Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/qepA7BTgIH3ZpGEl0BFzn8OnqdY.roa
File: qepA7BTgIH3ZpGEl0BFzn8OnqdY.roa (raw, json)
Hash identifier: txhhMh+jTd9eF2sVyGwXnNVCFPqJxmLOF9q9oTPLy6A=
Subject key identifier: A9:EA:40:EC:14:E0:20:7D:D9:A4:61:25:D0:11:73:9F:C3:A7:A9:D6
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018571955B456EA12FA3C182F84CD9D61584
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/qepA7BTgIH3ZpGEl0BFzn8OnqdY.roa
Signing time: Mon 02 Jan 2023 08:24:51 +0000
ROA not before: Mon 02 Jan 2023 08:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1124
IP address blocks: 145.18.0.0/16 maxlen: 16
145.109.0.0/17 maxlen: 17
145.109.128.0/17 maxlen: 17
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:5b:45:6e:a1:2f:a3:c1:82:f8:4c:d9:d6:15:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 08:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9ea40ec14e0207dd9a46125d011739fc3a7a9d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:be:ad:ab:83:ca:41:48:e9:94:ca:9f:dc:5d:
0c:5f:13:28:f2:8d:bc:e2:bf:e4:ad:f2:b4:8a:d9:
ec:15:6c:cf:ed:25:fd:7a:57:3d:b3:f6:29:93:00:
0a:36:5a:4f:0d:3c:e5:c0:46:1f:49:29:51:15:54:
43:81:a8:d9:13:b6:0b:ce:ed:8d:20:ac:23:df:3e:
81:e6:b7:2f:b2:6d:76:a0:8b:62:50:96:64:8d:cd:
c2:5a:77:de:87:4a:92:cd:fb:0a:57:c0:bb:3d:b6:
71:92:85:ea:83:bd:41:57:a2:80:ce:e0:8e:d5:44:
c2:82:2f:8a:44:6f:ed:97:86:49:92:81:66:07:29:
17:84:d6:58:7d:47:51:d2:e5:ed:f8:33:74:9a:9e:
19:ee:d5:2c:92:ce:30:46:95:cc:d3:a7:df:99:fb:
68:35:7a:85:af:c9:49:7f:48:fe:f4:96:05:7d:6e:
95:7e:da:1d:ed:27:c6:98:72:92:1f:8c:49:15:8d:
f1:33:a1:07:fd:19:4e:1e:01:43:74:ef:e1:cb:3e:
fd:03:03:35:a1:73:cb:39:24:e3:d5:18:48:72:6f:
f2:51:61:03:81:8d:37:27:ce:fd:c8:20:ac:ad:b0:
c2:08:c1:ad:13:29:dd:2c:ed:ed:b6:df:24:ea:1f:
fe:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:EA:40:EC:14:E0:20:7D:D9:A4:61:25:D0:11:73:9F:C3:A7:A9:D6
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/qepA7BTgIH3ZpGEl0BFzn8OnqdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.18.0.0/16
145.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:8a:e0:02:f3:25:2b:76:75:fd:b0:9c:6c:47:7d:b3:f7:b2:
1f:6a:a2:09:aa:d3:78:49:90:bf:7b:52:9a:3b:cb:58:f0:f2:
52:fc:b7:06:d9:4a:4f:2c:c4:a3:38:0f:89:9e:d4:5d:9d:f1:
b6:d5:03:97:a7:96:96:c2:33:8f:a0:ff:9f:b1:7c:d3:57:3c:
04:88:46:79:b8:7d:cb:27:29:96:bb:d4:88:40:f5:99:52:b3:
39:52:a8:3c:d2:f6:f1:12:3b:28:6c:26:9a:80:a0:02:eb:0c:
f3:e3:6d:0b:a2:6b:63:07:92:84:9d:38:72:6c:9b:cd:cb:4d:
af:a3:4e:5e:4d:89:a8:05:a1:c7:61:15:17:86:5b:40:49:e7:
51:ae:bf:3a:39:a8:c2:ad:20:ff:09:34:e5:02:e8:07:21:1a:
a5:c3:e1:8c:59:76:06:13:bd:09:26:94:04:32:86:a4:28:44:
c8:e3:5e:82:c8:b0:a8:69:e7:a9:b0:6d:a3:2f:37:1b:a1:43:
07:ff:72:13:78:14:15:2b:0b:02:b1:81:4f:b2:1b:aa:37:4f:
df:c9:af:3c:6d:1d:5d:11:84:7a:19:0c:ed:15:61:5b:ee:d2:
ac:c3:b3:d9:a6:2a:3d:13:d8:d8:69:d5:71:8c:83:d4:79:e9:
64:06:b5:ed
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVxlVtFbqEvo8GC+EzZ1hWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWVhNDBlYzE0ZTAyMDdkZDlhNDYxMjVkMDExNzM5ZmMzYTdhOWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAib6tq4PKQUjplMqf3F0MXxMo8o28
4r/krfK0itnsFWzP7SX9elc9s/YpkwAKNlpPDTzlwEYfSSlRFVRDgajZE7YLzu2N
IKwj3z6B5rcvsm12oItiUJZkjc3CWnfeh0qSzfsKV8C7PbZxkoXqg71BV6KAzuCO
1UTCgi+KRG/tl4ZJkoFmBykXhNZYfUdR0uXt+DN0mp4Z7tUsks4wRpXM06ffmfto
NXqFr8lJf0j+9JYFfW6Vftod7SfGmHKSH4xJFY3xM6EH/RlOHgFDdO/hyz79AwM1
oXPLOSTj1RhIcm/yUWEDgY03J879yCCsrbDCCMGtEyndLO3ttt8k6h/+fwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFKnqQOwU4CB92aRhJdARc5/Dp6nWMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvcWVwQTdCVGdJSDNacEdFbDBCRnpuOE9ucWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAkRIDAwCR
bTANBgkqhkiG9w0BAQsFAAOCAQEANIrgAvMlK3Z1/bCcbEd9s/eyH2qiCarTeEmQ
v3tSmjvLWPDyUvy3BtlKTyzEozgPiZ7UXZ3xttUDl6eWlsIzj6D/n7F801c8BIhG
ebh9yycplrvUiED1mVKzOVKoPNL28RI7KGwmmoCgAusM8+NtC6JrYweShJ04cmyb
zctNr6NOXk2JqAWhx2EVF4ZbQEnnUa6/Ojmowq0g/wk05QLoByEapcPhjFl2BhO9
CSaUBDKGpChEyONegsiwqGnnqbBtoy83G6FDB/9yE3gUFSsLArGBT7IbqjdP38mv
PG0dXRGEehkM7RVhW+7SrMOz2aYqPRPY2GnVcYyD1HnpZAa17Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org