Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/qsYpungYUOHpCsK1smwD-oKyPxo.roa
File: qsYpungYUOHpCsK1smwD-oKyPxo.roa (raw, json)
Hash identifier: 9OaV5QwSxj8VhA0BzaBvozKnPYvAI4sOjPknLM439LI=
Subject key identifier: AA:C6:29:BA:78:18:50:E1:E9:0A:C2:B5:B2:6C:03:FA:82:B2:3F:1A
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 01864F94661F3E2D0F578DA6704CFD49BB51
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/qsYpungYUOHpCsK1smwD-oKyPxo.roa
Signing time: Tue 14 Feb 2023 10:59:30 +0000
ROA not before: Tue 14 Feb 2023 10:59:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212708
IP address blocks: 45.153.32.0/23 maxlen: 23
45.135.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:94:66:1f:3e:2d:0f:57:8d:a6:70:4c:fd:49:bb:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Feb 14 10:59:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aac629ba781850e1e90ac2b5b26c03fa82b23f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:83:5f:b1:0b:2c:5a:9f:00:0e:e2:15:dc:
7f:6c:8f:68:62:26:c9:80:81:e9:e5:ac:7c:d3:57:
6d:56:cf:41:2a:f1:35:e4:90:80:a9:88:32:3d:04:
dd:30:a9:2d:a9:08:4f:b3:72:ca:c9:67:45:8c:e2:
f7:1c:fe:82:97:f9:4c:61:c3:82:59:71:ca:57:42:
aa:29:67:79:3c:82:f0:a8:41:ae:90:06:f2:0b:7f:
25:00:ec:0d:5e:95:62:42:6f:af:85:93:c9:68:b7:
73:98:54:74:79:e6:d2:97:05:ad:a0:c4:e4:d9:38:
5d:bd:d8:a8:d6:4c:8b:b8:65:15:69:98:1f:0d:70:
0f:10:e9:c3:c9:59:e3:01:1d:68:9e:23:79:9c:be:
fa:3c:08:85:9f:3a:2f:71:b0:cf:67:bf:f0:c3:b2:
e7:f8:5c:5f:a1:90:aa:97:b1:78:ea:5e:3d:e3:73:
bf:fe:18:b6:be:49:b2:ad:c0:44:9f:6c:8f:44:7a:
3f:99:e8:a3:88:78:80:5e:0d:35:de:b5:25:1c:e2:
30:36:cd:bd:25:c7:c5:3a:ad:c9:db:f7:e1:c7:15:
2c:3f:39:59:10:53:b8:fe:89:4e:28:4c:c9:c6:4e:
1e:c0:52:b1:04:49:1f:2c:63:a5:49:cf:92:3e:20:
98:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C6:29:BA:78:18:50:E1:E9:0A:C2:B5:B2:6C:03:FA:82:B2:3F:1A
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/qsYpungYUOHpCsK1smwD-oKyPxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.194.0/24
45.153.32.0/23
Signature Algorithm: sha256WithRSAEncryption
da:88:5a:1f:e9:0b:68:b9:df:b5:4d:5a:26:55:0c:28:eb:0b:
0c:fb:9b:dc:b1:95:09:49:29:c2:5a:c0:ac:d9:0f:0c:72:36:
37:81:ac:44:11:ce:bf:86:db:83:40:3c:3d:3c:38:0c:b5:df:
0e:29:6c:d1:1c:10:97:70:17:fc:96:66:f1:51:4f:c8:f2:04:
e0:60:27:4a:5c:a4:9d:6f:19:27:14:d3:5c:82:83:72:ac:42:
a9:1f:82:c4:46:0e:36:e9:63:23:6c:be:ed:25:0c:2a:97:5a:
b9:d9:76:57:7d:67:be:19:1e:2f:d5:41:ca:da:c1:06:b0:32:
5b:a5:98:8e:e0:ea:13:7a:75:f6:5c:29:e3:9a:1e:6b:9d:4f:
3e:fb:40:02:f0:85:74:9b:6e:fb:b2:d9:1d:84:26:52:ad:ae:
28:80:38:d4:1d:2e:41:78:0c:1e:d7:e7:65:8c:e7:62:7c:d3:
81:06:07:e3:77:22:5b:5e:cc:44:d2:b9:c0:6e:da:ba:6e:08:
56:c8:0a:03:ac:45:d3:17:fc:c3:1a:4f:1d:70:3a:10:63:aa:
52:ba:b5:ed:49:c5:b8:fc:fc:25:0f:42:1d:b2:46:88:fb:58:
2a:6e:3c:cd:20:0b:e9:a2:e8:df:88:ba:fc:06:4c:a1:d0:bf:
7c:3f:53:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZPlGYfPi0PV42mcEz9SbtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjMwMjE0MTA1OTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWM2MjliYTc4MTg1MGUxZTkwYWMyYjViMjZjMDNmYTgyYjIzZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl92DX7ELLFqfAA7iFdx/bI9oYibJ
gIHp5ax801dtVs9BKvE15JCAqYgyPQTdMKktqQhPs3LKyWdFjOL3HP6Cl/lMYcOC
WXHKV0KqKWd5PILwqEGukAbyC38lAOwNXpViQm+vhZPJaLdzmFR0eebSlwWtoMTk
2Thdvdio1kyLuGUVaZgfDXAPEOnDyVnjAR1oniN5nL76PAiFnzovcbDPZ7/ww7Ln
+FxfoZCql7F46l4943O//hi2vkmyrcBEn2yPRHo/meijiHiAXg013rUlHOIwNs29
JcfFOq3J2/fhxxUsPzlZEFO4/olOKEzJxk4ewFKxBEkfLGOlSc+SPiCYCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKrGKbp4GFDh6QrCtbJsA/qCsj8aMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvcXNZcHVuZ1lVT0hwQ3NLMXNtd0Qtb0t5UHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYfCAwQB
LZkgMA0GCSqGSIb3DQEBCwUAA4IBAQDaiFof6Qtoud+1TVomVQwo6wsM+5vcsZUJ
SSnCWsCs2Q8McjY3gaxEEc6/htuDQDw9PDgMtd8OKWzRHBCXcBf8lmbxUU/I8gTg
YCdKXKSdbxknFNNcgoNyrEKpH4LERg426WMjbL7tJQwql1q52XZXfWe+GR4v1UHK
2sEGsDJbpZiO4OoTenX2XCnjmh5rnU8++0AC8IV0m277stkdhCZSra4ogDjUHS5B
eAwe1+dljOdifNOBBgfjdyJbXsxE0rnAbtq6bghWyAoDrEXTF/zDGk8dcDoQY6pS
urXtScW4/PwlD0IdskaI+1gqbjzNIAvpoujfiLr8Bkyh0L98P1MJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org