Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/QxVT5tg4jpHwIjOGLDArU_JRmRA.roa
File: QxVT5tg4jpHwIjOGLDArU_JRmRA.roa (raw, json)
Hash identifier: eEjDKpkV444pzmycNqfEg9OTeHZ5DY8MOUyKH86VWv0=
Subject key identifier: 43:15:53:E6:D8:38:8E:91:F0:22:33:86:2C:30:2B:53:F2:51:99:10
Certificate issuer: /CN=4e5aa38eea324e2bd7ab6427e7596a9fa41db0e3
Certificate serial: 0187F5265EA881F2AF76BB0DF8DE57BC5F62
Authority key identifier: 4E:5A:A3:8E:EA:32:4E:2B:D7:AB:64:27:E7:59:6A:9F:A4:1D:B0:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/QxVT5tg4jpHwIjOGLDArU_JRmRA.roa
Signing time: Sun 07 May 2023 07:39:05 +0000
ROA not before: Sun 07 May 2023 07:39:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60798
IP address blocks: 45.138.201.0/24 maxlen: 24
45.138.200.0/22 maxlen: 22
45.138.200.0/24 maxlen: 24
45.14.184.0/22 maxlen: 24
185.229.236.0/22 maxlen: 24
185.25.204.0/22 maxlen: 24
2a00:82e0::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f5:26:5e:a8:81:f2:af:76:bb:0d:f8:de:57:bc:5f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5aa38eea324e2bd7ab6427e7596a9fa41db0e3
Validity
Not Before: May 7 07:39:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=431553e6d8388e91f02233862c302b53f2519910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:65:a3:d4:67:aa:cf:e5:79:80:fa:21:da:db:
18:f5:91:a2:74:5a:61:01:6f:dc:ee:96:1a:79:4b:
09:ce:79:14:4e:d9:b3:f5:a3:91:37:c1:f5:66:16:
c7:e0:e8:86:fd:02:9c:14:b9:dc:74:c7:59:6f:a0:
6b:59:10:a7:7c:03:04:c9:4e:c8:e2:2f:fc:ea:3c:
03:57:87:81:f3:13:51:eb:f5:fb:7e:f3:2b:c5:26:
dc:58:72:34:c7:76:f0:b2:e8:97:7a:e4:5c:6a:56:
a9:ca:0c:b7:13:59:60:93:1a:c2:b6:51:13:f5:67:
94:41:ff:83:08:99:7d:06:c5:e2:54:e1:3d:93:97:
ee:bc:ce:7f:78:85:0b:09:f9:94:be:31:29:b2:71:
aa:31:70:5a:75:5f:6a:78:ea:e0:5a:f7:9b:ef:8d:
d1:ce:66:c0:55:9b:57:42:d2:5d:3a:43:8c:9c:d0:
66:b8:90:e0:8b:5f:0a:9b:e5:14:8d:99:11:fd:c0:
b1:9b:a5:ec:2e:41:e8:69:38:37:70:4e:8b:92:6f:
56:bc:c0:e1:84:7d:66:3a:8d:7d:79:08:1e:c4:92:
e9:26:32:15:4e:71:05:03:74:e4:cf:be:27:8d:6a:
84:02:a8:cb:fa:6b:5b:c9:33:5c:87:be:47:50:4c:
15:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:15:53:E6:D8:38:8E:91:F0:22:33:86:2C:30:2B:53:F2:51:99:10
X509v3 Authority Key Identifier:
keyid:4E:5A:A3:8E:EA:32:4E:2B:D7:AB:64:27:E7:59:6A:9F:A4:1D:B0:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/QxVT5tg4jpHwIjOGLDArU_JRmRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/TlqjjuoyTivXq2Qn51lqn6QdsOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.184.0/22
45.138.200.0/22
185.25.204.0/22
185.229.236.0/22
IPv6:
2a00:82e0::/40
Signature Algorithm: sha256WithRSAEncryption
63:6b:2c:b1:6c:d8:fd:38:34:05:e7:dd:82:c9:6c:21:1b:a6:
1e:a2:35:84:f4:09:3c:a3:47:da:db:c1:12:77:d6:d6:65:e9:
e4:c7:49:ca:55:bd:79:73:ae:52:4c:1a:29:c3:2b:2c:94:44:
0a:ef:72:32:4f:30:fb:38:a1:9f:08:98:aa:1e:51:e4:38:73:
32:59:97:33:e6:5e:e7:8d:7e:45:3f:9d:37:3a:ef:db:7c:41:
a5:f7:03:01:3a:ad:5c:eb:5f:e4:45:a9:ff:7c:03:fe:9e:b2:
a9:9e:9d:fa:84:98:c9:0b:4c:b2:3e:91:30:dd:ad:b5:d6:24:
37:2e:32:d9:f8:48:02:ad:69:1e:9f:20:8e:86:9f:ff:52:32:
c9:3e:cc:eb:da:b4:4d:b2:9c:3d:fe:3a:8d:46:0e:4b:ad:8a:
fc:a7:f1:96:6c:ae:f8:8a:46:76:5e:d2:71:f0:2a:e3:0b:d3:
12:24:8f:12:a9:6a:9c:6b:51:71:85:10:5f:71:19:c0:9b:32:
9d:b1:4d:04:c3:eb:8a:09:26:89:4f:d5:39:50:ce:da:99:e6:
58:d2:1e:34:0d:cc:c3:11:76:36:cd:20:5e:96:a3:38:9a:3b:
73:23:04:03:d6:cf:df:fc:a9:53:f0:01:55:c4:1e:31:7d:e0:
ea:c7:ef:5e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYf1Jl6ogfKvdrsN+N5XvF9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNWFhMzhlZWEzMjRlMmJkN2FiNjQyN2U3NTk2YTlmYTQx
ZGIwZTMwHhcNMjMwNTA3MDczOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE1NTNlNmQ4Mzg4ZTkxZjAyMjMzODYyYzMwMmI1M2YyNTE5OTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGWj1Geqz+V5gPoh2tsY9ZGidFph
AW/c7pYaeUsJznkUTtmz9aORN8H1ZhbH4OiG/QKcFLncdMdZb6BrWRCnfAMEyU7I
4i/86jwDV4eB8xNR6/X7fvMrxSbcWHI0x3bwsuiXeuRcalapygy3E1lgkxrCtlET
9WeUQf+DCJl9BsXiVOE9k5fuvM5/eIULCfmUvjEpsnGqMXBadV9qeOrgWveb743R
zmbAVZtXQtJdOkOMnNBmuJDgi18Km+UUjZkR/cCxm6XsLkHoaTg3cE6Lkm9WvMDh
hH1mOo19eQgexJLpJjIVTnEFA3Tkz74njWqEAqjL+mtbyTNch75HUEwV3QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEMVU+bYOI6R8CIzhiwwK1PyUZkQMB8GA1UdIwQY
MBaAFE5ao47qMk4r16tkJ+dZap+kHbDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxxamp1b3lUaXZYcTJRbjUxbHFuNlFkc09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NjcxMTktMjhhYS00MzM5LWI3NDEt
NGVlZWQ4YTQzMDhiLzEvUXhWVDV0ZzRqcEh3SWpPR0xEQXJVX0pSbVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NjcxMTktMjhhYS00MzM5LWI3NDEtNGVlZWQ4YTQzMDhi
LzEvVGxxamp1b3lUaXZYcTJRbjUxbHFuNlFkc09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCLQ64AwQC
LYrIAwQCuRnMAwQCueXsMA4EAgACMAgDBgAqAILgADANBgkqhkiG9w0BAQsFAAOC
AQEAY2sssWzY/Tg0BefdgslsIRumHqI1hPQJPKNH2tvBEnfW1mXp5MdJylW9eXOu
UkwaKcMrLJRECu9yMk8w+zihnwiYqh5R5DhzMlmXM+Ze541+RT+dNzrv23xBpfcD
ATqtXOtf5EWp/3wD/p6yqZ6d+oSYyQtMsj6RMN2ttdYkNy4y2fhIAq1pHp8gjoaf
/1IyyT7M69q0TbKcPf46jUYOS62K/Kfxlmyu+IpGdl7ScfAq4wvTEiSPEqlqnGtR
cYUQX3EZwJsynbFNBMPrigkmiU/VOVDO2pnmWNIeNA3MwxF2Ns0gXpajOJo7cyME
A9bP3/ypU/ABVcQeMX3g6sfvXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:29 2024 by rpki-client on console-ams.rpki-client.org