Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bffa03-1cd6-4034-a7bd-857599683c3e/1/QxOiP1xd31a0cnqfBBokBA-_qe4.roa
File: QxOiP1xd31a0cnqfBBokBA-_qe4.roa (raw, json)
Hash identifier: KGruz4wRL+1WiaR6POFTmlrOfxviHb0iYJm6XLCO+Cc=
Subject key identifier: 43:13:A2:3F:5C:5D:DF:56:B4:72:7A:9F:04:1A:24:04:0F:BF:A9:EE
Certificate issuer: /CN=5fc065098574629d4a7e2d2b2055aa7bf2302fee
Certificate serial: 018EA57A62FFD0CC98676828CDEBC61AC8AA
Authority key identifier: 5F:C0:65:09:85:74:62:9D:4A:7E:2D:2B:20:55:AA:7B:F2:30:2F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8BlCYV0Yp1Kfi0rIFWqe_IwL-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bffa03-1cd6-4034-a7bd-857599683c3e/1/QxOiP1xd31a0cnqfBBokBA-_qe4.roa
Signing time: Wed 03 Apr 2024 19:40:45 +0000
ROA not before: Wed 03 Apr 2024 19:40:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215250
IP address blocks: 45.91.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:7a:62:ff:d0:cc:98:67:68:28:cd:eb:c6:1a:c8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc065098574629d4a7e2d2b2055aa7bf2302fee
Validity
Not Before: Apr 3 19:40:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4313a23f5c5ddf56b4727a9f041a24040fbfa9ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ef:7c:0d:00:c6:98:c3:bb:8a:3b:bc:f1:51:
5c:dd:40:3c:40:06:99:8f:9d:97:71:4d:71:5a:de:
a7:e8:80:48:3e:5e:f2:48:b5:a0:7b:87:34:e6:cb:
a3:47:52:0c:b1:51:78:a6:66:8c:cc:52:75:c3:c4:
d8:51:33:d5:06:d9:33:04:42:97:5b:6b:09:68:be:
e1:3a:8e:ce:0d:84:a0:f4:3e:a0:3c:ef:49:00:9e:
bb:65:dc:cb:05:cd:40:94:ad:75:05:b2:60:7d:fb:
11:db:46:db:e1:5c:2a:51:e4:e5:f6:67:3d:b7:96:
12:06:e4:71:3b:58:32:1d:63:d3:75:6a:95:04:e1:
90:06:ba:6b:9a:07:cf:d8:2f:f3:73:6b:37:36:48:
25:83:5a:20:cd:b5:b8:27:f7:08:a3:98:a8:87:64:
84:59:55:48:0c:6e:1c:03:83:e3:db:f6:e1:fc:db:
de:da:00:b6:17:78:07:12:04:bf:77:0a:9b:88:e2:
a5:3b:d6:7c:54:a5:6f:c4:ca:b3:10:ed:13:a5:67:
c4:44:55:b1:16:b6:99:0b:76:c0:0f:6f:2f:f2:b1:
d8:9c:d4:55:59:56:f8:02:ad:66:bf:ad:ba:c8:23:
4f:15:21:59:95:9c:e3:1f:aa:e0:95:25:f2:7b:d4:
5d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:13:A2:3F:5C:5D:DF:56:B4:72:7A:9F:04:1A:24:04:0F:BF:A9:EE
X509v3 Authority Key Identifier:
keyid:5F:C0:65:09:85:74:62:9D:4A:7E:2D:2B:20:55:AA:7B:F2:30:2F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8BlCYV0Yp1Kfi0rIFWqe_IwL-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bffa03-1cd6-4034-a7bd-857599683c3e/1/QxOiP1xd31a0cnqfBBokBA-_qe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bffa03-1cd6-4034-a7bd-857599683c3e/1/X8BlCYV0Yp1Kfi0rIFWqe_IwL-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.12.0/24
Signature Algorithm: sha256WithRSAEncryption
33:b7:85:31:df:59:bf:9f:ee:b0:d2:60:bf:4d:eb:19:73:19:
02:38:7f:bd:6b:df:6d:a5:1f:64:ef:95:63:00:a1:2c:5c:45:
46:de:e8:6c:9d:7d:15:10:d4:23:39:60:45:04:a6:f0:0e:00:
55:8a:f3:44:15:d6:a5:2f:51:59:d6:9d:76:e1:94:46:7d:17:
d7:2b:db:24:24:51:93:95:ef:52:e6:d2:57:47:3d:9c:7a:ac:
8a:a7:aa:f7:ac:55:17:e2:69:8b:62:c7:61:9f:3f:d9:9f:b1:
7d:70:58:f4:e0:81:27:5d:8b:99:2e:92:9e:a2:e9:bb:40:11:
ec:80:4e:03:0a:c7:11:6e:40:ed:c4:37:fb:8e:0f:e2:61:6e:
49:31:c4:c3:b6:73:ee:18:4e:aa:b5:4f:28:d1:1c:c7:b1:9c:
23:87:6a:26:f7:2b:31:b0:e8:4b:56:a1:2c:80:b9:05:94:de:
ce:c3:20:13:93:c5:29:c8:37:10:92:d5:c0:35:76:d7:61:98:
2e:40:cb:15:df:39:a0:ae:1d:ba:08:f0:d7:b2:67:bf:c0:0b:
86:40:1e:52:ee:e6:be:59:7a:29:88:08:7e:30:f4:b7:5e:7a:
26:37:d3:c1:d3:8a:7a:0a:75:4a:6b:26:67:79:58:88:33:6f:
79:0e:00:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6lemL/0MyYZ2gozevGGsiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzA2NTA5ODU3NDYyOWQ0YTdlMmQyYjIwNTVhYTdiZjIz
MDJmZWUwHhcNMjQwNDAzMTk0MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzEzYTIzZjVjNWRkZjU2YjQ3MjdhOWYwNDFhMjQwNDBmYmZhOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe98DQDGmMO7iju88VFc3UA8QAaZ
j52XcU1xWt6n6IBIPl7ySLWge4c05sujR1IMsVF4pmaMzFJ1w8TYUTPVBtkzBEKX
W2sJaL7hOo7ODYSg9D6gPO9JAJ67ZdzLBc1AlK11BbJgffsR20bb4VwqUeTl9mc9
t5YSBuRxO1gyHWPTdWqVBOGQBrprmgfP2C/zc2s3Nkglg1ogzbW4J/cIo5ioh2SE
WVVIDG4cA4Pj2/bh/Nve2gC2F3gHEgS/dwqbiOKlO9Z8VKVvxMqzEO0TpWfERFWx
FraZC3bAD28v8rHYnNRVWVb4Aq1mv626yCNPFSFZlZzjH6rglSXye9RdSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMToj9cXd9WtHJ6nwQaJAQPv6nuMB8GA1UdIwQY
MBaAFF/AZQmFdGKdSn4tKyBVqnvyMC/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhCbENZVjBZcDFLZmkwcklGV3FlX0l3TC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZmZhMDMtMWNkNi00MDM0LWE3YmQt
ODU3NTk5NjgzYzNlLzEvUXhPaVAxeGQzMWEwY25xZkJCb2tCQS1fcWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZmZhMDMtMWNkNi00MDM0LWE3YmQtODU3NTk5NjgzYzNl
LzEvWDhCbENZVjBZcDFLZmkwcklGV3FlX0l3TC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVsMMA0G
CSqGSIb3DQEBCwUAA4IBAQAzt4Ux31m/n+6w0mC/TesZcxkCOH+9a99tpR9k75Vj
AKEsXEVG3uhsnX0VENQjOWBFBKbwDgBVivNEFdalL1FZ1p124ZRGfRfXK9skJFGT
le9S5tJXRz2ceqyKp6r3rFUX4mmLYsdhnz/Zn7F9cFj04IEnXYuZLpKeoum7QBHs
gE4DCscRbkDtxDf7jg/iYW5JMcTDtnPuGE6qtU8o0RzHsZwjh2om9ysxsOhLVqEs
gLkFlN7OwyATk8UpyDcQktXANXbXYZguQMsV3zmgrh26CPDXsme/wAuGQB5S7ua+
WXopiAh+MPS3XnomN9PB04p6CnVKayZneViIM295DgBR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:58 2025 by rpki-client