Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/qVK3M9ss37uxHoL4g7Kmi81TP00.roa
File: qVK3M9ss37uxHoL4g7Kmi81TP00.roa (raw, json)
Hash identifier: RBaQQ3jtGpmS1ZwS0E6UoAn6jZxWVBNgfkVeCSKu2YU=
Subject key identifier: A9:52:B7:33:DB:2C:DF:BB:B1:1E:82:F8:83:B2:A6:8B:CD:53:3F:4D
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D692B09ABAE486176E7619A5A7D43A3C3
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/qVK3M9ss37uxHoL4g7Kmi81TP00.roa
Signing time: Fri 02 Feb 2024 09:34:04 +0000
ROA not before: Fri 02 Feb 2024 09:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56419
IP address blocks: 45.129.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 11:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:2b:09:ab:ae:48:61:76:e7:61:9a:5a:7d:43:a3:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 2 09:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a952b733db2cdfbbb11e82f883b2a68bcd533f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8b:e1:35:fa:40:01:54:40:5f:88:c0:4e:9d:
5b:90:14:69:ec:65:31:32:59:23:4a:0d:3b:90:e2:
18:af:67:b5:da:c7:18:de:4d:57:31:69:9c:d9:c8:
a9:34:d9:bc:be:a0:84:78:4c:23:0c:8a:c9:60:e8:
8d:21:31:5d:da:ff:55:2f:41:15:d1:00:39:11:75:
3b:d7:75:f6:a3:c1:a2:5f:69:34:b3:44:14:40:b4:
34:ab:35:dd:0c:de:03:82:da:56:32:c9:23:5a:93:
71:cc:1a:03:03:71:f1:7e:6b:c5:cd:6d:bb:cd:be:
2d:7f:da:b3:b8:8b:3b:ad:53:92:da:12:62:ea:5d:
8a:99:c3:95:31:7f:59:3f:32:88:8f:e5:4d:73:ab:
90:72:d3:d5:e2:db:74:24:02:40:73:f3:31:86:ee:
71:7d:18:a8:89:95:fb:24:ae:3b:fb:f9:ae:af:4e:
f6:9d:02:51:db:de:f8:1e:10:af:42:c8:8b:61:d7:
87:95:d3:a0:69:0b:4f:42:c7:10:24:1d:32:b9:dc:
f0:4a:96:ff:14:be:77:6b:58:85:aa:08:20:aa:e6:
26:0a:41:2c:ea:d4:4d:f5:92:94:6c:f5:02:74:16:
19:6c:e1:2a:55:ab:fa:79:b3:0b:75:9b:f3:9f:f2:
67:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:52:B7:33:DB:2C:DF:BB:B1:1E:82:F8:83:B2:A6:8B:CD:53:3F:4D
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/qVK3M9ss37uxHoL4g7Kmi81TP00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.128.0/24
Signature Algorithm: sha256WithRSAEncryption
60:0c:4e:66:f0:eb:ae:ed:c6:4f:3c:b8:90:72:5e:68:1e:7f:
9c:9c:14:a8:5b:f0:ec:f4:cc:5f:91:9d:44:41:50:2f:1e:60:
90:f6:b3:2e:48:ac:aa:94:0b:b7:69:b9:e1:c5:9c:68:e4:27:
1e:cb:33:08:0b:ee:e8:eb:d6:bd:1c:29:0e:e4:40:30:d5:a9:
be:04:22:f6:2e:e5:2a:27:59:59:54:72:48:bf:2c:33:90:9e:
f7:33:39:be:7e:d3:2e:4c:76:15:c0:19:00:c0:7d:0c:26:80:
c4:cb:e3:63:db:15:e7:29:11:1b:d7:5f:2d:fe:36:37:27:06:
ff:41:e2:b7:5a:96:5e:25:dd:69:50:fa:3d:88:9c:91:a0:3b:
74:7f:0b:88:d1:65:e4:4c:51:2f:2b:47:cc:67:f5:48:cc:c1:
2c:9e:1e:1d:15:b5:b1:ca:4d:9e:2e:02:4f:f3:35:e5:ed:a1:
e2:f5:00:04:7c:da:7f:1f:3e:80:61:3b:7d:42:ae:9e:08:4c:
af:88:05:8e:83:cf:ac:f1:5a:99:9e:53:1a:7b:4a:b9:99:b4:
cd:57:7c:31:2d:bf:af:0d:25:d0:44:bc:42:41:30:7a:71:d8:
a0:97:ac:ca:21:a1:b5:5c:b3:fe:ce:93:22:b4:8c:e5:02:b1:
39:1b:b8:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1pKwmrrkhhdudhmlp9Q6PDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAyMDkzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTUyYjczM2RiMmNkZmJiYjExZTgyZjg4M2IyYTY4YmNkNTMzZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIvhNfpAAVRAX4jATp1bkBRp7GUx
MlkjSg07kOIYr2e12scY3k1XMWmc2cipNNm8vqCEeEwjDIrJYOiNITFd2v9VL0EV
0QA5EXU713X2o8GiX2k0s0QUQLQ0qzXdDN4DgtpWMskjWpNxzBoDA3HxfmvFzW27
zb4tf9qzuIs7rVOS2hJi6l2KmcOVMX9ZPzKIj+VNc6uQctPV4tt0JAJAc/Mxhu5x
fRioiZX7JK47+/mur072nQJR2974HhCvQsiLYdeHldOgaQtPQscQJB0yudzwSpb/
FL53a1iFqgggquYmCkEs6tRN9ZKUbPUCdBYZbOEqVav6ebMLdZvzn/JnpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlStzPbLN+7sR6C+IOypovNUz9NMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvcVZLM005c3MzN3V4SG9MNGc3S21pODFUUDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYGAMA0G
CSqGSIb3DQEBCwUAA4IBAQBgDE5m8Ouu7cZPPLiQcl5oHn+cnBSoW/Ds9MxfkZ1E
QVAvHmCQ9rMuSKyqlAu3abnhxZxo5CceyzMIC+7o69a9HCkO5EAw1am+BCL2LuUq
J1lZVHJIvywzkJ73Mzm+ftMuTHYVwBkAwH0MJoDEy+Nj2xXnKREb118t/jY3Jwb/
QeK3WpZeJd1pUPo9iJyRoDt0fwuI0WXkTFEvK0fMZ/VIzMEsnh4dFbWxyk2eLgJP
8zXl7aHi9QAEfNp/Hz6AYTt9Qq6eCEyviAWOg8+s8VqZnlMae0q5mbTNV3wxLb+v
DSXQRLxCQTB6cdigl6zKIaG1XLP+zpMitIzlArE5G7jT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org