Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/q5BO7rJgzB9TDtlxvNpQSPOtwZc.roa
File: q5BO7rJgzB9TDtlxvNpQSPOtwZc.roa (raw, json)
Hash identifier: TFxEwBefpKBqi1y8YgeiWVVIlH5F5YZL2uYAGwdsWtI=
Subject key identifier: AB:90:4E:EE:B2:60:CC:1F:53:0E:D9:71:BC:DA:50:48:F3:AD:C1:97
Certificate issuer: /CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Certificate serial: 018CC80182A6C1336CAC53B311D81C8F7B68
Authority key identifier: A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/q5BO7rJgzB9TDtlxvNpQSPOtwZc.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207348
IP address blocks: 45.142.8.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 11:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:82:a6:c1:33:6c:ac:53:b3:11:d8:1c:8f:7b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab904eeeb260cc1f530ed971bcda5048f3adc197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3d:0b:06:56:9f:4f:a5:6c:90:1e:f2:cc:28:
70:7f:61:25:fc:99:ee:fb:2b:24:5d:ff:e7:c2:56:
d7:7f:63:19:c3:24:c2:0d:d6:a8:69:8b:2f:26:07:
8e:5e:69:f5:02:5c:9b:b8:6d:02:7a:ff:67:a4:91:
0d:6e:a4:a1:01:fe:3d:73:66:b6:10:7e:21:96:6b:
42:62:91:1e:91:6d:b1:aa:ca:df:e8:ec:42:74:84:
af:cf:57:f4:8d:35:bc:f8:c2:eb:d6:6d:d1:79:90:
f6:69:43:f1:44:fc:8a:3c:cf:d0:eb:f2:fe:de:e0:
24:14:71:3d:09:fa:c3:6d:0b:96:80:0b:6c:69:92:
1b:36:8d:41:0a:78:7c:ea:3d:05:d0:95:e4:74:ed:
bb:99:a1:ce:07:96:b2:e7:c1:06:18:d1:a4:83:21:
bc:60:fb:6d:a1:af:cc:ef:4f:8d:ab:96:24:e9:43:
75:b7:7d:01:50:98:7b:40:ed:ce:fc:d5:0a:16:14:
0c:fe:53:e0:69:38:d6:7e:66:33:fb:67:ba:68:53:
50:84:78:59:4c:84:20:92:61:e2:e9:8f:d6:00:25:
b6:ed:30:6d:30:67:36:f0:3b:bf:6c:c3:42:d5:a9:
40:68:e8:81:4a:13:3a:6a:28:32:65:41:7e:5d:69:
7e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:90:4E:EE:B2:60:CC:1F:53:0E:D9:71:BC:DA:50:48:F3:AD:C1:97
X509v3 Authority Key Identifier:
keyid:A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/q5BO7rJgzB9TDtlxvNpQSPOtwZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.8.0/22
Signature Algorithm: sha256WithRSAEncryption
24:ba:85:c4:73:98:45:16:d4:e3:e8:fe:b6:2a:72:06:d1:2c:
a5:04:14:e3:aa:7c:cc:62:47:48:e0:21:26:ed:a3:27:df:35:
f9:1d:4a:38:f2:ae:8c:f3:02:ca:e9:be:7b:db:f3:aa:3d:30:
7d:06:64:75:a8:65:7c:07:02:27:7b:8c:69:31:11:0c:5f:20:
98:6e:65:7e:54:b9:d1:41:68:88:74:f1:a2:b6:37:30:23:44:
66:e2:0f:c0:5a:f8:81:de:fe:e9:16:2e:ce:4d:a7:65:83:c8:
d9:c4:28:54:f8:b8:fa:47:0f:8b:2b:14:9d:c9:d2:90:22:bc:
7d:13:22:7d:01:ac:a2:5c:1b:12:85:4a:eb:85:eb:13:7e:f0:
eb:5b:62:7e:c2:67:34:09:62:e6:af:97:a0:27:15:b1:35:0d:
2e:bc:2c:1d:cb:19:18:d5:fc:b4:35:f4:06:d8:71:ca:8e:09:
80:51:d1:62:9d:57:95:2a:29:b8:49:e5:24:d3:81:78:6d:df:
5d:53:63:e9:0f:0d:47:a1:a7:33:f9:78:eb:e3:b3:8f:69:e3:
cd:49:47:17:85:ef:b0:14:a1:8e:01:35:a5:7c:8b:c1:74:b5:
d6:44:99:6e:0e:8e:b9:e6:60:53:cf:d4:57:2d:74:ed:07:81:
45:38:48:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYKmwTNsrFOzEdgcj3toMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDc4ZGUwMjM0ZTZmOTk3MDE1OTJmNTM2ZTQ1ZjVmNTU5
NGVlYzMwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjkwNGVlZWIyNjBjYzFmNTMwZWQ5NzFiY2RhNTA0OGYzYWRjMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT0LBlafT6VskB7yzChwf2El/Jnu
+yskXf/nwlbXf2MZwyTCDdaoaYsvJgeOXmn1AlybuG0Cev9npJENbqShAf49c2a2
EH4hlmtCYpEekW2xqsrf6OxCdISvz1f0jTW8+MLr1m3ReZD2aUPxRPyKPM/Q6/L+
3uAkFHE9CfrDbQuWgAtsaZIbNo1BCnh86j0F0JXkdO27maHOB5ay58EGGNGkgyG8
YPttoa/M70+Nq5Yk6UN1t30BUJh7QO3O/NUKFhQM/lPgaTjWfmYz+2e6aFNQhHhZ
TIQgkmHi6Y/WACW27TBtMGc28Du/bMNC1alAaOiBShM6aigyZUF+XWl+iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKuQTu6yYMwfUw7ZcbzaUEjzrcGXMB8GA1UdIwQY
MBaAFKfXjeAjTm+ZcBWS9TbkX19VlO7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2Mt
MjhkNWI2MDdhNDdmLzEvcTVCTzdySmd6QjlURHRseHZOcFFTUE90d1pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2MtMjhkNWI2MDdhNDdm
LzEvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY4IMA0G
CSqGSIb3DQEBCwUAA4IBAQAkuoXEc5hFFtTj6P62KnIG0SylBBTjqnzMYkdI4CEm
7aMn3zX5HUo48q6M8wLK6b572/OqPTB9BmR1qGV8BwIne4xpMREMXyCYbmV+VLnR
QWiIdPGitjcwI0Rm4g/AWviB3v7pFi7OTadlg8jZxChU+Lj6Rw+LKxSdydKQIrx9
EyJ9AayiXBsShUrrhesTfvDrW2J+wmc0CWLmr5egJxWxNQ0uvCwdyxkY1fy0NfQG
2HHKjgmAUdFinVeVKim4SeUk04F4bd9dU2PpDw1Hoacz+Xjr47OPaePNSUcXhe+w
FKGOATWlfIvBdLXWRJluDo655mBTz9RXLXTtB4FFOEgx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:33 2024 by rpki-client on console-ams.rpki-client.org