Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/QcxRhR6K1bkFpDvSfEJ2GGVduYE.roa
File: QcxRhR6K1bkFpDvSfEJ2GGVduYE.roa (raw, json)
Hash identifier: l65F01tse1cLtbTYlnFv3yCrEHmdILh0Khbv02CL6y4=
Subject key identifier: 41:CC:51:85:1E:8A:D5:B9:05:A4:3B:D2:7C:42:76:18:65:5D:B9:81
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DD1E8C3A0D50A118F1F53C3110B984E89
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/QcxRhR6K1bkFpDvSfEJ2GGVduYE.roa
Signing time: Thu 22 Feb 2024 17:41:49 +0000
ROA not before: Thu 22 Feb 2024 17:41:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 45.132.130.0/24 maxlen: 24
45.132.131.0/24 maxlen: 24
45.138.157.0/24 maxlen: 24
193.201.126.0/24 maxlen: 24
194.61.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 13:26:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:e8:c3:a0:d5:0a:11:8f:1f:53:c3:11:0b:98:4e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 22 17:41:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41cc51851e8ad5b905a43bd27c427618655db981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4d:f2:cc:fd:76:95:1e:55:c0:e5:cc:07:dc:
9f:f2:f0:4c:53:19:c9:36:9b:9a:a3:84:1c:0b:2c:
78:a1:ee:f7:b6:9d:e4:6e:05:92:8a:44:22:94:90:
80:99:c6:f5:85:60:99:a5:8a:ef:6a:63:41:5d:f1:
6f:5b:f9:ac:8f:27:c6:a5:c8:e0:8d:a9:d5:88:ed:
00:f2:be:5d:b4:11:45:8e:48:79:8b:85:b3:c6:32:
82:ed:a5:68:23:b1:e7:a7:d0:c4:83:95:fe:f2:25:
06:21:fc:4d:ee:32:60:15:93:04:3f:85:19:4f:71:
cd:61:43:99:24:45:9b:b6:2e:70:5f:92:64:45:72:
ae:0a:77:fb:18:4b:b0:96:fb:b2:77:c7:62:3d:48:
8e:f7:aa:58:d3:05:cf:e2:27:f1:ea:ea:8f:d4:8e:
f1:7d:7c:3f:aa:bc:a6:67:19:d5:f0:8c:18:71:75:
56:1b:5f:21:5d:13:82:68:14:a4:ca:af:62:56:60:
f8:72:4b:68:45:81:c7:8f:5f:e9:c9:a3:b3:10:f2:
45:a2:7f:02:8a:2a:33:78:02:5b:5b:03:81:28:e3:
6e:63:8b:83:30:96:d6:dd:2f:eb:41:7a:8c:86:4c:
9b:c7:5e:e5:77:84:ee:a3:ce:40:a7:62:24:80:81:
17:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CC:51:85:1E:8A:D5:B9:05:A4:3B:D2:7C:42:76:18:65:5D:B9:81
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/QcxRhR6K1bkFpDvSfEJ2GGVduYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.130.0/23
45.138.157.0/24
193.201.126.0/24
194.61.9.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:19:85:72:9e:11:55:86:e0:c2:d4:52:9f:13:89:70:12:05:
06:da:6a:c1:c2:0f:b4:65:a9:77:19:bc:a9:d0:58:73:ee:80:
b1:5b:85:18:08:af:82:62:3e:ef:70:67:99:15:83:3a:65:c0:
6c:e8:db:b5:09:ef:b9:cf:cd:22:54:cb:f5:11:59:72:23:cf:
69:ba:a6:49:3d:64:0c:8a:e5:42:a4:9e:bf:52:7e:5c:30:75:
cd:83:eb:b2:23:15:c6:6c:38:8f:b7:8a:4b:4e:a4:cb:3d:b3:
f4:fc:7f:73:9f:8a:91:73:62:24:ab:0f:06:e3:48:40:75:72:
08:bb:26:3e:9c:56:5b:61:ab:bd:7b:35:86:7e:6b:7c:93:c6:
2c:9c:8b:62:0b:9b:70:6b:53:fd:e5:24:d2:dc:89:23:c8:34:
01:07:bb:85:31:31:58:b8:0a:a5:f9:48:e9:f7:ac:3f:9d:32:
01:27:7a:cc:70:a0:f4:36:76:ea:bf:c5:27:ac:1c:89:78:21:
ef:5a:e7:42:c1:dd:39:39:e9:a6:27:72:80:18:67:3d:7d:e6:
9c:ec:5a:6d:e2:19:4b:b8:bd:7a:8f:d8:0b:a4:27:57:41:5e:
b3:cc:60:43:1c:26:93:c8:33:b9:b6:03:d8:4e:0a:1d:46:b7:
ef:84:5b:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3R6MOg1QoRjx9TwxELmE6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIyMTc0MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWNjNTE4NTFlOGFkNWI5MDVhNDNiZDI3YzQyNzYxODY1NWRiOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU3yzP12lR5VwOXMB9yf8vBMUxnJ
Npuao4QcCyx4oe73tp3kbgWSikQilJCAmcb1hWCZpYrvamNBXfFvW/msjyfGpcjg
janViO0A8r5dtBFFjkh5i4WzxjKC7aVoI7Hnp9DEg5X+8iUGIfxN7jJgFZMEP4UZ
T3HNYUOZJEWbti5wX5JkRXKuCnf7GEuwlvuyd8diPUiO96pY0wXP4ifx6uqP1I7x
fXw/qrymZxnV8IwYcXVWG18hXROCaBSkyq9iVmD4cktoRYHHj1/pyaOzEPJFon8C
iiozeAJbWwOBKONuY4uDMJbW3S/rQXqMhkybx17ld4Tuo85Ap2IkgIEXJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEHMUYUeitW5BaQ70nxCdhhlXbmBMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUWN4UmhSNksxYmtGcER2U2ZFSjJHR1ZkdVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYSCAwQA
LYqdAwQAwcl+AwQAwj0JMA0GCSqGSIb3DQEBCwUAA4IBAQChGYVynhFVhuDC1FKf
E4lwEgUG2mrBwg+0Zal3Gbyp0Fhz7oCxW4UYCK+CYj7vcGeZFYM6ZcBs6Nu1Ce+5
z80iVMv1EVlyI89puqZJPWQMiuVCpJ6/Un5cMHXNg+uyIxXGbDiPt4pLTqTLPbP0
/H9zn4qRc2Ikqw8G40hAdXIIuyY+nFZbYau9ezWGfmt8k8YsnItiC5twa1P95STS
3IkjyDQBB7uFMTFYuAql+Ujp96w/nTIBJ3rMcKD0Nnbqv8UnrByJeCHvWudCwd05
OemmJ3KAGGc9feac7Fpt4hlLuL16j9gLpCdXQV6zzGBDHCaTyDO5tgPYTgodRrfv
hFsW
-----END CERTIFICATE-----
Generated at Fri Aug 30 15:01:26 2024 by rpki-client on console-ams.rpki-client.org