Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/cecfb6-07fb-4275-b06a-8aa50d67037c/1/QIwS6d3fCasCqnEgfmiptHPmB1w.roa
File: QIwS6d3fCasCqnEgfmiptHPmB1w.roa (raw, json)
Hash identifier: 2wHovDUYDvnB71eGrZq0YusX4c5sV0SrV8+Tw/zqTD8=
Subject key identifier: 40:8C:12:E9:DD:DF:09:AB:02:AA:71:20:7E:68:A9:B4:73:E6:07:5C
Certificate issuer: /CN=d3a7c3be06bc45c3f12b90b185278ad4ec919756
Certificate serial: 0185729EFAE1A638DEB0FA32504B99D0AAE9
Authority key identifier: D3:A7:C3:BE:06:BC:45:C3:F1:2B:90:B1:85:27:8A:D4:EC:91:97:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/06fDvga8RcPxK5CxhSeK1OyRl1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/cecfb6-07fb-4275-b06a-8aa50d67037c/1/QIwS6d3fCasCqnEgfmiptHPmB1w.roa
Signing time: Mon 02 Jan 2023 13:14:59 +0000
ROA not before: Mon 02 Jan 2023 13:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199496
IP address blocks: 45.148.88.0/22 maxlen: 27
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:fa:e1:a6:38:de:b0:fa:32:50:4b:99:d0:aa:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3a7c3be06bc45c3f12b90b185278ad4ec919756
Validity
Not Before: Jan 2 13:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=408c12e9dddf09ab02aa71207e68a9b473e6075c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c0:0b:36:8a:e8:ac:59:c6:43:c2:68:86:19:
ab:36:a9:1b:7f:46:2a:8f:09:30:79:c8:2e:70:d7:
e9:5f:25:bc:f1:04:89:94:ef:a5:97:92:8c:f0:5d:
2e:62:1e:dc:b9:2d:fc:31:e0:29:f7:ea:98:50:fb:
17:9f:eb:38:15:9b:30:5f:c4:94:ce:b9:76:04:ec:
91:23:df:4d:ae:6c:ff:16:e4:82:37:b6:44:e4:89:
55:5d:85:f2:5e:aa:4f:31:f4:93:0e:1c:76:fa:85:
68:cb:d5:d9:cc:7d:c4:fe:24:85:d6:bd:25:45:e6:
c0:97:67:94:cc:d1:66:ee:2c:0d:f7:02:6f:67:61:
b7:5f:8b:ae:8b:ef:fb:4f:70:40:59:a2:3e:11:ca:
92:45:5f:0f:ec:74:97:cf:6c:a9:48:34:cb:c8:dd:
8e:39:c5:51:76:87:ec:ce:da:24:80:55:a3:3c:23:
b3:88:cf:92:75:08:72:3c:a4:e0:6e:9b:98:57:b4:
a2:c2:33:02:07:e0:7b:b7:17:a9:9d:8b:3c:86:17:
44:67:b9:56:9a:a5:ef:a1:5a:73:f8:d8:2a:f4:27:
5b:98:15:24:14:4e:01:9b:a7:66:36:c0:9d:ec:7d:
b4:75:2c:9c:17:89:fb:34:02:b2:c5:4c:c8:9c:15:
2c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8C:12:E9:DD:DF:09:AB:02:AA:71:20:7E:68:A9:B4:73:E6:07:5C
X509v3 Authority Key Identifier:
keyid:D3:A7:C3:BE:06:BC:45:C3:F1:2B:90:B1:85:27:8A:D4:EC:91:97:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/06fDvga8RcPxK5CxhSeK1OyRl1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cecfb6-07fb-4275-b06a-8aa50d67037c/1/QIwS6d3fCasCqnEgfmiptHPmB1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cecfb6-07fb-4275-b06a-8aa50d67037c/1/06fDvga8RcPxK5CxhSeK1OyRl1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.88.0/22
Signature Algorithm: sha256WithRSAEncryption
12:84:08:2e:10:21:c0:a3:bc:a0:4c:d5:95:26:f8:06:43:a7:
9c:73:22:e3:64:97:28:29:e9:8f:19:79:c0:17:1c:0f:ae:63:
9a:02:ee:0f:76:b4:81:5d:e6:24:0b:a0:29:38:5e:37:e1:85:
3f:7a:f7:bc:95:3a:fd:f6:61:2e:55:82:2b:46:08:2e:c1:dc:
3b:a0:a2:7a:35:77:05:d4:d6:c2:ff:71:de:8e:d8:e6:3d:36:
78:57:a2:d6:c4:87:31:ef:f9:5b:6c:2d:10:e1:8a:1d:64:f7:
5c:13:d0:f0:ab:7b:95:ae:96:48:29:e4:43:71:42:57:08:78:
b5:de:f8:b2:12:29:c3:a4:0e:c1:70:b5:97:76:3c:e7:45:cd:
9a:49:27:49:7e:45:ad:41:dd:e7:78:71:f8:93:d9:5a:a6:0a:
18:12:d6:92:97:3f:4f:d5:a8:80:44:47:17:7f:da:05:c3:12:
27:3b:7f:83:66:b1:87:c4:17:68:93:51:48:c1:80:8b:5e:4f:
f9:4a:36:22:d0:8b:9d:ba:36:fd:2b:3a:76:78:37:49:39:42:
30:59:0d:4f:f4:62:20:9e:b1:60:9b:d0:5f:20:f2:51:4e:4e:
e8:76:63:4a:fd:7f:63:db:96:0c:04:a5:5b:dc:8d:08:90:f1:
0b:e8:7c:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynvrhpjjesPoyUEuZ0KrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYTdjM2JlMDZiYzQ1YzNmMTJiOTBiMTg1Mjc4YWQ0ZWM5
MTk3NTYwHhcNMjMwMTAyMTMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhjMTJlOWRkZGYwOWFiMDJhYTcxMjA3ZTY4YTliNDczZTYwNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8ALNororFnGQ8JohhmrNqkbf0Yq
jwkwecgucNfpXyW88QSJlO+ll5KM8F0uYh7cuS38MeAp9+qYUPsXn+s4FZswX8SU
zrl2BOyRI99Nrmz/FuSCN7ZE5IlVXYXyXqpPMfSTDhx2+oVoy9XZzH3E/iSF1r0l
RebAl2eUzNFm7iwN9wJvZ2G3X4uui+/7T3BAWaI+EcqSRV8P7HSXz2ypSDTLyN2O
OcVRdofsztokgFWjPCOziM+SdQhyPKTgbpuYV7SiwjMCB+B7txepnYs8hhdEZ7lW
mqXvoVpz+Ngq9CdbmBUkFE4Bm6dmNsCd7H20dSycF4n7NAKyxUzInBUs5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECMEund3wmrAqpxIH5oqbRz5gdcMB8GA1UdIwQY
MBaAFNOnw74GvEXD8SuQsYUnitTskZdWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDZmRHZnYThSY1B4SzVDeGhTZUsxT3lSbDFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZWNmYjYtMDdmYi00Mjc1LWIwNmEt
OGFhNTBkNjcwMzdjLzEvUUl3UzZkM2ZDYXNDcW5FZ2ZtaXB0SFBtQjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZWNmYjYtMDdmYi00Mjc1LWIwNmEtOGFhNTBkNjcwMzdj
LzEvMDZmRHZnYThSY1B4SzVDeGhTZUsxT3lSbDFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZRYMA0G
CSqGSIb3DQEBCwUAA4IBAQAShAguECHAo7ygTNWVJvgGQ6eccyLjZJcoKemPGXnA
FxwPrmOaAu4PdrSBXeYkC6ApOF434YU/eve8lTr99mEuVYIrRgguwdw7oKJ6NXcF
1NbC/3HejtjmPTZ4V6LWxIcx7/lbbC0Q4YodZPdcE9Dwq3uVrpZIKeRDcUJXCHi1
3viyEinDpA7BcLWXdjznRc2aSSdJfkWtQd3neHH4k9lapgoYEtaSlz9P1aiAREcX
f9oFwxInO3+DZrGHxBdok1FIwYCLXk/5SjYi0Iudujb9Kzp2eDdJOUIwWQ1P9GIg
nrFgm9BfIPJRTk7odmNK/X9j25YMBKVb3I0IkPEL6Hwy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org