWv6sGt
zWEYjcXkfCRmFH7ApBluDdR/pTKK7UCiwQ2bq3wjk9CSaPrse5vPFCKr6FuOfqJc
ou+1H7L4Ih7EmHyZrmp7lpq3Xr/aypu4/VAbI+5Hn9vkgZfa+r8b7PAAgsyR8SHG
foCVofvGrbPubSs0y8AC1kKUv4k+mOmUkhzSgyhKGXvRuv3Fo3Mbrx6PrW23XV2d
/i4HejKdVYW2Fi8LddLp1WHyhE86qFeKM8Ejze+v7hmVxqm2HbGaXw59sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpFPA+FfANfkPuajocGPR4nH67zMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvcWtVOEQ0VjhBMS1RLTVxT2h3WTlIaWNmcnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAky1wMA0G
CSqGSIb3DQEBCwUAA4IBAQAzPJ040Wyp4PBn8LQ+1MDY7nPViNIm+VpKJBqOabt4
FrbkEG6Se93Pf4AECRIGPTmZhWnUcqpFB9ZsncAMZHqOtW9vErnLqp1keDs/X/Kb
ryC6axnpLAVpPw63cE1FJsgysC9+OiWfDi2KKVR+s+4JYxc7+SsViFKte9cdwvPn
kHXbnc8ue/0W8xRh3slSW71X4i8CYXX863awEW4G5YmWwBC2M+KC/t+8ziAvafgE
F7wZXgMnCS1N8NFxqkQg5hPwIrQt1svk3OiRaoP0BfhrHMiSNLlTni4d3l42wwZ6
Cks9Cw0jkyik5Kr69y1N9glQKY5+G0+xEe2BZtZEXXIC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org