Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QESOuLnY3mxcM71U1SKdrIk3j-Q.roa
File: QESOuLnY3mxcM71U1SKdrIk3j-Q.roa (raw, json)
Hash identifier: uSoe7kg5P+hWwpUsOHHSahB8f8y5/1WaInli9JXSwVc=
Subject key identifier: 40:44:8E:B8:B9:D8:DE:6C:5C:33:BD:54:D5:22:9D:AC:89:37:8F:E4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E777D16BBBD30EF7E4426D76F73684
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QESOuLnY3mxcM71U1SKdrIk3j-Q.roa
Signing time: Mon 02 Jan 2023 05:14:55 +0000
ROA not before: Mon 02 Jan 2023 05:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 45.131.186.0/24 maxlen: 24
185.238.189.0/24 maxlen: 24
185.238.190.0/24 maxlen: 24
2a0e:97c0:a80::/44 maxlen: 48
2a0e:97c0:300::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Jan 2023 23:52:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:77:d1:6b:bb:d3:0e:f7:e4:42:6d:76:f7:36:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40448eb8b9d8de6c5c33bd54d5229dac89378fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f2:44:fc:eb:49:1c:b5:f7:97:1f:f2:42:ee:
46:f8:10:54:94:26:9f:d1:52:c6:7a:8b:dc:cd:80:
98:6c:29:ba:78:80:13:0d:23:32:d9:be:d0:26:d0:
56:7a:91:73:be:4d:68:e2:87:43:e7:c4:61:dc:ea:
2a:3e:ea:61:65:c0:31:cf:60:77:86:6a:d5:ef:ae:
c9:92:1a:ff:74:05:60:39:a5:cb:64:2a:12:89:52:
64:1e:32:f1:35:5a:03:79:cb:24:e7:31:a8:07:60:
cc:f9:6f:70:cb:12:64:6c:fb:16:11:da:4a:6a:65:
5f:69:4b:fb:e3:7a:8b:a0:cf:cc:8c:be:37:84:ed:
11:89:6e:e0:60:95:df:26:b3:3d:d2:bf:d6:ca:69:
cf:7c:71:c7:45:8d:f4:22:71:7a:75:6c:af:b0:de:
4e:73:30:c9:6c:fb:f0:80:af:e5:da:d7:b3:c1:68:
ac:00:6e:23:d0:89:b5:97:67:50:ae:21:fa:a5:4f:
ea:12:2e:2e:36:f2:a9:2e:37:8d:f3:ec:81:9f:cd:
e8:d8:cc:3a:4b:40:3a:07:2f:03:09:af:38:19:e0:
ba:6e:96:34:e2:33:e5:a0:b0:3e:ac:dc:ed:58:7c:
5a:16:cb:35:bf:e2:80:23:95:3b:e4:b8:00:78:1e:
72:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:44:8E:B8:B9:D8:DE:6C:5C:33:BD:54:D5:22:9D:AC:89:37:8F:E4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QESOuLnY3mxcM71U1SKdrIk3j-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.186.0/24
185.238.189.0-185.238.190.255
IPv6:
2a0e:97c0:300::/44
2a0e:97c0:a80::/44
Signature Algorithm: sha256WithRSAEncryption
9e:63:9e:92:3d:4e:64:6e:80:e7:25:8e:9f:e0:b4:71:74:97:
49:02:13:68:08:fe:2f:a5:f1:79:02:c2:3b:dc:58:0f:b9:6b:
92:f6:b2:12:28:75:1c:6a:b1:3c:36:ce:5b:af:dd:84:a0:1a:
ae:d4:59:1b:f1:f2:7b:f7:e3:ef:de:bf:82:22:44:a9:4a:8d:
ee:77:f9:39:e1:54:64:7a:42:9f:03:25:8a:4b:d2:48:86:13:
53:c9:f3:a4:ee:75:ae:42:e4:b7:15:02:67:49:ca:23:78:fc:
df:00:be:07:29:8d:29:70:41:58:99:71:38:4c:fe:5e:fc:24:
8e:1e:17:bb:fa:1f:76:25:30:87:22:4d:b2:82:69:b6:98:60:
d7:95:4a:81:43:ad:30:dc:18:4c:fc:d5:1a:b6:a1:37:d4:8c:
74:3b:b6:1a:3f:72:83:af:2f:e1:2e:67:c5:7c:70:2e:ed:c9:
2f:85:13:94:31:65:26:08:e6:6b:be:c4:4f:19:4c:12:46:bc:
47:1f:d9:d6:cd:64:3c:81:42:d7:ba:f1:f6:40:2a:fa:7f:b2:
83:25:5c:41:5e:36:66:0f:a3:34:b6:6a:f8:bb:3b:a3:10:b2:
3d:87:13:72:3f:ce:30:3e:1a:df:25:9f:59:c5:d8:21:24:05:
9d:b6:31:0b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVw53fRa7vTDvfkQm129zaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQ0OGViOGI5ZDhkZTZjNWMzM2JkNTRkNTIyOWRhYzg5Mzc4ZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPJE/OtJHLX3lx/yQu5G+BBUlCaf
0VLGeovczYCYbCm6eIATDSMy2b7QJtBWepFzvk1o4odD58Rh3OoqPuphZcAxz2B3
hmrV767Jkhr/dAVgOaXLZCoSiVJkHjLxNVoDecsk5zGoB2DM+W9wyxJkbPsWEdpK
amVfaUv743qLoM/MjL43hO0RiW7gYJXfJrM90r/WymnPfHHHRY30InF6dWyvsN5O
czDJbPvwgK/l2tezwWisAG4j0Im1l2dQriH6pU/qEi4uNvKpLjeN8+yBn83o2Mw6
S0A6By8DCa84GeC6bpY04jPloLA+rNztWHxaFss1v+KAI5U75LgAeB5yiwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEBEjri52N5sXDO9VNUinayJN4/kMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUUVTT3VMblkzbXhjTTcxVTFTS2RySWszai1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUAwQALYO6MAwD
BAC57r0DBAC57r4wGAQCAAIwEgMHBCoOl8ADAAMHBCoOl8AKgDANBgkqhkiG9w0B
AQsFAAOCAQEAnmOekj1OZG6A5yWOn+C0cXSXSQITaAj+L6XxeQLCO9xYD7lrkvay
Eih1HGqxPDbOW6/dhKAartRZG/Hye/fj796/giJEqUqN7nf5OeFUZHpCnwMlikvS
SIYTU8nzpO51rkLktxUCZ0nKI3j83wC+BymNKXBBWJlxOEz+Xvwkjh4Xu/ofdiUw
hyJNsoJptphg15VKgUOtMNwYTPzVGrahN9SMdDu2Gj9yg68v4S5nxXxwLu3JL4UT
lDFlJgjma77ETxlMEka8Rx/Z1s1kPIFC17rx9kAq+n+ygyVcQV42Zg+jNLZq+Ls7
oxCyPYcTcj/OMD4a3yWfWcXYISQFnbYxCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:02 2024 by rpki-client on console-ams.rpki-client.org