Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/Q-AOyNK5wD7K_hlgJFqxXVm5Zak.roa
File: Q-AOyNK5wD7K_hlgJFqxXVm5Zak.roa (raw, json)
Hash identifier: JSggyBaj+i0ocUQEChhOPYLAqAtH3Ww8REiaNiurnEI=
Subject key identifier: 43:E0:0E:C8:D2:B9:C0:3E:CA:FE:19:60:24:5A:B1:5D:59:B9:65:A9
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 01927C566E96CD3F8456AF306371319C7240
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/Q-AOyNK5wD7K_hlgJFqxXVm5Zak.roa
Signing time: Fri 11 Oct 2024 16:08:12 +0000
ROA not before: Fri 11 Oct 2024 16:08:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48551
IP address blocks: 45.94.252.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.191.0/24 maxlen: 24
185.63.114.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.128.40.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.38.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
185.238.143.0/24 maxlen: 24
195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 19 Oct 2024 10:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7c:56:6e:96:cd:3f:84:56:af:30:63:71:31:9c:72:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Oct 11 16:08:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43e00ec8d2b9c03ecafe1960245ab15d59b965a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4b:c4:20:11:68:9a:30:0a:d1:21:b1:ca:4a:
6d:ac:55:e5:f9:c4:0a:57:2b:c3:d9:fd:10:30:3f:
2e:b7:03:3f:e8:de:5b:ad:d7:88:70:fe:dc:26:bb:
d0:b2:12:e7:e5:02:c7:d6:d0:49:4b:76:22:9c:91:
a3:94:3c:cb:89:69:41:4d:04:17:cc:6a:c3:9f:f8:
81:14:b3:0d:cd:2f:3f:c8:ed:4b:9a:88:4b:24:94:
c5:db:b3:4b:2f:ac:95:53:8a:27:d7:3d:a2:a1:ad:
b2:bc:ec:27:da:0f:a2:e5:21:ec:92:49:ce:0a:af:
cd:00:cb:ce:50:61:fe:40:ea:dc:17:ad:ff:9a:f7:
89:e6:3f:9e:3d:66:02:59:55:6e:db:c0:93:8f:81:
47:21:a2:a3:64:a2:29:85:83:4d:29:f0:b4:c2:da:
09:1e:36:6f:28:75:a0:88:bc:04:c8:26:61:68:de:
87:57:e6:a5:94:9a:12:fc:8a:6b:99:4c:2f:99:8c:
6f:19:45:49:fc:a1:1c:7d:3b:60:71:42:79:ee:91:
e1:63:66:df:2b:f7:53:3e:38:d1:c8:45:a1:62:15:
dc:a3:84:48:ba:d5:f0:dc:84:27:50:2a:0f:48:2b:
12:3b:ae:f9:d0:3c:05:72:a1:73:71:6d:6d:4e:df:
b8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E0:0E:C8:D2:B9:C0:3E:CA:FE:19:60:24:5A:B1:5D:59:B9:65:A9
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/Q-AOyNK5wD7K_hlgJFqxXVm5Zak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.252.0/24
45.94.254.0/23
45.159.196.0/22
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.63.114.0/24
185.86.180.0/23
185.128.40.0/24
185.236.36.0/22
185.238.143.0/24
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
39:58:64:cb:7c:69:3e:16:57:ba:19:63:a4:f1:27:43:0f:58:
63:56:c2:8f:3b:8b:5d:14:c5:2b:44:64:8b:6f:8e:6f:b3:1a:
31:51:57:3c:d3:c3:03:2e:de:d2:1d:78:d6:34:58:3e:95:50:
3c:67:85:32:dd:d2:fd:0f:19:a3:88:03:6d:d8:45:8c:04:6a:
c4:2c:18:ef:60:d6:59:ff:cb:9a:1e:82:61:63:73:56:97:5b:
d5:a0:e9:f2:4f:dd:24:34:8c:60:60:38:0a:2a:7b:3e:94:5f:
e1:c5:89:76:a2:14:a8:cc:1e:3c:63:f9:e1:db:cd:77:7b:35:
db:36:b5:7d:bd:13:82:5f:8b:b4:54:22:4d:16:9c:74:ed:5d:
d8:34:ec:05:6d:22:f8:62:a3:a3:88:fc:ea:9d:c9:70:b8:90:
4c:aa:56:0e:77:d6:df:7b:80:e8:32:49:7e:4a:17:95:74:4a:
87:bf:bb:c8:65:a3:83:78:0c:12:b1:d4:19:15:ad:d8:45:98:
0b:ac:5d:94:f2:d4:3d:f2:c5:b0:e5:66:91:e8:5b:be:d1:22:
44:76:93:23:86:12:61:81:2a:c9:39:0d:e0:4d:30:2d:11:83:
2b:56:5e:55:ab:db:be:05:1a:41:bc:cf:cd:02:d3:42:1c:42:
2c:58:16:63
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZJ8Vm6WzT+EVq8wY3ExnHJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjQxMDExMTYwODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UwMGVjOGQyYjljMDNlY2FmZTE5NjAyNDVhYjE1ZDU5Yjk2NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkvEIBFomjAK0SGxykptrFXl+cQK
VyvD2f0QMD8utwM/6N5brdeIcP7cJrvQshLn5QLH1tBJS3YinJGjlDzLiWlBTQQX
zGrDn/iBFLMNzS8/yO1LmohLJJTF27NLL6yVU4on1z2ioa2yvOwn2g+i5SHskknO
Cq/NAMvOUGH+QOrcF63/mveJ5j+ePWYCWVVu28CTj4FHIaKjZKIphYNNKfC0wtoJ
HjZvKHWgiLwEyCZhaN6HV+allJoS/IprmUwvmYxvGUVJ/KEcfTtgcUJ57pHhY2bf
K/dTPjjRyEWhYhXco4RIutXw3IQnUCoPSCsSO6750DwFcqFzcW1tTt+4QQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFEPgDsjSucA+yv4ZYCRasV1ZuWWpMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvUS1BT3lOSzV3RDdLX2hsZ0pGcXhYVm01WmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQALV78AwQB
LV7+AwQCLZ/EAwQCZ9g8AwQAnXe8AwQBnXe+AwQAuT9yAwQBuVa0AwQAuYAoAwQC
uewkAwQAue6PAwQBw3IEAwQBw3IIMA0EAgACMAcDBQMqDZUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA5WGTLfGk+Fle6GWOk8SdDD1hjVsKPO4tdFMUrRGSLb45vsxoxUVc8
08MDLt7SHXjWNFg+lVA8Z4Uy3dL9DxmjiANt2EWMBGrELBjvYNZZ/8uaHoJhY3NW
l1vVoOnyT90kNIxgYDgKKns+lF/hxYl2ohSozB48Y/nh2813ezXbNrV9vROCX4u0
VCJNFpx07V3YNOwFbSL4YqOjiPzqnclwuJBMqlYOd9bfe4DoMkl+SheVdEqHv7vI
ZaODeAwSsdQZFa3YRZgLrF2U8tQ98sWw5WaR6Fu+0SJEdpMjhhJhgSrJOQ3gTTAt
EYMrVl5Vq9u+BRpBvM/NAtNCHEIsWBZj
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:47 2025 by rpki-client