Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/cqGH5JE-33X-3Lt8PViJkG0d8bQ.roa
File: cqGH5JE-33X-3Lt8PViJkG0d8bQ.roa (raw, json)
Hash identifier: 9ixZd2PiJWu5O3uATKH/ZX/Q8i8yfpa447OCnGkkvbA=
Subject key identifier: 72:A1:87:E4:91:3E:DF:75:FE:DC:BB:7C:3D:58:89:90:6D:1D:F1:B4
Certificate issuer: /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial: 01856EF8E89A45F47EEF96F19D11EFB1FBFF
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/cqGH5JE-33X-3Lt8PViJkG0d8bQ.roa
Signing time: Sun 01 Jan 2023 20:14:44 +0000
ROA not before: Sun 01 Jan 2023 20:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211826
IP address blocks: 45.95.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Mar 2023 07:39:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f8:e8:9a:45:f4:7e:ef:96:f1:9d:11:ef:b1:fb:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Validity
Not Before: Jan 1 20:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72a187e4913edf75fedcbb7c3d5889906d1df1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5e:0e:68:30:90:bf:81:cb:2a:54:ab:ad:97:
3a:14:2e:ff:fd:9e:fb:f3:18:5a:37:17:38:09:8c:
26:27:fd:e7:70:72:cc:e8:09:09:f6:17:dd:46:af:
65:c4:78:52:e8:3d:bc:ef:1e:78:f8:4e:74:58:d4:
39:3e:7f:e7:9b:86:b1:4e:d0:12:b5:18:b3:18:55:
a1:ab:3b:72:f5:74:2c:57:40:eb:46:e0:14:72:a8:
ab:50:4b:d9:b0:eb:f3:87:9e:4d:f2:7e:6d:13:40:
a2:1a:23:f2:4c:29:31:ec:58:37:3b:7c:ae:38:2b:
43:1d:f9:2b:a2:83:f3:3b:3b:7d:50:fa:7d:8a:4f:
ae:91:a0:a8:ec:fe:30:9a:74:b0:78:98:8e:80:01:
7d:e6:a4:e2:2f:61:ee:a7:59:82:9d:48:d3:bb:8f:
52:95:9c:f2:42:3d:c8:aa:37:3d:82:94:dd:e9:6e:
3e:f3:e5:de:68:ad:1a:4b:71:bf:c7:75:ad:cb:e6:
7f:dd:1c:cd:5a:0d:aa:51:48:85:61:d5:b2:47:03:
e8:1f:b1:76:27:ac:06:e9:bc:d2:ac:30:2d:ec:79:
6d:e0:58:e7:7e:66:57:f1:58:7e:f6:11:84:e5:60:
f1:ba:f0:18:8a:54:7f:3b:65:31:e5:49:e3:02:69:
30:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A1:87:E4:91:3E:DF:75:FE:DC:BB:7C:3D:58:89:90:6D:1D:F1:B4
X509v3 Authority Key Identifier:
keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/cqGH5JE-33X-3Lt8PViJkG0d8bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.114.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ca:aa:17:80:f4:47:c7:b9:cf:1f:22:c6:41:41:c4:a8:b4:
7f:9b:55:ab:b6:e5:8f:45:26:7a:52:c4:a2:e3:30:8a:df:34:
48:02:b5:08:34:c0:27:5f:51:d1:3d:ee:cc:cb:61:3d:93:86:
17:63:7d:61:73:f8:cf:e7:a0:3d:a6:4f:58:52:0c:0b:f7:a4:
3d:07:7d:12:e5:b7:24:27:43:6f:1e:5e:df:b8:23:b0:c4:7a:
73:c5:7f:35:61:87:af:03:0d:e9:e4:8e:38:df:32:9c:e5:79:
ea:99:35:f1:72:04:9d:f6:65:8a:6d:06:ed:57:8c:1d:92:0b:
e6:73:98:99:18:8b:64:8f:a9:b9:f0:60:cd:fe:07:1c:8a:2e:
da:b7:8c:47:c5:38:b7:6b:4c:bd:8b:b1:70:88:50:98:42:47:
72:61:0e:bf:03:ae:bb:47:9b:a5:06:a0:bb:7f:ef:e9:ea:ac:
03:02:a1:c8:ea:b9:fb:0c:68:15:6f:9c:84:f2:18:b1:67:6d:
b4:e5:fb:6f:35:62:64:fc:68:04:b0:3b:23:46:88:d1:ff:a5:
49:48:2f:f1:61:48:9c:0c:27:80:2f:46:3c:e4:66:fc:7a:7b:
14:d3:95:78:dd:a9:51:40:0c:5d:6e:1d:4d:ac:df:1c:2f:c3:
79:e2:65:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu+OiaRfR+75bxnRHvsfv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmVlN2NiZDhlNzhkMWYxNGE0NTNhMDRiOTE2ZjdjMTU4
MWQyMDQwHhcNMjMwMTAxMjAxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmExODdlNDkxM2VkZjc1ZmVkY2JiN2MzZDU4ODk5MDZkMWRmMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl4OaDCQv4HLKlSrrZc6FC7//Z77
8xhaNxc4CYwmJ/3ncHLM6AkJ9hfdRq9lxHhS6D287x54+E50WNQ5Pn/nm4axTtAS
tRizGFWhqzty9XQsV0DrRuAUcqirUEvZsOvzh55N8n5tE0CiGiPyTCkx7Fg3O3yu
OCtDHfkrooPzOzt9UPp9ik+ukaCo7P4wmnSweJiOgAF95qTiL2Hup1mCnUjTu49S
lZzyQj3Iqjc9gpTd6W4+8+XeaK0aS3G/x3Wty+Z/3RzNWg2qUUiFYdWyRwPoH7F2
J6wG6bzSrDAt7Hlt4FjnfmZX8Vh+9hGE5WDxuvAYilR/O2Ux5UnjAmkwTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKhh+SRPt91/ty7fD1YiZBtHfG0MB8GA1UdIwQY
MBaAFJn+58vY540fFKRToEuRb3wVgdIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTct
MWMyMmVmZjcyODE4LzEvY3FHSDVKRS0zM1gtM0x0OFBWaUprRzBkOGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTctMWMyMmVmZjcyODE4
LzEvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV9yMA0G
CSqGSIb3DQEBCwUAA4IBAQCIyqoXgPRHx7nPHyLGQUHEqLR/m1WrtuWPRSZ6UsSi
4zCK3zRIArUINMAnX1HRPe7My2E9k4YXY31hc/jP56A9pk9YUgwL96Q9B30S5bck
J0NvHl7fuCOwxHpzxX81YYevAw3p5I443zKc5XnqmTXxcgSd9mWKbQbtV4wdkgvm
c5iZGItkj6m58GDN/gccii7at4xHxTi3a0y9i7FwiFCYQkdyYQ6/A667R5ulBqC7
f+/p6qwDAqHI6rn7DGgVb5yE8hixZ2205ftvNWJk/GgEsDsjRojR/6VJSC/xYUic
DCeAL0Y85Gb8ensU05V43alRQAxdbh1NrN8cL8N54mVz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:37 2024 by rpki-client on console-ams.rpki-client.org