Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qTVxIauXdhixWIdIuqDwQ5V2L0M.roa
File: qTVxIauXdhixWIdIuqDwQ5V2L0M.roa (raw, json)
Hash identifier: j4+94A3YiPkbGDFY8whWzxds4Ztv1IblqKPBCpUXkQk=
Subject key identifier: A9:35:71:21:AB:97:76:18:B1:58:87:48:BA:A0:F0:43:95:76:2F:43
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E5BF5E55D9A91758FEFA50AB35A28E22E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qTVxIauXdhixWIdIuqDwQ5V2L0M.roa
Signing time: Wed 20 Mar 2024 13:03:45 +0000
ROA not before: Wed 20 Mar 2024 13:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 45.151.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 12:18:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:f5:e5:5d:9a:91:75:8f:ef:a5:0a:b3:5a:28:e2:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 20 13:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9357121ab977618b1588748baa0f04395762f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e2:48:02:6a:fc:6e:fc:de:54:ff:52:bf:25:
08:f5:29:25:62:97:d1:04:c9:63:1d:13:4a:7c:74:
3a:cd:0a:a8:45:f6:e1:1e:7e:85:29:9b:2c:97:8a:
49:8e:db:dc:f4:aa:18:6d:f7:c3:bf:c4:f5:1d:ff:
87:6d:29:c9:01:1b:1c:c3:f6:50:e0:c1:e3:9a:03:
32:3a:d0:21:d0:2f:2d:82:5c:16:a7:cf:64:8d:2a:
58:9e:fc:2c:e1:e6:eb:04:f3:60:3a:83:44:78:3a:
e4:a9:1c:9f:99:ab:73:3c:23:9e:19:f8:c8:06:98:
2d:6e:1f:0e:ba:bc:d5:df:3f:03:52:d9:2a:a4:6a:
f8:2f:17:c3:82:e1:7d:8b:9b:5a:83:20:db:9e:4a:
48:03:42:4f:82:3e:44:f0:8a:e3:82:84:2a:7b:09:
33:5b:1c:c8:df:6b:0a:ab:08:01:3f:b6:1e:4b:cd:
9c:88:54:0d:f7:00:f7:90:32:39:54:5c:18:94:0f:
07:3e:5e:6d:59:c5:e1:7a:9b:3a:ef:3c:27:a7:d7:
50:88:40:bb:8b:70:39:9a:e3:4e:08:bb:dc:b2:60:
7e:f6:c8:42:1d:12:03:03:4d:c9:0d:c8:33:58:45:
f8:38:c1:01:05:5b:0c:6f:36:d2:0b:56:4f:55:9e:
6d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:35:71:21:AB:97:76:18:B1:58:87:48:BA:A0:F0:43:95:76:2F:43
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qTVxIauXdhixWIdIuqDwQ5V2L0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.3.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3f:1d:bb:b5:5d:1f:cf:22:b5:21:71:a3:8f:d4:fa:c2:f2:
87:ad:e5:44:a1:f4:bc:be:89:50:46:99:34:e3:6d:90:c0:58:
57:5e:07:88:99:18:49:4e:ac:4e:3f:42:12:dd:51:bc:23:c9:
3b:5f:34:0b:c5:cc:47:9e:06:79:d3:02:3e:0f:4e:1a:53:0a:
3f:10:0a:90:54:0c:13:1a:e5:88:52:16:34:a8:b4:ea:e5:4d:
51:76:f2:d6:3a:d5:94:02:a7:79:7e:f2:95:db:6c:cd:e4:2f:
b2:0f:f5:32:8c:3f:5e:a5:e4:0a:8a:c9:fe:5c:a5:2d:72:94:
66:7f:f7:c2:11:af:65:41:f3:77:67:f4:60:d5:ee:80:e8:44:
ed:3f:8b:40:8b:6d:7c:69:44:67:72:8e:f0:55:22:c1:5e:39:
61:5c:a4:23:43:2c:90:c2:e9:1e:ba:2c:07:5c:93:9c:40:cf:
98:6b:15:46:a9:79:94:8f:39:65:38:9b:71:b0:66:52:6e:dc:
12:26:25:b0:21:35:72:d4:0a:db:1b:ca:16:18:1e:7f:8f:e7:
be:14:53:cb:b3:34:75:d9:08:57:8b:16:23:28:c4:cb:0d:03:
b3:0c:74:71:7d:d9:8c:7f:00:37:ca:5f:9d:3c:c6:25:28:5e:
9e:5f:5f:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5b9eVdmpF1j++lCrNaKOIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzIwMTMwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM1NzEyMWFiOTc3NjE4YjE1ODg3NDhiYWEwZjA0Mzk1NzYyZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+JIAmr8bvzeVP9SvyUI9SklYpfR
BMljHRNKfHQ6zQqoRfbhHn6FKZssl4pJjtvc9KoYbffDv8T1Hf+HbSnJARscw/ZQ
4MHjmgMyOtAh0C8tglwWp89kjSpYnvws4ebrBPNgOoNEeDrkqRyfmatzPCOeGfjI
Bpgtbh8OurzV3z8DUtkqpGr4LxfDguF9i5tagyDbnkpIA0JPgj5E8IrjgoQqewkz
WxzI32sKqwgBP7YeS82ciFQN9wD3kDI5VFwYlA8HPl5tWcXheps67zwnp9dQiEC7
i3A5muNOCLvcsmB+9shCHRIDA03JDcgzWEX4OMEBBVsMbzbSC1ZPVZ5tmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKk1cSGrl3YYsViHSLqg8EOVdi9DMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcVRWeElhdVhkaGl4V0lkSXVxRHdRNVYyTDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZcDMA0G
CSqGSIb3DQEBCwUAA4IBAQCePx27tV0fzyK1IXGjj9T6wvKHreVEofS8volQRpk0
422QwFhXXgeImRhJTqxOP0IS3VG8I8k7XzQLxcxHngZ50wI+D04aUwo/EAqQVAwT
GuWIUhY0qLTq5U1RdvLWOtWUAqd5fvKV22zN5C+yD/UyjD9epeQKisn+XKUtcpRm
f/fCEa9lQfN3Z/Rg1e6A6ETtP4tAi218aURnco7wVSLBXjlhXKQjQyyQwukeuiwH
XJOcQM+YaxVGqXmUjzllOJtxsGZSbtwSJiWwITVy1ArbG8oWGB5/j+e+FFPLszR1
2QhXixYjKMTLDQOzDHRxfdmMfwA3yl+dPMYlKF6eX1+E
-----END CERTIFICATE-----
Generated at Thu Apr 25 15:37:21 2024 by rpki-client on console-ams.rpki-client.org