Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gqzPHTe8QliNftg9vuYKiQp7SAE.roa
File: gqzPHTe8QliNftg9vuYKiQp7SAE.roa (raw, json)
Hash identifier: aPF3tfKyRp+bivbY1X07uqkPohRuqz+ctX2Idm7JD7w=
Subject key identifier: 82:AC:CF:1D:37:BC:42:58:8D:7E:D8:3D:BE:E6:0A:89:0A:7B:48:01
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019422FBB447A3EC7E1E38E18E0D1CF64D56
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gqzPHTe8QliNftg9vuYKiQp7SAE.roa
Signing time: Wed 01 Jan 2025 17:48:28 +0000
ROA not before: Wed 01 Jan 2025 17:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 45.9.30.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 20:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b4:47:a3:ec:7e:1e:38:e1:8e:0d:1c:f6:4d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 17:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82accf1d37bc42588d7ed83dbee60a890a7b4801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0b:60:8d:bf:24:7b:1c:e6:b5:e7:c3:64:ea:
0b:24:b7:41:08:a9:f3:86:5c:e2:0e:7a:8f:18:5d:
ba:6e:77:19:09:91:a6:2f:ff:6c:41:e9:0c:bc:1b:
a6:5e:31:6c:ee:f6:e2:01:a9:aa:ca:31:55:b3:43:
af:50:43:69:d9:ee:03:ba:e3:d0:09:2a:85:70:6f:
54:44:92:11:df:96:ba:21:9b:74:bc:df:ea:b1:72:
b2:b0:d2:0a:6f:c4:e1:44:d3:f8:63:55:33:a9:67:
12:a0:a0:87:96:a1:89:ae:03:5b:5f:1a:3e:f7:89:
8c:41:b9:23:6b:f8:48:b8:df:b3:6c:3b:e8:f5:38:
45:76:be:11:09:fc:e8:f0:3a:1d:c4:f1:39:64:c6:
55:44:99:f7:80:b4:41:22:63:2c:10:48:f7:6f:cf:
3f:82:02:b1:b9:5c:bb:bb:55:17:99:17:6e:25:99:
2b:e5:a4:70:4b:70:f8:ed:98:1b:6a:84:e6:6e:ed:
11:f4:10:51:b5:19:cb:c9:b4:fb:d0:0a:06:17:4a:
36:0b:92:dd:e6:92:13:bd:07:ab:17:bf:fe:75:4a:
29:f6:96:06:a1:7e:5c:55:11:70:a9:bc:02:c5:19:
13:c8:24:22:4e:ac:71:b3:ed:5f:25:59:25:54:00:
1a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:AC:CF:1D:37:BC:42:58:8D:7E:D8:3D:BE:E6:0A:89:0A:7B:48:01
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gqzPHTe8QliNftg9vuYKiQp7SAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.13.190.0/24
45.144.213.0/24
Signature Algorithm: sha256WithRSAEncryption
62:c2:84:27:33:49:4c:6b:6c:2d:45:8e:ec:bb:07:be:c5:e8:
da:ea:10:5d:4f:e8:35:c9:a5:e0:af:1a:da:36:61:7e:da:eb:
a5:8b:d3:5a:c4:7a:52:7d:98:97:be:3f:07:58:ee:77:24:94:
31:28:7d:9d:13:04:50:ff:37:54:81:e8:ec:57:8a:b6:82:f6:
84:58:f5:e4:e5:f1:35:ed:2f:97:1c:51:35:f0:c7:b6:82:13:
1a:1a:03:df:92:2b:31:83:cc:3c:4d:20:09:8e:c8:23:69:5b:
38:12:e9:cd:1b:71:23:f4:72:8a:26:a4:91:cf:8f:f7:92:4b:
a4:02:99:b3:71:77:4b:a6:96:27:04:0d:89:2b:99:34:b7:16:
4d:3f:2c:87:81:3a:13:a0:58:76:55:ad:b6:73:18:55:b3:63:
29:44:6a:b6:0d:af:eb:fa:e7:86:44:f6:3f:ad:f1:71:25:d8:
e3:f1:43:b3:73:88:68:56:75:af:55:77:e5:41:84:47:74:4c:
a6:31:d6:db:dd:9f:1f:e5:0b:26:8a:ca:c5:f5:42:46:f1:8a:
d0:51:e9:0d:db:fa:df:ff:d6:44:a5:a3:46:21:74:fe:c9:d2:
1c:78:67:7d:6a:1b:53:64:9e:23:34:f2:56:e5:56:61:a7:86:
8a:46:da:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+7RHo+x+Hjjhjg0c9k1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTAxMTc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmFjY2YxZDM3YmM0MjU4OGQ3ZWQ4M2RiZWU2MGE4OTBhN2I0ODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngtgjb8kexzmtefDZOoLJLdBCKnz
hlziDnqPGF26bncZCZGmL/9sQekMvBumXjFs7vbiAamqyjFVs0OvUENp2e4DuuPQ
CSqFcG9URJIR35a6IZt0vN/qsXKysNIKb8ThRNP4Y1UzqWcSoKCHlqGJrgNbXxo+
94mMQbkja/hIuN+zbDvo9ThFdr4RCfzo8DodxPE5ZMZVRJn3gLRBImMsEEj3b88/
ggKxuVy7u1UXmRduJZkr5aRwS3D47ZgbaoTmbu0R9BBRtRnLybT70AoGF0o2C5Ld
5pITvQerF7/+dUop9pYGoX5cVRFwqbwCxRkTyCQiTqxxs+1fJVklVAAabwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIKszx03vEJYjX7YPb7mCokKe0gBMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZ3F6UEhUZThRbGlOZnRnOXZ1WUtpUXA3U0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQkeAwQA
LQ2+AwQALZDVMA0GCSqGSIb3DQEBCwUAA4IBAQBiwoQnM0lMa2wtRY7suwe+xeja
6hBdT+g1yaXgrxraNmF+2uuli9NaxHpSfZiXvj8HWO53JJQxKH2dEwRQ/zdUgejs
V4q2gvaEWPXk5fE17S+XHFE18Me2ghMaGgPfkisxg8w8TSAJjsgjaVs4EunNG3Ej
9HKKJqSRz4/3kkukApmzcXdLppYnBA2JK5k0txZNPyyHgToToFh2Va22cxhVs2Mp
RGq2Da/r+ueGRPY/rfFxJdjj8UOzc4hoVnWvVXflQYRHdEymMdbb3Z8f5QsmisrF
9UJG8YrQUekN2/rf/9ZEpaNGIXT+ydIceGd9ahtTZJ4jNPJW5VZhp4aKRto0
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:27 2025 by rpki-client