Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/qLDCR-YK2SybamhiwLRLSXYmP3Y.roa
File: qLDCR-YK2SybamhiwLRLSXYmP3Y.roa (raw, json)
Hash identifier: +yLa2Ino2CzrGvoXoNrUK2QXA60N+efQRcPx5fGx2vg=
Subject key identifier: A8:B0:C2:47:E6:0A:D9:2C:9B:6A:68:62:C0:B4:4B:49:76:26:3F:76
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348A94862E3843DF54068B4317DF7A7
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/qLDCR-YK2SybamhiwLRLSXYmP3Y.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8038
IP address blocks: 45.152.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 21:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a9:48:62:e3:84:3d:f5:40:68:b4:31:7d:f7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8b0c247e60ad92c9b6a6862c0b44b4976263f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:2a:ea:59:0d:ef:00:49:3a:d5:13:e8:9b:
5b:3f:8b:fb:8d:ec:f6:b6:72:61:b9:36:75:b8:c1:
f2:df:fc:ab:89:cd:6a:bb:2d:88:e8:e8:e3:75:37:
d5:da:56:60:ef:42:38:d2:e0:e8:6c:ce:e3:27:2c:
33:b0:9b:2e:20:b0:54:b6:3e:fd:a8:ce:9a:a4:f1:
05:79:50:d0:8f:2b:56:68:28:43:69:0a:e1:14:7e:
07:49:0c:d6:75:77:54:24:9b:e9:a4:3c:b6:16:27:
b4:b8:6d:05:37:db:87:3e:93:2e:97:b4:91:33:ae:
15:69:76:ea:48:8e:f2:43:63:85:80:fc:64:5f:20:
6e:e0:6f:22:ea:e8:ec:b1:87:ca:e3:cb:9c:98:be:
e8:33:c6:68:70:9e:46:d4:33:d3:25:79:5c:7b:56:
8b:38:36:9e:f9:0f:31:68:2a:8e:2f:d7:a3:4f:0e:
19:72:65:18:0d:3b:76:b7:3f:a4:ed:86:be:cc:ba:
22:80:d8:52:9f:a6:ad:16:7f:1a:cd:0f:6f:cd:b4:
28:87:2b:15:92:c0:7a:7f:6a:39:6e:7f:27:60:b1:
f7:54:ab:7d:0f:fb:d4:ba:bd:1f:7e:22:08:52:90:
74:ea:db:0f:94:12:70:10:61:b2:1c:54:51:78:62:
bb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B0:C2:47:E6:0A:D9:2C:9B:6A:68:62:C0:B4:4B:49:76:26:3F:76
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/qLDCR-YK2SybamhiwLRLSXYmP3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.148.0/24
Signature Algorithm: sha256WithRSAEncryption
57:60:42:74:7d:07:d1:3b:e1:63:27:61:1e:53:f9:af:51:b8:
3d:82:a8:e2:2e:9f:c8:34:31:36:f1:c7:6d:24:18:eb:f3:dd:
f8:d8:e1:6e:22:28:3a:15:a3:79:7d:70:df:33:8c:b9:af:ee:
b8:47:13:1a:f4:0c:00:c2:17:c1:d3:a5:26:8d:b5:82:db:de:
81:47:1c:7b:e5:9e:ba:45:9c:ab:5f:1c:ef:2e:e0:e4:c4:04:
98:82:71:d2:7b:a9:72:08:ca:45:f9:07:b1:1a:ba:98:73:61:
48:70:e3:50:6a:d0:eb:ab:7e:4c:c4:a7:c8:48:3e:1e:86:4c:
01:e5:66:cc:47:68:ee:df:d9:f4:0a:0d:31:75:08:f6:5f:d2:
0b:f9:55:34:56:83:93:85:60:30:98:f8:40:58:05:d8:26:48:
97:46:09:f4:5a:16:dd:8e:8c:de:ac:20:24:19:65:e9:f5:eb:
c1:c0:6e:68:cc:5f:c7:b4:55:f4:c2:0e:eb:97:3b:3a:28:35:
89:aa:2e:62:2d:5d:6e:93:36:c2:31:64:b1:75:27:02:20:20:
16:17:9d:ab:0b:e7:d7:ce:b1:68:8a:6a:24:e3:5e:e6:6a:2d:
07:4e:d2:fc:79:cc:0e:a8:3c:43:b9:6d:38:7c:c4:b5:1a:5b:
d5:8d:a1:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSKlIYuOEPfVAaLQxffenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGIwYzI0N2U2MGFkOTJjOWI2YTY4NjJjMGI0NGI0OTc2MjYzZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkUq6lkN7wBJOtUT6JtbP4v7jez2
tnJhuTZ1uMHy3/yric1quy2I6OjjdTfV2lZg70I40uDobM7jJywzsJsuILBUtj79
qM6apPEFeVDQjytWaChDaQrhFH4HSQzWdXdUJJvppDy2Fie0uG0FN9uHPpMul7SR
M64VaXbqSI7yQ2OFgPxkXyBu4G8i6ujssYfK48ucmL7oM8ZocJ5G1DPTJXlce1aL
ODae+Q8xaCqOL9ejTw4ZcmUYDTt2tz+k7Ya+zLoigNhSn6atFn8azQ9vzbQohysV
ksB6f2o5bn8nYLH3VKt9D/vUur0ffiIIUpB06tsPlBJwEGGyHFRReGK7kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiwwkfmCtksm2poYsC0S0l2Jj92MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvcUxEQ1ItWUsyU3liYW1oaXdMUkxTWFltUDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZiUMA0G
CSqGSIb3DQEBCwUAA4IBAQBXYEJ0fQfRO+FjJ2EeU/mvUbg9gqjiLp/INDE28cdt
JBjr89342OFuIig6FaN5fXDfM4y5r+64RxMa9AwAwhfB06UmjbWC296BRxx75Z66
RZyrXxzvLuDkxASYgnHSe6lyCMpF+QexGrqYc2FIcONQatDrq35MxKfISD4ehkwB
5WbMR2ju39n0Cg0xdQj2X9IL+VU0VoOThWAwmPhAWAXYJkiXRgn0WhbdjozerCAk
GWXp9evBwG5ozF/HtFX0wg7rlzs6KDWJqi5iLV1ukzbCMWSxdScCICAWF52rC+fX
zrFoimok417mai0HTtL8ecwOqDxDuW04fMS1GlvVjaEa
-----END CERTIFICATE-----
Generated at Sat Feb 3 02:04:49 2024 by rpki-client on console-fra.rpki-client.org