Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/qhOCAYqcjqlXfKG5VwrZYQMSpxU.roa
File: qhOCAYqcjqlXfKG5VwrZYQMSpxU.roa (raw, json)
Hash identifier: NviEeCKLxCNxL7ESRrtJ40QzE8+1SXf3ZaEd5/MjXgY=
Subject key identifier: AA:13:82:01:8A:9C:8E:A9:57:7C:A1:B9:57:0A:D9:61:03:12:A7:15
Certificate issuer: /CN=92479cae284765d628044119009880d28a7560b1
Certificate serial: 01856F3930FF607481D288AAD3768998EF5E
Authority key identifier: 92:47:9C:AE:28:47:65:D6:28:04:41:19:00:98:80:D2:8A:75:60:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kkecrihHZdYoBEEZAJiA0op1YLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/qhOCAYqcjqlXfKG5VwrZYQMSpxU.roa
Signing time: Sun 01 Jan 2023 21:24:57 +0000
ROA not before: Sun 01 Jan 2023 21:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208929
IP address blocks: 45.15.88.0/22 maxlen: 22
2a0e:2380::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:30:ff:60:74:81:d2:88:aa:d3:76:89:98:ef:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92479cae284765d628044119009880d28a7560b1
Validity
Not Before: Jan 1 21:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1382018a9c8ea9577ca1b9570ad9610312a715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ac:67:7b:a9:cc:66:f3:5a:e9:ac:c7:59:a2:
9f:a8:7e:a3:46:88:3e:98:1f:85:b2:37:47:7e:b5:
31:b8:b7:7f:ba:08:9d:8d:c6:3a:53:79:04:f1:10:
44:bf:ab:c2:6d:03:f4:bf:9d:ce:0c:3a:3f:eb:0b:
ae:4d:6d:27:15:f8:8b:c0:7b:5a:13:4e:93:0a:7e:
91:cd:78:0b:43:83:e4:3f:66:84:a0:13:77:ba:9e:
05:0c:75:89:d3:d6:3f:4c:69:92:30:6c:9f:08:b5:
58:85:1a:f1:d7:b7:0e:10:58:fb:d3:3b:b0:69:da:
2b:86:3a:50:75:1e:4b:ed:18:f2:ec:c9:f8:30:67:
9e:5c:7d:10:78:00:e3:f5:2a:4e:f0:21:90:50:c3:
83:4c:d4:d2:b1:cf:4b:c2:ed:8b:e1:1e:b7:66:6e:
21:78:c8:f6:0b:12:3b:60:fd:7e:b0:43:a7:81:70:
ef:7f:92:34:0c:31:51:b8:3c:47:09:d3:38:d0:e5:
66:7a:f5:42:97:92:36:5e:82:fa:26:a1:9d:4a:9d:
32:b0:df:cd:27:8e:8d:33:29:f5:9f:59:b3:f8:ea:
23:03:a0:75:a7:63:1f:86:81:c9:89:b0:8b:b5:d7:
81:dc:cb:1a:4e:ab:bd:d7:04:20:75:09:f2:59:2e:
7d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:13:82:01:8A:9C:8E:A9:57:7C:A1:B9:57:0A:D9:61:03:12:A7:15
X509v3 Authority Key Identifier:
keyid:92:47:9C:AE:28:47:65:D6:28:04:41:19:00:98:80:D2:8A:75:60:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkecrihHZdYoBEEZAJiA0op1YLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/qhOCAYqcjqlXfKG5VwrZYQMSpxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/058220-596e-480a-a058-0246868aa0ed/1/kkecrihHZdYoBEEZAJiA0op1YLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.88.0/22
IPv6:
2a0e:2380::/32
Signature Algorithm: sha256WithRSAEncryption
8c:1b:10:ac:19:a8:9d:93:e8:c3:c8:8b:b2:c2:2e:5e:4f:8a:
87:87:0b:c7:85:30:9f:16:2f:f1:6b:ca:00:8f:75:af:70:1c:
b5:a7:92:23:55:d8:b5:05:9f:68:75:13:53:65:a5:b5:68:cf:
a1:57:6c:df:32:3c:b0:e1:28:fe:1f:a1:02:ab:8d:a1:5d:66:
0a:d8:43:d4:95:3f:c9:b7:c9:e4:8a:ec:e6:70:32:64:ca:d5:
99:35:7d:ca:ab:f9:79:83:7d:97:af:39:d9:4f:98:57:62:07:
02:2e:0d:8f:3a:c2:e8:fe:7e:ee:dc:37:62:f9:ee:2a:f5:f8:
3a:30:42:dd:6a:21:1f:b2:4a:1c:f4:6c:fd:fd:e7:4d:b0:f7:
85:54:cd:11:36:d1:92:4f:f2:89:36:7c:bc:6d:61:ad:01:1b:
57:db:50:95:83:c0:45:8d:b6:96:69:06:06:7b:41:10:4b:7e:
76:d3:62:9d:03:84:83:b1:57:f8:66:91:99:27:c5:6c:74:7f:
6e:c0:c0:7c:d8:29:a1:c0:fc:b3:20:eb:c8:ab:7b:ff:f6:79:
65:d1:e8:da:5d:4b:1a:94:46:11:96:41:c7:46:97:9f:98:bf:
af:90:a0:b4:c9:a2:27:7e:6d:f7:e8:80:71:db:77:f7:b8:6e:
89:85:02:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOTD/YHSB0oiq03aJmO9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDc5Y2FlMjg0NzY1ZDYyODA0NDExOTAwOTg4MGQyOGE3
NTYwYjEwHhcNMjMwMTAxMjEyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTEzODIwMThhOWM4ZWE5NTc3Y2ExYjk1NzBhZDk2MTAzMTJhNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKxne6nMZvNa6azHWaKfqH6jRog+
mB+FsjdHfrUxuLd/ugidjcY6U3kE8RBEv6vCbQP0v53ODDo/6wuuTW0nFfiLwHta
E06TCn6RzXgLQ4PkP2aEoBN3up4FDHWJ09Y/TGmSMGyfCLVYhRrx17cOEFj70zuw
adorhjpQdR5L7Rjy7Mn4MGeeXH0QeADj9SpO8CGQUMODTNTSsc9Lwu2L4R63Zm4h
eMj2CxI7YP1+sEOngXDvf5I0DDFRuDxHCdM40OVmevVCl5I2XoL6JqGdSp0ysN/N
J46NMyn1n1mz+OojA6B1p2MfhoHJibCLtdeB3MsaTqu91wQgdQnyWS59qQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKoTggGKnI6pV3yhuVcK2WEDEqcVMB8GA1UdIwQY
MBaAFJJHnK4oR2XWKARBGQCYgNKKdWCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2tlY3JpaEhaZFlvQkVFWkFKaUEwb3AxWUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8wNTgyMjAtNTk2ZS00ODBhLWEwNTgt
MDI0Njg2OGFhMGVkLzEvcWhPQ0FZcWNqcWxYZktHNVZ3clpZUU1TcHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8wNTgyMjAtNTk2ZS00ODBhLWEwNTgtMDI0Njg2OGFhMGVk
LzEva2tlY3JpaEhaZFlvQkVFWkFKaUEwb3AxWUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ9YMA0E
AgACMAcDBQAqDiOAMA0GCSqGSIb3DQEBCwUAA4IBAQCMGxCsGaidk+jDyIuywi5e
T4qHhwvHhTCfFi/xa8oAj3WvcBy1p5IjVdi1BZ9odRNTZaW1aM+hV2zfMjyw4Sj+
H6ECq42hXWYK2EPUlT/Jt8nkiuzmcDJkytWZNX3Kq/l5g32XrznZT5hXYgcCLg2P
OsLo/n7u3Ddi+e4q9fg6MELdaiEfskoc9Gz9/edNsPeFVM0RNtGST/KJNny8bWGt
ARtX21CVg8BFjbaWaQYGe0EQS35202KdA4SDsVf4ZpGZJ8VsdH9uwMB82CmhwPyz
IOvIq3v/9nll0ejaXUsalEYRlkHHRpefmL+vkKC0yaInfm336IBx23f3uG6JhQJg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:38 2024 by rpki-client on console-fra.rpki-client.org