Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/QSIosbYeiJxUmgbSudrWOjzQydA.roa
File: QSIosbYeiJxUmgbSudrWOjzQydA.roa (raw, json)
Hash identifier: pVxBI5IfIuyY4amvY6eFNM+keuRHn3MLApM1Mi04zzc=
Subject key identifier: 41:22:28:B1:B6:1E:88:9C:54:9A:06:D2:B9:DA:D6:3A:3C:D0:C9:D0
Certificate issuer: /CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Certificate serial: 018DC63E7C82E9B3E4DA8739A9014475629E
Authority key identifier: 91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/QSIosbYeiJxUmgbSudrWOjzQydA.roa
Signing time: Tue 20 Feb 2024 11:20:00 +0000
ROA not before: Tue 20 Feb 2024 11:20:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35197
IP address blocks: 45.142.137.0/24 maxlen: 24
185.128.125.0/24 maxlen: 24
185.187.129.0/24 maxlen: 24
185.187.130.0/24 maxlen: 24
185.187.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:3e:7c:82:e9:b3:e4:da:87:39:a9:01:44:75:62:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Validity
Not Before: Feb 20 11:20:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=412228b1b61e889c549a06d2b9dad63a3cd0c9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:54:d9:e2:1e:61:5f:e0:30:ae:e7:1e:8c:7e:
a5:52:26:96:26:a1:3b:41:ab:75:4f:76:d3:33:4e:
bb:76:69:7a:93:9a:55:ab:cd:f8:cb:34:cd:1e:1f:
20:82:d7:81:e2:ec:46:ec:48:75:a2:2b:f1:cb:7b:
97:d0:17:e7:30:1c:87:92:98:6c:0d:1e:95:5b:da:
70:b7:7e:95:61:58:64:32:b5:6e:ff:a7:7b:0d:92:
9a:99:b8:67:6f:c5:c4:b3:44:82:22:93:a2:67:f9:
94:c3:a5:9a:5d:81:3f:55:31:f3:03:8f:f5:c6:5b:
ec:80:4a:02:47:74:a6:75:9a:b9:2a:13:c1:d2:b9:
27:9f:a5:3c:b3:54:2d:d8:75:57:dc:d2:a0:57:b1:
d5:af:08:b6:1a:94:08:fd:c5:58:83:ee:15:eb:e9:
1d:a8:aa:e9:8e:13:35:ae:44:bd:b1:10:96:d9:ae:
8f:27:d8:8c:4d:36:d3:26:20:28:e8:97:5d:cd:a9:
5a:4c:eb:9b:40:49:3c:ff:6b:7f:f3:4a:5f:ba:e1:
6c:42:cf:c0:6b:b8:65:d8:b9:54:9d:6f:bf:71:e6:
c8:a3:1d:01:18:3a:f1:97:e0:52:9c:79:db:72:7c:
65:e6:8f:cb:05:44:76:32:7f:f0:d7:10:b9:27:c0:
df:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:22:28:B1:B6:1E:88:9C:54:9A:06:D2:B9:DA:D6:3A:3C:D0:C9:D0
X509v3 Authority Key Identifier:
keyid:91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/QSIosbYeiJxUmgbSudrWOjzQydA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.137.0/24
185.128.125.0/24
185.187.129.0-185.187.131.255
Signature Algorithm: sha256WithRSAEncryption
03:11:86:f8:03:77:23:ac:82:74:56:6a:7c:2c:9c:88:a2:ca:
c1:58:e1:ca:a0:27:10:e3:80:40:b0:64:b7:3a:36:16:cc:36:
b1:7a:ff:76:1f:af:45:b5:a5:b4:81:0b:76:f4:1e:37:8d:9f:
cd:dd:14:28:9e:58:1e:32:ee:45:86:38:fb:67:c8:c7:b9:64:
c0:b9:d6:6a:1f:f5:55:71:bd:8a:00:7d:66:d7:73:b3:1c:1b:
85:0a:4b:7b:19:0e:66:57:3e:96:b4:60:68:70:c9:c2:1f:d6:
18:9e:94:a3:c0:63:d1:f6:b2:b1:c4:47:45:ad:59:68:5a:82:
78:49:dc:6f:1b:df:62:88:d5:69:1a:cf:45:ba:33:04:03:27:
17:ac:f9:66:5f:54:28:db:47:99:fd:b6:13:1e:54:9b:ff:42:
51:18:88:63:5e:46:d7:cc:47:06:f3:86:13:d4:50:97:a0:8e:
c6:8b:f8:9c:2e:c5:b8:57:e8:0f:11:f3:70:40:fb:4c:01:25:
9a:60:cc:53:2c:b9:4f:0c:e5:8b:9b:ab:5e:62:24:07:a3:97:
89:5c:8c:4f:19:f5:b1:f2:49:2a:7a:ea:66:9b:3b:59:7d:ac:
7a:cb:0f:50:8f:b8:e5:6a:ea:3e:1a:2a:a2:9e:6e:cf:9a:54:
ef:0e:fe:67
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY3GPnyC6bPk2oc5qQFEdWKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODkwMTY2MmE4ZWM1ZmY0ZDNmNDhkMjkwOTkyMzBhMDU3
NWVjOGEwHhcNMjQwMjIwMTEyMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTIyMjhiMWI2MWU4ODljNTQ5YTA2ZDJiOWRhZDYzYTNjZDBjOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFTZ4h5hX+AwrucejH6lUiaWJqE7
Qat1T3bTM067dml6k5pVq834yzTNHh8ggteB4uxG7Eh1oivxy3uX0BfnMByHkphs
DR6VW9pwt36VYVhkMrVu/6d7DZKambhnb8XEs0SCIpOiZ/mUw6WaXYE/VTHzA4/1
xlvsgEoCR3SmdZq5KhPB0rknn6U8s1Qt2HVX3NKgV7HVrwi2GpQI/cVYg+4V6+kd
qKrpjhM1rkS9sRCW2a6PJ9iMTTbTJiAo6JddzalaTOubQEk8/2t/80pfuuFsQs/A
a7hl2LlUnW+/cebIox0BGDrxl+BSnHnbcnxl5o/LBUR2Mn/w1xC5J8DfFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEEiKLG2HoicVJoG0rna1jo80MnQMB8GA1UdIwQY
MBaAFJGJAWYqjsX/TT9I0pCZIwoFdeyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQt
ZTgxMWUyM2MxODA0LzEvUVNJb3NiWWVpSnhVbWdiU3VkcldPanpReWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQtZTgxMWUyM2MxODA0
LzEva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALY6JAwQA
uYB9MAwDBAC5u4EDBAK5u4AwDQYJKoZIhvcNAQELBQADggEBAAMRhvgDdyOsgnRW
anwsnIiiysFY4cqgJxDjgECwZLc6NhbMNrF6/3Yfr0W1pbSBC3b0HjeNn83dFCie
WB4y7kWGOPtnyMe5ZMC51mof9VVxvYoAfWbXc7McG4UKS3sZDmZXPpa0YGhwycIf
1hielKPAY9H2srHER0WtWWhagnhJ3G8b32KI1Wkaz0W6MwQDJxes+WZfVCjbR5n9
thMeVJv/QlEYiGNeRtfMRwbzhhPUUJegjsaL+JwuxbhX6A8R83BA+0wBJZpgzFMs
uU8M5Yubq15iJAejl4lcjE8Z9bHySSp66mabO1l9rHrLD1CPuOVq6j4aKqKebs+a
VO8O/mc=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:09 2025 by rpki-client