Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QkUJHI5Ql5nKCdGp93c-6MFb4J8.roa
File: QkUJHI5Ql5nKCdGp93c-6MFb4J8.roa (raw, json)
Hash identifier: hHe8HcGYS3NyaNw0vHEPHTZT6tOvkuR44tXpmo7G+xY=
Subject key identifier: 42:45:09:1C:8E:50:97:99:CA:09:D1:A9:F7:77:3E:E8:C1:5B:E0:9F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0185F1B15105DF85E9AB6A6051A9E20F26B9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QkUJHI5Ql5nKCdGp93c-6MFb4J8.roa
Signing time: Fri 27 Jan 2023 05:26:47 +0000
ROA not before: Fri 27 Jan 2023 05:26:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 45.88.14.0/24 maxlen: 24
176.223.66.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 04:58:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f1:b1:51:05:df:85:e9:ab:6a:60:51:a9:e2:0f:26:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 27 05:26:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4245091c8e509799ca09d1a9f7773ee8c15be09f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:12:84:1f:da:37:6f:3c:0c:8b:2b:b0:42:
00:eb:78:e9:99:b9:38:37:f7:63:e3:fb:47:27:40:
6f:d1:ba:64:ff:94:f2:95:f6:1c:36:04:3e:5c:73:
65:b7:e3:29:79:79:ee:fb:d7:02:13:73:05:f5:24:
8a:ab:55:4b:04:0f:20:78:c8:1e:f8:ac:69:b6:36:
5d:dc:60:c9:22:4a:55:cf:0c:bb:2d:2d:8d:49:ed:
04:1b:6f:0f:6d:34:87:69:b4:10:e5:c7:7c:f3:6b:
b9:15:62:14:21:fd:54:6d:77:1f:ee:c0:80:eb:2e:
e0:40:1a:bb:b1:ce:33:aa:97:64:9e:67:42:07:e3:
ac:76:3d:37:7d:d6:15:16:ac:51:53:fa:8b:ce:04:
83:6f:19:4c:75:06:9f:f6:de:7b:58:9c:55:33:3e:
04:39:b7:92:66:f0:f7:6b:3b:a0:a3:2a:be:4e:87:
22:9c:b1:a8:b0:6e:f7:34:10:d1:82:eb:ca:ea:6c:
f5:99:dd:64:8e:69:41:b7:bf:19:cd:7b:13:d4:e2:
51:e8:9c:bb:0c:5c:b3:96:2a:b5:10:9e:7e:d2:0b:
4e:e0:4f:ff:16:8b:45:9f:b7:12:db:eb:09:47:92:
89:f9:1d:59:21:9a:9c:0e:98:62:4b:ea:25:d4:f8:
d4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:45:09:1C:8E:50:97:99:CA:09:D1:A9:F7:77:3E:E8:C1:5B:E0:9F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QkUJHI5Ql5nKCdGp93c-6MFb4J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.14.0/24
176.223.66.0/24
188.214.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:a9:4f:d8:54:14:ee:9f:8b:cb:8f:8b:67:06:63:11:34:1c:
8d:48:bc:9e:2b:ca:9d:f8:69:f6:a7:3e:e5:72:f7:b1:67:1b:
b4:c7:c5:cd:68:a4:b8:81:c0:a8:ed:6f:89:86:e6:3f:ea:95:
49:f8:b5:0b:99:0e:75:ba:d5:e5:6d:03:19:25:6b:08:61:40:
ac:fb:0d:c1:93:80:61:ac:eb:e8:1c:1b:e6:32:59:b9:26:99:
1c:7e:28:95:43:28:df:85:ab:0c:22:58:1e:19:84:17:91:a7:
87:6b:c8:07:c9:c0:e2:51:47:4a:23:01:db:25:18:bd:6a:37:
ae:e2:5a:c6:0e:76:6c:27:b6:78:be:0e:43:ec:bd:34:52:12:
c0:1a:4d:d9:0c:d0:c4:97:24:8a:b5:10:fb:c1:5a:b6:41:ce:
29:37:fe:78:62:47:eb:01:c1:f1:39:ff:de:c2:a1:a0:0c:5e:
30:0b:f7:6f:7b:86:ad:59:58:f2:62:29:9c:11:00:cf:59:7a:
48:13:ae:b8:1d:bd:6e:75:8f:fd:58:07:d7:3b:88:6f:ef:f4:
4f:e4:20:ef:e0:a5:1f:99:ff:d3:f8:83:72:56:9f:25:cc:d5:
09:38:dd:3a:4a:20:83:91:92:e8:de:d7:79:51:2d:6f:aa:ec:
01:66:ef:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXxsVEF34Xpq2pgUaniDya5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMTI3MDUyNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ1MDkxYzhlNTA5Nzk5Y2EwOWQxYTlmNzc3M2VlOGMxNWJlMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIIShB/aN288DIsrsEIA63jpmbk4
N/dj4/tHJ0Bv0bpk/5TylfYcNgQ+XHNlt+MpeXnu+9cCE3MF9SSKq1VLBA8geMge
+KxptjZd3GDJIkpVzwy7LS2NSe0EG28PbTSHabQQ5cd882u5FWIUIf1UbXcf7sCA
6y7gQBq7sc4zqpdknmdCB+Osdj03fdYVFqxRU/qLzgSDbxlMdQaf9t57WJxVMz4E
ObeSZvD3azugoyq+TocinLGosG73NBDRguvK6mz1md1kjmlBt78ZzXsT1OJR6Jy7
DFyzliq1EJ5+0gtO4E//FotFn7cS2+sJR5KJ+R1ZIZqcDphiS+ol1PjUdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEJFCRyOUJeZygnRqfd3PujBW+CfMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUWtVSkhJNVFsNW5LQ2RHcDkzYy02TUZiNEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVgOAwQA
sN9CAwQAvNZrMA0GCSqGSIb3DQEBCwUAA4IBAQA6qU/YVBTun4vLj4tnBmMRNByN
SLyeK8qd+Gn2pz7lcvexZxu0x8XNaKS4gcCo7W+JhuY/6pVJ+LULmQ51utXlbQMZ
JWsIYUCs+w3Bk4BhrOvoHBvmMlm5JpkcfiiVQyjfhasMIlgeGYQXkaeHa8gHycDi
UUdKIwHbJRi9ajeu4lrGDnZsJ7Z4vg5D7L00UhLAGk3ZDNDElySKtRD7wVq2Qc4p
N/54YkfrAcHxOf/ewqGgDF4wC/dve4atWVjyYimcEQDPWXpIE664Hb1udY/9WAfX
O4hv7/RP5CDv4KUfmf/T+INyVp8lzNUJON06SiCDkZLo3td5US1vquwBZu9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org