Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/KQBXWNalDks7hZuCmoKbany8_pU.roa
File: KQBXWNalDks7hZuCmoKbany8_pU.roa (raw, json)
Hash identifier: PjN4oyQxMjJOCrhKBBKAaE5Gk0IrxeRkBjwATG3v5cs=
Subject key identifier: 29:00:57:58:D6:A5:0E:4B:3B:85:9B:82:9A:82:9B:6A:7C:BC:FE:95
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 01934DB50898D267025C48CE8C9C6AB29F7E
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/KQBXWNalDks7hZuCmoKbany8_pU.roa
Signing time: Thu 21 Nov 2024 07:52:10 +0000
ROA not before: Thu 21 Nov 2024 07:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.145.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:b5:08:98:d2:67:02:5c:48:ce:8c:9c:6a:b2:9f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Nov 21 07:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29005758d6a50e4b3b859b829a829b6a7cbcfe95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:16:e9:0b:ff:f6:51:49:90:e2:b7:82:4d:f9:
a5:06:8e:fa:44:80:54:fe:4c:37:49:a6:4c:69:dc:
60:64:bd:65:4d:7d:90:ad:7e:2f:dd:fb:c7:e8:a6:
90:eb:a1:a7:0f:5a:21:08:83:73:98:a6:16:99:19:
75:47:9e:d3:1e:2d:e1:74:c1:81:02:c9:27:c6:19:
d4:af:83:63:e7:60:cc:be:d8:a3:e8:dd:f6:89:52:
1a:c9:4c:d1:4b:6a:97:79:82:2f:d6:21:68:0a:ba:
cf:18:63:eb:07:da:4f:c3:a1:b1:5c:f0:fc:af:29:
11:2d:16:ff:56:a6:7c:b0:27:47:37:7e:1f:2d:4d:
13:89:ad:8c:0e:b5:84:48:60:f0:d7:c3:86:8f:84:
a0:67:78:f5:f7:93:72:71:0a:3a:31:7f:67:2a:af:
b6:26:28:1b:03:64:59:d7:ee:73:e4:9d:82:1b:74:
8c:4c:ef:ac:ad:06:1b:ce:98:4c:de:9c:df:c4:43:
d3:30:fd:75:70:21:1a:4d:48:77:6b:df:fd:d1:21:
2f:7c:b1:56:92:43:d4:39:09:bf:d6:4f:3b:b2:ae:
a1:51:48:53:68:9f:ee:79:75:9d:f1:41:f5:ac:87:
b3:32:4f:06:6c:fe:2e:b9:46:ac:08:dd:e1:98:16:
f3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:00:57:58:D6:A5:0E:4B:3B:85:9B:82:9A:82:9B:6A:7C:BC:FE:95
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/KQBXWNalDks7hZuCmoKbany8_pU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.152.0/24
Signature Algorithm: sha256WithRSAEncryption
16:8b:64:05:72:3d:90:83:cd:40:2a:3c:39:60:bf:d6:bb:3f:
b3:2d:fd:9d:28:93:c0:49:08:1b:eb:af:f5:39:97:df:e5:f0:
6d:fb:71:da:fa:f6:f6:ed:f6:41:70:cb:d7:5c:0b:46:17:95:
ef:c1:79:c0:6b:f3:3a:24:1e:45:93:6c:dc:71:98:ba:76:7d:
7a:77:f5:c6:88:48:7c:2a:5c:5a:ca:c1:df:e3:ff:c6:35:83:
80:ea:6c:a9:31:84:9d:ef:98:48:ee:73:fb:88:c2:a1:98:13:
53:e9:87:ae:b3:9b:0e:f0:b1:57:a8:a4:42:7c:11:fc:3e:0b:
c5:81:76:41:1c:e0:73:ca:68:f4:0b:30:40:0e:0f:f7:a0:42:
ad:db:33:1a:7c:37:e8:a4:ae:5d:72:f7:82:89:46:df:73:55:
13:28:e1:15:86:de:83:23:48:92:8c:86:12:17:05:ff:6a:c2:
de:3b:82:ce:a1:7c:4c:68:cc:1f:b8:af:c3:61:97:78:82:43:
87:b3:29:70:3d:2b:b2:d6:6d:58:48:a3:5f:5d:63:46:a7:99:
f6:f6:3e:29:fa:a9:ca:d6:b5:72:e1:8a:95:c9:a8:92:4f:bb:
2b:26:97:d5:c6:b1:70:c1:35:41:3c:86:6e:2a:c5:41:20:23:
19:bd:a9:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNNtQiY0mcCXEjOjJxqsp9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjQxMTIxMDc1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAwNTc1OGQ2YTUwZTRiM2I4NTliODI5YTgyOWI2YTdjYmNmZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxbpC//2UUmQ4reCTfmlBo76RIBU
/kw3SaZMadxgZL1lTX2QrX4v3fvH6KaQ66GnD1ohCINzmKYWmRl1R57THi3hdMGB
AsknxhnUr4Nj52DMvtij6N32iVIayUzRS2qXeYIv1iFoCrrPGGPrB9pPw6GxXPD8
rykRLRb/VqZ8sCdHN34fLU0Tia2MDrWESGDw18OGj4SgZ3j195NycQo6MX9nKq+2
JigbA2RZ1+5z5J2CG3SMTO+srQYbzphM3pzfxEPTMP11cCEaTUh3a9/90SEvfLFW
kkPUOQm/1k87sq6hUUhTaJ/ueXWd8UH1rIezMk8GbP4uuUasCN3hmBbzLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkAV1jWpQ5LO4WbgpqCm2p8vP6VMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvS1FCWFdOYWxEa3M3aFp1Q21vS2Jhbnk4X3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGYMA0G
CSqGSIb3DQEBCwUAA4IBAQAWi2QFcj2Qg81AKjw5YL/Wuz+zLf2dKJPASQgb66/1
OZff5fBt+3Ha+vb27fZBcMvXXAtGF5XvwXnAa/M6JB5Fk2zccZi6dn16d/XGiEh8
KlxaysHf4//GNYOA6mypMYSd75hI7nP7iMKhmBNT6Yeus5sO8LFXqKRCfBH8PgvF
gXZBHOBzymj0CzBADg/3oEKt2zMafDfopK5dcveCiUbfc1UTKOEVht6DI0iSjIYS
FwX/asLeO4LOoXxMaMwfuK/DYZd4gkOHsylwPSuy1m1YSKNfXWNGp5n29j4p+qnK
1rVy4YqVyaiST7srJpfVxrFwwTVBPIZuKsVBICMZval+
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:15 2025 by rpki-client