Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/qb0WoRTyvU7-gJCfJqDZKk_ZK_k.roa
File: qb0WoRTyvU7-gJCfJqDZKk_ZK_k.roa (raw, json)
Hash identifier: AWgOorVXA8VfJxZV7WHDUiQXRbUqKpLNSuMN9f4szJc=
Subject key identifier: A9:BD:16:A1:14:F2:BD:4E:FE:80:90:9F:26:A0:D9:2A:4F:D9:2B:F9
Certificate issuer: /CN=53324ea7bb9ed58d8d7b85d5d1cdc0fe43bce236
Certificate serial: 018611D57ECD1CE26ADCDE24F76ACA67A6C5
Authority key identifier: 53:32:4E:A7:BB:9E:D5:8D:8D:7B:85:D5:D1:CD:C0:FE:43:BC:E2:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/qb0WoRTyvU7-gJCfJqDZKk_ZK_k.roa
Signing time: Thu 02 Feb 2023 11:14:09 +0000
ROA not before: Thu 02 Feb 2023 11:14:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12571
IP address blocks: 45.128.100.0/22 maxlen: 22
212.76.192.0/19 maxlen: 19
212.76.208.0/24 maxlen: 24
2a00:1d48::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:11:d5:7e:cd:1c:e2:6a:dc:de:24:f7:6a:ca:67:a6:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53324ea7bb9ed58d8d7b85d5d1cdc0fe43bce236
Validity
Not Before: Feb 2 11:14:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9bd16a114f2bd4efe80909f26a0d92a4fd92bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:11:54:c4:51:86:cb:b6:e1:a3:f0:16:64:98:
b2:1f:a6:05:0a:77:60:dd:b7:ad:fc:57:e7:17:20:
f6:6d:4e:19:9e:dd:2a:e0:50:0e:a7:87:70:3c:c1:
ed:7f:35:db:91:2f:85:b9:72:9d:50:c8:1e:ea:b0:
16:5a:fe:6e:68:c3:f3:25:00:23:47:0c:a0:98:94:
d5:9b:df:a5:8d:c2:df:25:f2:12:01:6e:a7:b7:aa:
ef:2e:64:b6:0b:cd:f8:13:3a:11:8e:42:0b:02:d9:
07:11:ad:19:48:45:ac:91:c1:9c:f2:19:eb:12:17:
af:90:34:41:74:b5:e3:e4:3a:60:15:0e:9a:b5:51:
15:21:e5:36:cf:70:64:af:e7:bf:3c:8f:ce:a6:ba:
09:ec:9c:0a:fd:1c:af:d5:39:4b:61:eb:10:f4:59:
78:50:23:83:03:22:d8:fb:cc:0a:37:ca:c0:e8:7a:
62:80:fd:32:ab:2c:8a:39:6c:33:bf:77:b9:d4:37:
b0:e6:61:d3:8d:b4:da:7c:52:f2:3d:f1:c1:a3:8c:
bf:c9:fe:68:a9:a8:58:bc:0e:00:c3:4b:ea:0a:3f:
f4:0b:b8:29:9b:1d:e7:52:74:5c:b9:b9:c4:4b:0e:
79:d9:25:c1:c5:05:2a:51:75:1c:7d:d3:90:a0:04:
0b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BD:16:A1:14:F2:BD:4E:FE:80:90:9F:26:A0:D9:2A:4F:D9:2B:F9
X509v3 Authority Key Identifier:
keyid:53:32:4E:A7:BB:9E:D5:8D:8D:7B:85:D5:D1:CD:C0:FE:43:BC:E2:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/qb0WoRTyvU7-gJCfJqDZKk_ZK_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.100.0/22
212.76.192.0/19
IPv6:
2a00:1d48::/32
Signature Algorithm: sha256WithRSAEncryption
21:81:c3:23:4a:a0:90:a6:a3:c9:76:7d:dc:4c:c0:63:ac:2b:
1e:a1:5b:9f:3c:12:92:93:d5:ef:af:0c:c8:77:ec:a6:92:2c:
7f:07:77:b0:87:4f:b8:6e:cb:f9:9d:dd:e9:56:83:02:cb:9f:
40:20:62:5c:77:89:a6:f2:8c:31:89:a8:e4:5a:56:41:30:14:
ae:d6:f7:4e:93:99:e1:b1:a9:ed:ff:d9:d0:de:34:76:06:0e:
62:95:bf:a1:e2:61:f7:f3:99:39:7e:14:5b:84:77:38:1d:6b:
af:6b:b0:a3:7e:91:5b:ed:e3:14:02:6f:ed:56:e8:65:bc:73:
24:f0:ba:d8:4e:a5:90:f2:bc:20:6e:74:55:e5:d7:74:54:1b:
60:e5:ef:94:66:bf:dc:37:ea:ca:be:52:53:39:72:ff:a6:2b:
bc:ea:2f:a5:ac:cf:14:6b:d0:45:f4:e5:9e:fd:e8:ca:ad:31:
56:0f:f0:97:9b:62:bb:a7:66:92:6d:10:ce:a1:86:f7:1c:8d:
8d:92:73:ea:f1:52:d9:c3:40:52:c3:74:d2:b9:e6:f4:bd:6e:
93:37:dc:be:6e:24:14:f8:33:de:79:52:6c:18:08:a3:50:95:
22:c9:fd:ad:ff:82:61:34:42:4a:d9:0b:86:1f:5f:2f:b0:4f:
cf:4a:20:f6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYYR1X7NHOJq3N4k92rKZ6bFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzI0ZWE3YmI5ZWQ1OGQ4ZDdiODVkNWQxY2RjMGZlNDNi
Y2UyMzYwHhcNMjMwMjAyMTExNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWJkMTZhMTE0ZjJiZDRlZmU4MDkwOWYyNmEwZDkyYTRmZDkyYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRFUxFGGy7bho/AWZJiyH6YFCndg
3bet/FfnFyD2bU4Znt0q4FAOp4dwPMHtfzXbkS+FuXKdUMge6rAWWv5uaMPzJQAj
RwygmJTVm9+ljcLfJfISAW6nt6rvLmS2C834EzoRjkILAtkHEa0ZSEWskcGc8hnr
EhevkDRBdLXj5DpgFQ6atVEVIeU2z3Bkr+e/PI/OproJ7JwK/Ryv1TlLYesQ9Fl4
UCODAyLY+8wKN8rA6HpigP0yqyyKOWwzv3e51Dew5mHTjbTafFLyPfHBo4y/yf5o
qahYvA4Aw0vqCj/0C7gpmx3nUnRcubnESw552SXBxQUqUXUcfdOQoAQLrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKm9FqEU8r1O/oCQnyag2SpP2Sv5MB8GA1UdIwQY
MBaAFFMyTqe7ntWNjXuF1dHNwP5DvOI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXpKT3A3dWUxWTJOZTRYVjBjM0Ffa084NGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82NTUwODAtYTQ4OC00ZWJlLWE0NzEt
Mjg4ZmNkZjBjZDBiLzEvcWIwV29SVHl2VTctZ0pDZkpxRFpLa19aS19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82NTUwODAtYTQ4OC00ZWJlLWE0NzEtMjg4ZmNkZjBjZDBi
LzEvVXpKT3A3dWUxWTJOZTRYVjBjM0Ffa084NGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYBkAwQF
1EzAMA0EAgACMAcDBQAqAB1IMA0GCSqGSIb3DQEBCwUAA4IBAQAhgcMjSqCQpqPJ
dn3cTMBjrCseoVufPBKSk9XvrwzId+ymkix/B3ewh0+4bsv5nd3pVoMCy59AIGJc
d4mm8owxiajkWlZBMBSu1vdOk5nhsant/9nQ3jR2Bg5ilb+h4mH385k5fhRbhHc4
HWuva7CjfpFb7eMUAm/tVuhlvHMk8LrYTqWQ8rwgbnRV5dd0VBtg5e+UZr/cN+rK
vlJTOXL/piu86i+lrM8Ua9BF9OWe/ejKrTFWD/CXm2K7p2aSbRDOoYb3HI2NknPq
8VLZw0BSw3TSueb0vW6TN9y+biQU+DPeeVJsGAijUJUiyf2t/4JhNEJK2QuGH18v
sE/PSiD2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:53 2024 by rpki-client on console-fra.rpki-client.org