Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/4NTQiSruakacy4CBnaF8KixiWow.roa
File: 4NTQiSruakacy4CBnaF8KixiWow.roa (raw, json)
Hash identifier: q6GZzGSGw8St1w36XR6lHU8qasTplWr6sdv/amEz+tU=
Subject key identifier: E0:D4:D0:89:2A:EE:6A:46:9C:CB:80:81:9D:A1:7C:2A:2C:62:5A:8C
Certificate issuer: /CN=400fe172a0c7e33c43ccaaee3a1ef42cd009e91e
Certificate serial: 01856B93291AC82A901937A058759F8B657E
Authority key identifier: 40:0F:E1:72:A0:C7:E3:3C:43:CC:AA:EE:3A:1E:F4:2C:D0:09:E9:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA_hcqDH4zxDzKruOh70LNAJ6R4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/4NTQiSruakacy4CBnaF8KixiWow.roa
Signing time: Sun 01 Jan 2023 04:24:44 +0000
ROA not before: Sun 01 Jan 2023 04:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 109.107.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:29:1a:c8:2a:90:19:37:a0:58:75:9f:8b:65:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400fe172a0c7e33c43ccaaee3a1ef42cd009e91e
Validity
Not Before: Jan 1 04:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0d4d0892aee6a469ccb80819da17c2a2c625a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:4a:21:76:84:bf:cf:e9:b3:39:d4:14:d8:c5:
56:c9:c8:db:b0:43:bf:40:95:e2:db:4d:14:d1:1a:
10:55:1a:7a:52:29:66:b2:0d:f4:5b:eb:89:92:c0:
8e:40:9f:04:f7:4c:ce:6d:ff:7c:55:4c:1d:76:5e:
b1:ff:27:ae:fa:37:3a:b5:6a:60:6f:5c:f6:21:54:
07:61:10:de:0a:de:71:52:f2:48:cb:4f:8b:e8:27:
cb:93:8f:c3:96:a2:05:99:38:89:b7:05:8e:e9:21:
11:dd:b5:75:80:6f:4a:c1:35:62:d1:ce:ca:bc:5b:
a6:ad:82:53:11:b8:55:6b:f1:4a:98:63:54:5d:b8:
46:cd:2c:46:36:ee:9d:55:06:4d:13:7e:68:5b:e6:
94:eb:ff:81:bb:84:4a:c4:5b:a6:da:b7:e6:3d:d0:
d7:16:e7:bc:b1:fa:c1:0b:32:02:d8:cb:4c:a1:d6:
82:d0:41:06:3f:04:b0:54:37:7d:9c:d3:8c:ac:13:
05:16:56:52:a4:36:13:35:53:39:f7:4d:f2:8e:b6:
d2:61:07:f4:9b:73:cc:f2:a9:68:f3:12:ec:e8:47:
12:06:eb:a1:7b:01:a8:e0:69:6b:04:3f:38:ee:20:
d0:a7:c1:b4:61:9a:40:09:e0:e6:6d:3b:18:c4:06:
af:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D4:D0:89:2A:EE:6A:46:9C:CB:80:81:9D:A1:7C:2A:2C:62:5A:8C
X509v3 Authority Key Identifier:
keyid:40:0F:E1:72:A0:C7:E3:3C:43:CC:AA:EE:3A:1E:F4:2C:D0:09:E9:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA_hcqDH4zxDzKruOh70LNAJ6R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/4NTQiSruakacy4CBnaF8KixiWow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/QA_hcqDH4zxDzKruOh70LNAJ6R4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.145.0/24
Signature Algorithm: sha256WithRSAEncryption
73:1a:d9:ad:bf:b8:ed:23:20:0f:54:fa:7d:b8:01:00:13:d7:
b3:c7:52:36:89:87:dc:10:92:f7:7b:3a:99:3c:c4:be:f2:b1:
0f:e7:8e:44:83:75:68:f9:5c:ca:1f:8f:a1:1a:2c:4d:1a:5e:
ba:8f:51:83:a8:6c:c9:a3:e6:d5:a9:55:30:5a:8c:07:58:49:
54:36:fa:84:ec:3f:12:31:f8:4f:d9:57:15:90:79:f8:39:d9:
c3:e2:68:b8:ad:a7:7a:b9:3f:91:2e:8b:8e:b1:21:5f:55:de:
4d:8a:29:ef:a6:9a:af:b7:a4:fb:ef:3d:fe:71:6c:e3:b5:c9:
73:f2:04:7a:8c:54:da:49:41:47:9b:69:89:74:3e:3a:8e:2d:
ea:ca:05:a7:1d:83:11:fb:e3:b5:d6:4f:13:69:5a:e5:e5:a1:
f5:6d:94:3d:f7:29:d8:ed:ee:28:63:4d:83:d6:8b:35:e6:26:
f0:a2:06:71:bb:93:ad:ae:47:c4:af:dd:68:e0:bd:42:e6:cc:
6f:e3:91:90:5e:d7:0a:3d:50:ec:a9:68:47:71:97:63:a7:23:
5f:af:42:ed:3c:9f:8c:93:bd:92:3d:6c:81:4f:ae:f6:05:46:
f5:0a:3a:ba:bd:85:77:ef:db:3b:63:c5:d4:cb:78:e8:de:a5:
8e:f1:d1:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrkykayCqQGTegWHWfi2V+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGZlMTcyYTBjN2UzM2M0M2NjYWFlZTNhMWVmNDJjZDAw
OWU5MWUwHhcNMjMwMTAxMDQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQ0ZDA4OTJhZWU2YTQ2OWNjYjgwODE5ZGExN2MyYTJjNjI1YThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEohdoS/z+mzOdQU2MVWycjbsEO/
QJXi200U0RoQVRp6Uilmsg30W+uJksCOQJ8E90zObf98VUwddl6x/yeu+jc6tWpg
b1z2IVQHYRDeCt5xUvJIy0+L6CfLk4/DlqIFmTiJtwWO6SER3bV1gG9KwTVi0c7K
vFumrYJTEbhVa/FKmGNUXbhGzSxGNu6dVQZNE35oW+aU6/+Bu4RKxFum2rfmPdDX
Fue8sfrBCzIC2MtModaC0EEGPwSwVDd9nNOMrBMFFlZSpDYTNVM5903yjrbSYQf0
m3PM8qlo8xLs6EcSBuuhewGo4GlrBD847iDQp8G0YZpACeDmbTsYxAavWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODU0Ikq7mpGnMuAgZ2hfCosYlqMMB8GA1UdIwQY
MBaAFEAP4XKgx+M8Q8yq7joe9CzQCekeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFfaGNxREg0enhEektydU9oNzBMTkFKNlI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mYTU3ODItODAxYy00ODkzLTkzMjgt
M2UwYjg0NDc4YjlkLzEvNE5UUWlTcnVha2FjeTRDQm5hRjhLaXhpV293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mYTU3ODItODAxYy00ODkzLTkzMjgtM2UwYjg0NDc4Yjlk
LzEvUUFfaGNxREg0enhEektydU9oNzBMTkFKNlI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuRMA0G
CSqGSIb3DQEBCwUAA4IBAQBzGtmtv7jtIyAPVPp9uAEAE9ezx1I2iYfcEJL3ezqZ
PMS+8rEP545Eg3Vo+VzKH4+hGixNGl66j1GDqGzJo+bVqVUwWowHWElUNvqE7D8S
MfhP2VcVkHn4OdnD4mi4rad6uT+RLouOsSFfVd5Niinvppqvt6T77z3+cWzjtclz
8gR6jFTaSUFHm2mJdD46ji3qygWnHYMR++O11k8TaVrl5aH1bZQ99ynY7e4oY02D
1os15ibwogZxu5OtrkfEr91o4L1C5sxv45GQXtcKPVDsqWhHcZdjpyNfr0LtPJ+M
k72SPWyBT672BUb1Cjq6vYV379s7Y8XUy3jo3qWO8dGW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:03 2024 by rpki-client on console-fra.rpki-client.org