Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/qb1Mvx_8Zi_4CU_W8oJIizuph7w.roa
File: qb1Mvx_8Zi_4CU_W8oJIizuph7w.roa (raw, json)
Hash identifier: xZ1HVKX/CwsyxdKBWVSt/NRjEXAEYpuvnICehjuVWtY=
Subject key identifier: A9:BD:4C:BF:1F:FC:66:2F:F8:09:4F:D6:F2:82:48:8B:3B:A9:87:BC
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018DEF15A1524C814AD4CC43177374C82E5E
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/qb1Mvx_8Zi_4CU_W8oJIizuph7w.roa
Signing time: Wed 28 Feb 2024 09:39:48 +0000
ROA not before: Wed 28 Feb 2024 09:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57844
IP address blocks: 45.141.208.0/22 maxlen: 24
45.150.8.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 06:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:15:a1:52:4c:81:4a:d4:cc:43:17:73:74:c8:2e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Feb 28 09:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9bd4cbf1ffc662ff8094fd6f282488b3ba987bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:24:4e:b8:a8:c8:90:52:61:ba:01:b3:04:d9:
fd:f3:29:c8:7f:e6:9c:f2:c6:0a:53:8a:89:aa:7f:
fe:ec:3f:5c:2e:be:0c:86:8d:95:2a:15:b7:12:73:
cc:7b:f9:c3:bc:5d:41:b5:18:7a:a9:f5:61:02:f0:
94:71:1e:d9:6f:42:ca:dc:d7:26:b2:49:6f:91:4d:
e8:33:71:77:f3:4c:1a:f1:13:58:93:84:66:b6:27:
b1:ad:e2:1f:6a:e6:0e:9c:1a:55:f1:82:17:18:01:
e5:24:a9:fc:7e:9d:eb:a0:b7:d1:d0:ec:40:50:9f:
71:54:09:21:9e:1d:23:f9:65:f8:26:5c:02:af:31:
e5:ae:4a:9b:88:f5:15:33:25:ea:2f:0d:c8:18:0f:
75:c3:44:76:bd:ce:68:7f:3f:8f:c3:ac:61:a7:2d:
3e:25:6f:c3:a2:6e:ae:41:e8:6f:ad:36:85:71:90:
3a:4d:65:32:f6:45:a6:47:10:e4:bf:ba:0c:a9:c2:
47:ce:30:21:1e:64:d8:cd:05:a5:82:a7:9c:cc:a1:
01:47:ba:e4:a0:e9:4f:10:f1:b0:6b:93:e9:e4:2a:
1d:51:49:e1:d4:2a:29:01:90:c2:d0:2b:9e:2e:d4:
8e:4a:0b:af:ff:17:57:8f:f8:25:71:62:b2:76:b6:
08:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BD:4C:BF:1F:FC:66:2F:F8:09:4F:D6:F2:82:48:8B:3B:A9:87:BC
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/qb1Mvx_8Zi_4CU_W8oJIizuph7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.208.0/22
45.150.8.0/22
Signature Algorithm: sha256WithRSAEncryption
36:bf:6e:d7:0c:b7:39:23:d5:fa:b8:7f:6e:c2:80:a9:13:90:
a1:52:4d:19:e7:cf:fd:20:c4:3e:da:63:86:71:1e:20:87:e4:
85:d5:21:05:66:11:53:f1:f3:8a:17:75:75:dc:90:92:24:f5:
d9:00:e2:df:37:4c:00:c4:b7:87:4e:1f:0c:66:f1:24:01:0f:
1a:30:1c:32:6a:fe:5b:49:fe:ea:3b:8d:fe:2d:a4:37:21:76:
ee:66:15:d7:21:7c:b1:40:e7:a4:1f:7b:d7:34:85:9d:2a:22:
c5:53:b9:6f:9d:e0:ba:a3:4f:a2:27:97:9f:dd:62:a7:84:10:
b9:a9:f8:6e:5f:75:eb:f1:78:3c:37:b1:69:20:c1:dd:bd:41:
d2:f1:6e:99:fa:90:b8:e7:bc:05:d5:4d:b9:6d:6e:af:16:b3:
40:e2:10:82:9d:ce:4a:4d:20:8f:82:b7:e6:5c:7b:55:20:ff:
76:3c:36:9e:3b:e6:64:0c:34:5e:14:e6:ac:54:41:61:e2:4b:
0a:34:36:f2:06:01:0f:0a:f7:a2:47:f1:e1:61:3b:63:1a:a8:
40:43:da:de:cf:a2:28:a1:ae:53:82:4c:53:e4:78:1e:c0:b6:
17:27:91:b8:fa:75:53:63:ac:0e:24:29:c3:54:bb:fe:db:19:
df:a1:f7:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3vFaFSTIFK1MxDF3N0yC5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMjI4MDkzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWJkNGNiZjFmZmM2NjJmZjgwOTRmZDZmMjgyNDg4YjNiYTk4N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSROuKjIkFJhugGzBNn98ynIf+ac
8sYKU4qJqn/+7D9cLr4Mho2VKhW3EnPMe/nDvF1BtRh6qfVhAvCUcR7Zb0LK3Ncm
sklvkU3oM3F380wa8RNYk4RmtiexreIfauYOnBpV8YIXGAHlJKn8fp3roLfR0OxA
UJ9xVAkhnh0j+WX4JlwCrzHlrkqbiPUVMyXqLw3IGA91w0R2vc5ofz+Pw6xhpy0+
JW/Dom6uQehvrTaFcZA6TWUy9kWmRxDkv7oMqcJHzjAhHmTYzQWlgqeczKEBR7rk
oOlPEPGwa5Pp5CodUUnh1CopAZDC0CueLtSOSguv/xdXj/glcWKydrYI4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKm9TL8f/GYv+AlP1vKCSIs7qYe8MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvcWIxTXZ4XzhaaV80Q1VfVzhvSklpenVwaDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY3QAwQC
LZYIMA0GCSqGSIb3DQEBCwUAA4IBAQA2v27XDLc5I9X6uH9uwoCpE5ChUk0Z58/9
IMQ+2mOGcR4gh+SF1SEFZhFT8fOKF3V13JCSJPXZAOLfN0wAxLeHTh8MZvEkAQ8a
MBwyav5bSf7qO43+LaQ3IXbuZhXXIXyxQOekH3vXNIWdKiLFU7lvneC6o0+iJ5ef
3WKnhBC5qfhuX3Xr8Xg8N7FpIMHdvUHS8W6Z+pC457wF1U25bW6vFrNA4hCCnc5K
TSCPgrfmXHtVIP92PDaeO+ZkDDReFOasVEFh4ksKNDbyBgEPCveiR/HhYTtjGqhA
Q9rez6Iooa5TgkxT5HgewLYXJ5G4+nVTY6wOJCnDVLv+2xnfoffE
-----END CERTIFICATE-----
Generated at Tue Mar 26 06:58:37 2024 by rpki-client on console-ams.rpki-client.org