Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tQqDvxCnj3TVJMH3MNgCbi7EiFE.roa
File: tQqDvxCnj3TVJMH3MNgCbi7EiFE.roa (raw, json)
Hash identifier: lpi3AObrKLJ4PK6+Qgde32+usb0aOQw0zfBi+xapm2Y=
Subject key identifier: B5:0A:83:BF:10:A7:8F:74:D5:24:C1:F7:30:D8:02:6E:2E:C4:88:51
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01868F43E3BB1292A07B8FE469C6FFAAF119
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tQqDvxCnj3TVJMH3MNgCbi7EiFE.roa
Signing time: Sun 26 Feb 2023 19:47:16 +0000
ROA not before: Sun 26 Feb 2023 19:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.118.0/24 maxlen: 24
45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8f:43:e3:bb:12:92:a0:7b:8f:e4:69:c6:ff:aa:f1:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 26 19:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b50a83bf10a78f74d524c1f730d8026e2ec48851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8a:95:9c:5f:f0:00:7e:5c:6e:29:69:8b:b5:
ee:41:22:e0:d4:3b:e5:0c:08:f7:14:8d:56:23:6b:
a9:8b:ba:3a:26:89:ef:11:ab:bc:fa:58:af:3a:b8:
7d:ac:82:17:10:69:f7:d3:22:36:dd:b6:10:29:50:
32:a8:b0:a3:48:3a:79:f0:ca:af:3e:5a:34:1c:eb:
26:d4:da:be:26:d5:34:d4:80:fd:20:eb:55:46:d4:
12:e9:5c:1a:0e:52:c0:a1:99:b8:b2:74:d1:dc:7b:
45:c3:a7:9c:78:b5:42:2a:fd:a0:31:bf:5c:2a:aa:
26:8c:c4:ab:3b:8b:62:ca:35:df:25:b1:56:a2:65:
64:95:b3:a1:3f:b2:95:3a:4d:c0:86:03:0f:2a:30:
fb:55:aa:f3:df:da:39:cd:d7:c5:47:59:f2:e7:b7:
79:86:6d:8b:9b:69:4e:ea:17:d1:6c:d3:b1:56:b0:
62:c2:e4:d7:0a:b7:ae:10:5f:1d:f7:e8:be:aa:7f:
ca:79:d6:a5:dd:85:8f:5b:d0:a6:f3:93:b9:e5:b4:
b7:8e:7a:07:3a:b3:6d:11:01:8c:fb:48:00:41:6d:
be:f8:ef:72:16:a0:cc:38:53:78:ea:0a:d3:49:de:
6e:ae:79:aa:35:c0:71:a9:ea:aa:af:ed:d8:8f:1f:
e0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0A:83:BF:10:A7:8F:74:D5:24:C1:F7:30:D8:02:6E:2E:C4:88:51
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tQqDvxCnj3TVJMH3MNgCbi7EiFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/24
45.148.118.0/23
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
7f:40:7e:f8:bf:1b:15:aa:a2:45:cd:5a:16:28:5a:6b:83:f7:
db:2d:2d:b5:71:b3:98:7d:00:c8:a2:6a:7a:5b:3a:39:99:a3:
e5:04:1f:4e:c5:cb:ff:35:02:04:fa:1f:61:99:51:44:10:79:
2e:3a:2c:62:ed:a5:a8:2a:31:ef:b7:84:cc:ee:63:c9:90:c6:
16:90:eb:54:27:63:85:9b:74:3a:9c:97:99:7d:70:e1:74:f6:
dd:f4:91:17:94:d2:b7:f9:47:6a:f8:88:d0:6d:6e:bc:4d:a9:
90:80:83:0e:b2:f5:9e:e8:b5:23:29:38:b9:c6:56:87:1d:7a:
bc:d3:16:60:b9:8f:cc:34:6b:02:6b:6a:69:d7:54:91:fd:92:
ba:b1:ae:21:6c:ca:68:45:5e:e6:e6:73:86:e2:1d:5a:2b:f0:
b9:ec:45:c1:ac:d6:d3:67:f9:29:34:c5:b3:56:bb:3f:bb:03:
85:7b:4c:a0:c6:38:8b:23:7b:0d:e5:1b:37:16:4e:e7:49:44:
4f:be:5c:5c:11:77:67:aa:80:0a:96:89:72:34:fc:a5:f0:50:
88:a0:65:ae:48:6c:fd:ce:b8:02:8b:d2:e3:f7:15:d6:3d:b6:
b4:c9:b0:26:c9:62:15:f1:0c:a1:88:1b:82:f3:b3:4b:5f:b7:
f2:cb:25:f6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYaPQ+O7EpKge4/kacb/qvEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjI2MTk0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTBhODNiZjEwYTc4Zjc0ZDUyNGMxZjczMGQ4MDI2ZTJlYzQ4ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIqVnF/wAH5cbilpi7XuQSLg1Dvl
DAj3FI1WI2upi7o6JonvEau8+livOrh9rIIXEGn30yI23bYQKVAyqLCjSDp58Mqv
Plo0HOsm1Nq+JtU01ID9IOtVRtQS6VwaDlLAoZm4snTR3HtFw6eceLVCKv2gMb9c
KqomjMSrO4tiyjXfJbFWomVklbOhP7KVOk3AhgMPKjD7Varz39o5zdfFR1ny57d5
hm2Lm2lO6hfRbNOxVrBiwuTXCreuEF8d9+i+qn/Kedal3YWPW9Cm85O55bS3jnoH
OrNtEQGM+0gAQW2++O9yFqDMOFN46grTSd5urnmqNcBxqeqqr+3Yjx/g1wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLUKg78Qp4901STB9zDYAm4uxIhRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdFFxRHZ4Q25qM1RWSk1IM01OZ0NiaTdFaUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzASBAIAATAMAwQALZR0AwQB
LZR2MDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDMQAHQAwcE
KhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQB/QH74vxsVqqJFzVoWKFprg/fbLS21
cbOYfQDIomp6Wzo5maPlBB9Oxcv/NQIE+h9hmVFEEHkuOixi7aWoKjHvt4TM7mPJ
kMYWkOtUJ2OFm3Q6nJeZfXDhdPbd9JEXlNK3+Udq+IjQbW68TamQgIMOsvWe6LUj
KTi5xlaHHXq80xZguY/MNGsCa2pp11SR/ZK6sa4hbMpoRV7m5nOG4h1aK/C57EXB
rNbTZ/kpNMWzVrs/uwOFe0ygxjiLI3sN5Rs3Fk7nSURPvlxcEXdnqoAKlolyNPyl
8FCIoGWuSGz9zrgCi9Lj9xXWPba0ybAmyWIV8QyhiBuC87NLX7fyyyX2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-fra.rpki-client.org