Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/63QKOGG-fFSJeNULeZDW5flEXwY.roa
File: 63QKOGG-fFSJeNULeZDW5flEXwY.roa (raw, json)
Hash identifier: EhZSVFHv0ATRU2vQHo9yZLQObbGHc4bnDjsguWdAoMQ=
Subject key identifier: EB:74:0A:38:61:BE:7C:54:89:78:D5:0B:79:90:D6:E5:F9:44:5F:06
Certificate issuer: /CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Certificate serial: 01895025F69E282CA72ED5DE5C5056846131
Authority key identifier: B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/63QKOGG-fFSJeNULeZDW5flEXwY.roa
Signing time: Thu 13 Jul 2023 16:46:52 +0000
ROA not before: Thu 13 Jul 2023 16:46:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211878
IP address blocks: 45.152.88.0/22 maxlen: 24
2a0f:5100::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:50:25:f6:9e:28:2c:a7:2e:d5:de:5c:50:56:84:61:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Validity
Not Before: Jul 13 16:46:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb740a3861be7c548978d50b7990d6e5f9445f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:78:e0:a2:e6:c9:17:1b:7b:f5:6e:4d:46:44:
61:a1:cf:ce:85:0d:9a:7b:d1:9e:45:5b:aa:c9:d3:
64:a2:b7:68:8b:63:cc:de:ce:ba:64:6b:5e:00:b1:
3f:f7:c4:f9:e0:a2:20:a1:02:7e:61:7a:06:6b:51:
17:ed:dd:1b:86:22:41:72:e4:39:3f:48:f8:e7:a3:
9b:29:14:62:7d:f5:44:74:f3:8f:54:53:5b:54:34:
57:56:ab:77:45:d3:4b:f6:ff:44:c6:33:d6:eb:d8:
2f:df:7b:70:06:fd:78:90:ed:a3:70:a2:0d:64:91:
f2:e5:fc:74:9c:4a:1d:6e:82:0c:b3:30:17:aa:28:
80:8a:4f:71:25:1c:a6:3f:f0:d0:d4:5b:ee:00:82:
1d:fe:7d:42:f8:48:83:45:20:a4:bd:ad:e5:7f:86:
d8:88:6d:13:9e:34:12:09:51:88:cc:c2:6a:f5:0c:
30:d9:33:fb:b1:b6:23:3a:c8:1a:26:a5:c1:9c:9b:
b5:a2:d4:fd:ed:99:2f:f4:46:c1:49:82:ab:9f:90:
15:9c:3d:1a:64:64:ad:e1:a8:aa:82:74:e5:68:43:
04:6c:03:6b:a2:de:61:15:d4:93:99:d9:08:a2:ed:
00:99:86:47:90:0d:81:c6:46:a2:1c:29:f0:23:a9:
77:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:74:0A:38:61:BE:7C:54:89:78:D5:0B:79:90:D6:E5:F9:44:5F:06
X509v3 Authority Key Identifier:
keyid:B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/63QKOGG-fFSJeNULeZDW5flEXwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/uQMr2xKMhuALIcd5WagBHEDQZQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.88.0/22
IPv6:
2a0f:5100::/29
Signature Algorithm: sha256WithRSAEncryption
3f:0c:f0:0d:8f:c0:31:e4:50:8d:14:3e:a2:c2:24:34:07:4b:
b5:ad:50:dc:19:d8:06:3b:e3:a8:93:60:3e:81:c6:9e:c8:34:
57:ee:ed:3d:ce:57:bf:5b:ce:0d:dd:45:b9:15:3c:57:5d:5a:
7f:8d:22:28:97:a6:01:68:bc:a1:e9:a2:0b:b4:96:c9:86:5c:
2e:02:d7:0a:8b:f8:ed:6f:0b:8f:1d:18:3b:b8:32:6c:76:65:
6c:83:df:9f:04:bd:c0:8d:9a:06:c6:bb:8a:d2:0e:37:2e:8d:
66:20:b9:ab:70:4a:30:fe:76:b5:68:1d:f2:25:cd:26:d6:df:
cb:1a:b8:d6:6d:97:c0:81:94:fe:f7:1d:96:50:e6:ab:f4:6b:
fd:27:13:f2:ea:36:75:3f:7f:c7:70:da:5f:21:33:5b:c2:6c:
c9:5d:a8:0e:fd:17:66:e8:5f:21:61:96:93:2c:5b:67:ff:6f:
1a:a0:d5:b2:71:31:17:75:7c:c7:57:7a:2a:56:ac:89:d2:b5:
cf:d3:79:09:9a:0c:13:e9:db:e1:19:f4:87:d4:b9:08:41:94:
97:8f:20:d5:d0:59:00:f6:08:db:aa:9f:ad:a7:2d:28:ef:e3:
e0:6a:f3:66:d0:fe:83:29:6e:1f:b1:3d:fb:5a:6b:ae:f8:e8:
ab:8c:b5:8a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlQJfaeKCynLtXeXFBWhGExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MDMyYmRiMTI4Yzg2ZTAwYjIxYzc3OTU5YTgwMTFjNDBk
MDY1MGMwHhcNMjMwNzEzMTY0NjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc0MGEzODYxYmU3YzU0ODk3OGQ1MGI3OTkwZDZlNWY5NDQ1ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXjgoubJFxt79W5NRkRhoc/OhQ2a
e9GeRVuqydNkordoi2PM3s66ZGteALE/98T54KIgoQJ+YXoGa1EX7d0bhiJBcuQ5
P0j456ObKRRiffVEdPOPVFNbVDRXVqt3RdNL9v9ExjPW69gv33twBv14kO2jcKIN
ZJHy5fx0nEodboIMszAXqiiAik9xJRymP/DQ1FvuAIId/n1C+EiDRSCkva3lf4bY
iG0TnjQSCVGIzMJq9Qww2TP7sbYjOsgaJqXBnJu1otT97Zkv9EbBSYKrn5AVnD0a
ZGSt4aiqgnTlaEMEbANrot5hFdSTmdkIou0AmYZHkA2BxkaiHCnwI6l3jwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOt0CjhhvnxUiXjVC3mQ1uX5RF8GMB8GA1UdIwQY
MBaAFLkDK9sSjIbgCyHHeVmoARxA0GUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYt
ZmU4NDZmNzVkMTcwLzEvNjNRS09HRy1mRlNKZU5VTGVaRFc1ZmxFWHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYtZmU4NDZmNzVkMTcw
LzEvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZhYMA0E
AgACMAcDBQMqD1EAMA0GCSqGSIb3DQEBCwUAA4IBAQA/DPANj8Ax5FCNFD6iwiQ0
B0u1rVDcGdgGO+Ook2A+gcaeyDRX7u09zle/W84N3UW5FTxXXVp/jSIol6YBaLyh
6aILtJbJhlwuAtcKi/jtbwuPHRg7uDJsdmVsg9+fBL3AjZoGxruK0g43Lo1mILmr
cEow/na1aB3yJc0m1t/LGrjWbZfAgZT+9x2WUOar9Gv9JxPy6jZ1P3/HcNpfITNb
wmzJXagO/Rdm6F8hYZaTLFtn/28aoNWycTEXdXzHV3oqVqyJ0rXP03kJmgwT6dvh
GfSH1LkIQZSXjyDV0FkA9gjbqp+tpy0o7+PgavNm0P6DKW4fsT37Wmuu+OirjLWK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:57 2024 by rpki-client on console-ams.rpki-client.org