Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/QXIKsgMIpr30lnLM9Av63dq2dHA.roa
File: QXIKsgMIpr30lnLM9Av63dq2dHA.roa (raw, json)
Hash identifier: 5I0GqPzmfrRwZhPcOLQ/Qvf7JDSC/q/wp1fKQBBb/Gs=
Subject key identifier: 41:72:0A:B2:03:08:A6:BD:F4:96:72:CC:F4:0B:FA:DD:DA:B6:74:70
Certificate issuer: /CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Certificate serial: 018E19F26ADD86CA37A247CDB870BB53F004
Authority key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/QXIKsgMIpr30lnLM9Av63dq2dHA.roa
Signing time: Thu 07 Mar 2024 17:25:01 +0000
ROA not before: Thu 07 Mar 2024 17:25:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11325
IP address blocks: 45.94.24.0/24 maxlen: 24
45.94.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 12:09:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:f2:6a:dd:86:ca:37:a2:47:cd:b8:70:bb:53:f0:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Validity
Not Before: Mar 7 17:25:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41720ab20308a6bdf49672ccf40bfadddab67470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:43:38:e2:7f:38:30:60:de:d4:66:d1:7f:53:
c2:d9:80:d7:34:47:d6:18:ab:43:de:c5:a7:8b:b1:
78:09:d4:e5:e6:99:f6:56:b2:45:f7:dc:0c:70:ac:
2c:e4:91:c2:7d:de:f6:07:cb:dc:6f:f3:13:e2:83:
70:53:e9:ff:75:91:fc:12:50:38:c0:db:ef:2d:28:
0f:ef:d3:a3:07:b1:64:70:4f:93:b8:35:df:55:fd:
05:f4:d2:24:eb:a9:50:d6:88:d6:cb:47:c7:6d:7e:
13:06:e4:04:6b:53:1f:59:05:d0:a0:23:c4:99:55:
5c:a6:84:42:0d:de:df:7a:a8:b6:98:5d:1b:2b:e7:
52:c1:3b:a0:c3:75:bc:32:e0:a7:86:c0:84:e2:03:
ad:51:b5:a7:e5:95:2b:13:9e:19:bd:dd:63:24:67:
0e:96:fb:f8:d2:e3:e3:77:a9:f2:fd:d4:df:c6:2d:
31:f9:89:1a:df:9a:d9:b2:6f:82:d7:df:71:fc:f4:
d0:ee:81:59:f5:c1:0d:71:bc:63:ca:76:74:9f:5b:
bd:15:e6:74:b1:b1:04:d3:05:6f:cb:b2:5e:76:4f:
07:15:40:c8:01:0b:d3:da:51:f6:f6:bc:7b:f4:c7:
9e:3d:b8:8c:21:c0:14:bf:56:5b:80:bc:1d:63:95:
78:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:72:0A:B2:03:08:A6:BD:F4:96:72:CC:F4:0B:FA:DD:DA:B6:74:70
X509v3 Authority Key Identifier:
keyid:AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/QXIKsgMIpr30lnLM9Av63dq2dHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.24.0/24
45.94.27.0/24
Signature Algorithm: sha256WithRSAEncryption
50:95:9f:51:08:76:67:a3:50:75:c9:ff:e6:50:48:e4:a4:3d:
ac:ed:39:61:2c:6e:ff:1d:ea:fa:52:eb:10:de:49:e7:cb:de:
84:b3:0a:d4:5b:44:ca:d8:5d:1c:ce:43:e9:ab:87:e6:54:63:
2a:70:aa:66:a6:76:07:4b:b5:c6:b9:94:0a:f3:6d:23:87:1a:
77:2f:8e:1f:a5:fe:0a:2d:4e:b5:5d:48:88:45:7d:5d:15:b0:
d0:05:0c:76:3b:cf:a7:ed:b7:be:26:ac:42:8c:8f:ee:70:28:
9d:0a:39:9c:72:76:c5:85:7c:7d:ec:92:99:34:9c:09:32:bb:
18:0c:d7:04:d7:f6:4c:3a:b5:81:ef:85:57:d8:93:60:b5:5d:
8e:4b:c8:02:6f:74:d5:06:24:ef:46:65:e9:5a:ed:ec:97:f6:
f9:8b:22:be:d0:ba:fd:c8:ee:52:a4:6b:a2:55:70:7b:a0:3b:
dc:0d:11:29:a1:37:bf:44:31:e9:61:4e:a0:f8:57:58:2d:b0:
11:53:5f:53:9e:46:48:f4:0d:05:f8:71:3b:83:48:3b:33:63:
7c:98:c2:5a:dd:1b:dc:fd:67:b9:e1:76:00:e1:88:97:e7:1e:
f2:15:14:8b:4d:5e:1f:60:a7:53:a3:43:09:27:69:42:54:31:
53:74:b2:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4Z8mrdhso3okfNuHC7U/AEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjZmODVhYWQxMDFjNDU2YzFhYzlhMDFhNzE5MmZjNTc4
OGU5MmMwHhcNMjQwMzA3MTcyNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTcyMGFiMjAzMDhhNmJkZjQ5NjcyY2NmNDBiZmFkZGRhYjY3NDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUM44n84MGDe1GbRf1PC2YDXNEfW
GKtD3sWni7F4CdTl5pn2VrJF99wMcKws5JHCfd72B8vcb/MT4oNwU+n/dZH8ElA4
wNvvLSgP79OjB7FkcE+TuDXfVf0F9NIk66lQ1ojWy0fHbX4TBuQEa1MfWQXQoCPE
mVVcpoRCDd7feqi2mF0bK+dSwTugw3W8MuCnhsCE4gOtUbWn5ZUrE54Zvd1jJGcO
lvv40uPjd6ny/dTfxi0x+Yka35rZsm+C199x/PTQ7oFZ9cENcbxjynZ0n1u9FeZ0
sbEE0wVvy7Jedk8HFUDIAQvT2lH29rx79MeePbiMIcAUv1ZbgLwdY5V4PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEFyCrIDCKa99JZyzPQL+t3atnRwMB8GA1UdIwQY
MBaAFK/2+FqtEBxFbBrJoBpxkvxXiOksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTIt
NjQ0YmQwZmM3ZjgwLzEvUVhJS3NnTUlwcjMwbG5MTTlBdjYzZHEyZEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTItNjQ0YmQwZmM3Zjgw
LzEvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV4YAwQA
LV4bMA0GCSqGSIb3DQEBCwUAA4IBAQBQlZ9RCHZno1B1yf/mUEjkpD2s7TlhLG7/
Her6UusQ3knny96EswrUW0TK2F0czkPpq4fmVGMqcKpmpnYHS7XGuZQK820jhxp3
L44fpf4KLU61XUiIRX1dFbDQBQx2O8+n7be+JqxCjI/ucCidCjmccnbFhXx97JKZ
NJwJMrsYDNcE1/ZMOrWB74VX2JNgtV2OS8gCb3TVBiTvRmXpWu3sl/b5iyK+0Lr9
yO5SpGuiVXB7oDvcDREpoTe/RDHpYU6g+FdYLbARU19TnkZI9A0F+HE7g0g7M2N8
mMJa3Rvc/We54XYA4YiX5x7yFRSLTV4fYKdTo0MJJ2lCVDFTdLKu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:38 2024 by rpki-client on console-ams.rpki-client.org