Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/QtVKs_DCmkLxJU2fM0WuMB1Bw5w.roa
File: QtVKs_DCmkLxJU2fM0WuMB1Bw5w.roa (raw, json)
Hash identifier: Mx+7paH7HZrxxy2tZS7uwA2FboOTkJvm9gX1mZ6UlCI=
Subject key identifier: 42:D5:4A:B3:F0:C2:9A:42:F1:25:4D:9F:33:45:AE:30:1D:41:C3:9C
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 018C95B1958CFA6606017B525CA76EFEC2D0
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/QtVKs_DCmkLxJU2fM0WuMB1Bw5w.roa
Signing time: Sat 23 Dec 2023 08:01:32 +0000
ROA not before: Sat 23 Dec 2023 08:01:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59651
IP address blocks: 45.143.6.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:b1:95:8c:fa:66:06:01:7b:52:5c:a7:6e:fe:c2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Dec 23 08:01:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42d54ab3f0c29a42f1254d9f3345ae301d41c39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a9:07:21:d2:b6:3b:58:a0:ae:6b:40:f5:96:
4e:1d:2e:f5:4b:21:81:e0:1f:08:55:64:66:08:48:
8f:b0:b5:bd:9e:16:76:e9:2d:8e:8d:56:05:0d:13:
a8:c0:a4:8c:29:75:46:e5:e4:35:08:04:dc:2b:62:
32:ed:b3:75:e9:ef:a0:3b:d6:b5:3c:21:b7:ee:93:
89:6d:76:90:fa:16:b4:ff:e6:74:94:a0:69:31:7c:
f8:c7:97:aa:35:9d:fc:49:7a:32:b4:90:38:f1:ee:
dc:ae:66:91:20:21:2b:e1:2e:cf:e2:5c:db:6f:c5:
55:69:c2:c6:5e:45:ec:eb:d5:d0:c2:b7:56:43:83:
e7:b5:19:bc:dc:73:24:56:3a:a0:10:bf:25:ff:ed:
e7:5d:be:d2:d2:72:eb:a4:e6:38:ee:f3:ac:d3:50:
60:4d:82:2c:df:a8:07:3a:b6:3c:4c:18:37:48:f3:
94:78:fc:c7:5b:98:8c:51:d4:b2:d0:c3:1d:e0:60:
ad:79:ef:23:28:fe:fa:38:cd:ee:88:d4:6e:eb:ef:
f5:f6:76:98:7f:8f:32:0b:17:11:ca:05:5e:2d:54:
7a:9a:80:b0:48:1a:46:cf:e3:66:53:a5:0c:31:1f:
b1:f5:da:28:85:33:bc:50:58:d9:7b:95:9b:1a:a4:
41:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D5:4A:B3:F0:C2:9A:42:F1:25:4D:9F:33:45:AE:30:1D:41:C3:9C
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/QtVKs_DCmkLxJU2fM0WuMB1Bw5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.6.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e8:05:68:5d:6f:10:4f:26:07:37:1f:82:44:ce:6b:f9:58:
40:bb:ed:ef:6b:49:3d:ed:50:a1:a8:3c:3d:3a:db:c4:e9:d3:
0c:63:91:ce:5b:9b:76:63:b2:ae:fa:65:ec:b6:64:08:cc:df:
5c:6f:92:97:0e:54:aa:3d:c7:b9:13:67:bc:a3:9b:ec:9f:ac:
2d:e8:fb:ab:8e:27:d8:3f:b4:27:3e:45:52:95:52:e5:d9:44:
40:68:61:30:0d:94:cb:3d:82:3d:4f:80:ef:3a:ea:8d:ba:1d:
73:9c:51:7f:4c:90:79:4d:a5:2f:38:16:38:72:15:ed:5b:98:
50:c3:48:f9:39:d2:4f:d8:1c:33:e3:55:3d:3c:82:f3:61:5f:
c6:92:da:79:10:29:81:23:46:41:4d:8c:5f:15:5c:db:59:6b:
55:87:42:1f:6e:4c:64:67:f6:2d:aa:2f:b4:6d:44:ab:a7:cd:
17:f5:f5:52:c6:93:3c:2f:20:17:54:3f:d1:1b:21:9c:c3:10:
ba:c1:34:83:91:a9:00:42:1c:e2:71:cb:ed:c0:06:41:ef:fa:
5e:d4:e2:fd:f2:31:2f:2a:81:66:c2:82:8b:d2:bf:ee:90:8f:
95:a2:67:4f:69:11:0e:02:f3:b2:b4:ad:fc:02:a8:b6:9e:9d:
bb:17:10:10
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYyVsZWM+mYGAXtSXKdu/sLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMxMjIzMDgwMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ1NGFiM2YwYzI5YTQyZjEyNTRkOWYzMzQ1YWUzMDFkNDFjMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKkHIdK2O1igrmtA9ZZOHS71SyGB
4B8IVWRmCEiPsLW9nhZ26S2OjVYFDROowKSMKXVG5eQ1CATcK2Iy7bN16e+gO9a1
PCG37pOJbXaQ+ha0/+Z0lKBpMXz4x5eqNZ38SXoytJA48e7crmaRICEr4S7P4lzb
b8VVacLGXkXs69XQwrdWQ4PntRm83HMkVjqgEL8l/+3nXb7S0nLrpOY47vOs01Bg
TYIs36gHOrY8TBg3SPOUePzHW5iMUdSy0MMd4GCtee8jKP76OM3uiNRu6+/19naY
f48yCxcRygVeLVR6moCwSBpGz+NmU6UMMR+x9doohTO8UFjZe5WbGqRBbQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFELVSrPwwppC8SVNnzNFrjAdQcOcMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL1F0VktzX0RDbWtMeEpVMmZNMFd1TUIxQnc1dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtjwYw
DQYJKoZIhvcNAQELBQADggEBABXoBWhdbxBPJgc3H4JEzmv5WEC77e9rST3tUKGo
PD0628Tp0wxjkc5bm3Zjsq76Zey2ZAjM31xvkpcOVKo9x7kTZ7yjm+yfrC3o+6uO
J9g/tCc+RVKVUuXZREBoYTANlMs9gj1PgO866o26HXOcUX9MkHlNpS84FjhyFe1b
mFDDSPk50k/YHDPjVT08gvNhX8aS2nkQKYEjRkFNjF8VXNtZa1WHQh9uTGRn9i2q
L7RtRKunzRf19VLGkzwvIBdUP9EbIZzDELrBNIORqQBCHOJxy+3ABkHv+l7U4v3y
MS8qgWbCgovSv+6Qj5WiZ09pEQ4C87K0rfwCqLaenbsXEBA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:33 2024 by rpki-client on console-fra.rpki-client.org