Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/QpkeflpUG3GRruEraraJgOh2yks.roa
File: QpkeflpUG3GRruEraraJgOh2yks.roa (raw, json)
Hash identifier: ZFozj/TPwlD1OxtpfWN5A+tXYSyPlc906xHZC1QDrb0=
Subject key identifier: 42:99:1E:7E:5A:54:1B:71:91:AE:E1:2B:6A:B6:89:80:E8:76:CA:4B
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 0189463B315A29194C22365E8C8ABE7E0B3A
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/QpkeflpUG3GRruEraraJgOh2yks.roa
Signing time: Tue 11 Jul 2023 18:33:51 +0000
ROA not before: Tue 11 Jul 2023 18:33:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 45.133.216.0/24 maxlen: 24
194.156.98.0/24 maxlen: 24
45.145.0.0/24 maxlen: 24
194.156.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Oct 2023 18:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:46:3b:31:5a:29:19:4c:22:36:5e:8c:8a:be:7e:0b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jul 11 18:33:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42991e7e5a541b7191aee12b6ab68980e876ca4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:45:5f:2e:2d:a5:65:e5:ab:a4:12:66:78:84:
14:3b:52:08:44:ce:95:02:73:73:c2:25:15:73:81:
bf:99:0e:bf:90:4b:66:cc:46:3c:af:6f:9a:10:58:
58:3f:5b:54:a8:b6:a6:2d:0c:b8:e7:e3:9e:f1:be:
e8:5b:e5:46:54:95:68:f6:2f:8b:9a:c0:ca:d2:e5:
eb:b8:a5:42:75:e8:2e:44:47:35:28:55:a8:d8:9f:
18:1d:05:5b:56:0a:24:12:7c:27:62:40:c0:94:a1:
2f:28:19:38:fe:7b:b5:52:1e:d4:1e:ce:a2:a6:7f:
51:72:75:21:6b:a3:79:49:12:28:6a:f6:ff:5a:4b:
1d:96:b3:79:d0:3c:d2:9c:78:d1:27:1d:30:00:67:
be:1a:be:01:99:07:36:21:b3:ca:4f:53:8a:bf:89:
91:c7:5f:62:3d:d2:e0:3d:42:f2:4e:90:e6:25:80:
37:0f:a7:a8:89:54:3b:fb:1b:8e:65:7a:ef:1b:5d:
a3:e4:48:bc:5b:34:42:b9:4a:26:58:2c:58:e4:9f:
00:96:85:78:05:7b:33:80:cd:d8:af:8e:be:d4:d0:
da:58:3a:3e:7b:79:2c:ba:34:80:cb:91:89:46:9e:
73:74:aa:c4:1a:db:ac:f6:8b:9a:96:a5:9f:f3:f1:
8b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:99:1E:7E:5A:54:1B:71:91:AE:E1:2B:6A:B6:89:80:E8:76:CA:4B
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/QpkeflpUG3GRruEraraJgOh2yks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.216.0/24
45.145.0.0/24
194.156.98.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:cb:77:02:c6:f8:54:a1:3a:57:b3:5c:ad:12:f2:26:45:42:
b3:46:f4:09:79:5e:25:15:dd:e0:80:56:35:ff:39:3e:bd:64:
e9:e9:03:00:ee:f2:c2:ee:90:91:86:dc:fc:32:ca:2b:9e:25:
de:b7:18:c5:54:df:78:9f:a4:13:1e:70:14:8b:a1:cf:1d:f8:
10:4d:d1:f3:c1:ab:d4:1e:e1:c3:e2:24:19:09:3c:c9:b7:31:
91:c2:77:f4:0d:d7:2f:28:a6:21:68:c6:0e:29:9f:f2:e6:41:
01:cf:db:c7:a4:15:94:12:9a:26:30:73:23:cb:3a:3a:fb:c7:
90:1b:fd:1c:e1:6f:05:d1:ad:d0:63:0b:ec:19:da:c0:09:0a:
f1:37:ec:18:5d:26:3d:70:55:45:f8:11:64:81:3d:55:f2:24:
28:e5:5d:31:6b:81:a5:ec:25:b6:94:e7:6e:93:11:78:05:b3:
e2:79:ac:36:0a:32:96:9d:43:f6:2b:52:cc:04:63:0b:c7:28:
8a:96:92:f9:0c:b6:e7:c0:ce:c5:8b:ba:65:be:43:8a:7d:40:
d5:16:13:f2:7a:00:95:63:f1:d1:f0:57:a5:78:c1:bd:98:86:
3a:ac:c5:11:41:ad:49:4b:3e:54:55:53:85:ee:da:fd:31:aa:
3b:3a:d2:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlGOzFaKRlMIjZejIq+fgs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzExMTgzMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk5MWU3ZTVhNTQxYjcxOTFhZWUxMmI2YWI2ODk4MGU4NzZjYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkVfLi2lZeWrpBJmeIQUO1IIRM6V
AnNzwiUVc4G/mQ6/kEtmzEY8r2+aEFhYP1tUqLamLQy45+Oe8b7oW+VGVJVo9i+L
msDK0uXruKVCdeguREc1KFWo2J8YHQVbVgokEnwnYkDAlKEvKBk4/nu1Uh7UHs6i
pn9RcnUha6N5SRIoavb/WksdlrN50DzSnHjRJx0wAGe+Gr4BmQc2IbPKT1OKv4mR
x19iPdLgPULyTpDmJYA3D6eoiVQ7+xuOZXrvG12j5Ei8WzRCuUomWCxY5J8AloV4
BXszgM3Yr46+1NDaWDo+e3ksujSAy5GJRp5zdKrEGtus9oualqWf8/GLyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEKZHn5aVBtxka7hK2q2iYDodspLMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvUXBrZWZscFVHM0dScnVFcmFyYUpnT2gyeWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYXYAwQA
LZEAAwQBwpxiMA0GCSqGSIb3DQEBCwUAA4IBAQDEy3cCxvhUoTpXs1ytEvImRUKz
RvQJeV4lFd3ggFY1/zk+vWTp6QMA7vLC7pCRhtz8MsorniXetxjFVN94n6QTHnAU
i6HPHfgQTdHzwavUHuHD4iQZCTzJtzGRwnf0DdcvKKYhaMYOKZ/y5kEBz9vHpBWU
EpomMHMjyzo6+8eQG/0c4W8F0a3QYwvsGdrACQrxN+wYXSY9cFVF+BFkgT1V8iQo
5V0xa4Gl7CW2lOdukxF4BbPieaw2CjKWnUP2K1LMBGMLxyiKlpL5DLbnwM7Fi7pl
vkOKfUDVFhPyegCVY/HR8FeleMG9mIY6rMURQa1JSz5UVVOF7tr9Mao7OtKr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org