Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qmMA2d0n5pqg_hpbT5GfmUIvfio.roa
File: qmMA2d0n5pqg_hpbT5GfmUIvfio.roa (raw, json)
Hash identifier: v1Mhby4Npxl+ES7YO8UWrWJGwWi5Qzj/vCRNaH9JvcI=
Subject key identifier: AA:63:00:D9:DD:27:E6:9A:A0:FE:1A:5B:4F:91:9F:99:42:2F:7E:2A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018B8B96C675693C52AE9D25EEF77D474DF9
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qmMA2d0n5pqg_hpbT5GfmUIvfio.roa
Signing time: Wed 01 Nov 2023 15:53:16 +0000
ROA not before: Wed 01 Nov 2023 15:53:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 45.85.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:96:c6:75:69:3c:52:ae:9d:25:ee:f7:7d:47:4d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Nov 1 15:53:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa6300d9dd27e69aa0fe1a5b4f919f99422f7e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c2:18:2d:be:31:e1:16:30:68:db:2c:f5:b3:
ad:75:72:81:bd:be:70:d7:40:0c:be:b8:11:55:d7:
d0:1d:bb:1d:9a:50:8d:9d:a3:6e:14:94:3e:37:48:
66:31:78:17:d6:f7:e6:d2:06:df:01:80:b1:19:9c:
c3:cf:e6:56:74:e0:63:11:60:1a:d7:a9:64:90:33:
c7:85:d0:84:fb:2f:a3:48:e4:8b:e8:52:05:bb:f8:
21:05:f9:b8:27:f3:47:40:ea:17:4c:91:82:6f:3f:
44:dc:6b:11:8e:fd:dd:6c:e1:4b:cc:77:ae:6b:e7:
17:42:cc:17:2c:46:0c:87:10:87:ea:dc:76:04:3d:
a9:d1:5b:f7:3e:dd:14:c1:d8:b4:97:6b:a0:0f:6d:
00:fb:f1:0b:c5:b3:60:08:cb:43:8a:63:c0:d1:ec:
ef:d1:9f:d5:2e:76:dd:a8:8c:7c:e7:55:5b:df:ff:
da:53:21:70:77:30:4a:95:19:80:df:97:6f:10:00:
23:b5:74:fc:a8:1f:10:a1:19:51:e3:8b:16:d2:60:
f7:0f:ad:3b:b8:97:d1:3a:0d:8e:d3:93:93:d3:61:
73:86:8d:e5:33:33:28:85:90:37:9f:65:29:70:26:
68:69:25:6b:f7:23:a9:d8:b5:35:c1:67:72:dc:61:
97:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:63:00:D9:DD:27:E6:9A:A0:FE:1A:5B:4F:91:9F:99:42:2F:7E:2A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qmMA2d0n5pqg_hpbT5GfmUIvfio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.90.0/24
Signature Algorithm: sha256WithRSAEncryption
83:41:ac:fb:2a:ac:d5:c1:ad:b4:1c:55:d9:34:69:b0:8c:8c:
44:58:23:38:a7:c6:f1:2c:8a:b0:81:4f:f2:a9:bb:56:df:6d:
7f:f0:96:27:7e:7f:db:d6:2e:ff:40:eb:d2:a4:a1:64:80:ab:
e2:b5:b2:d0:ec:eb:dc:95:80:5a:a5:db:f4:5a:d5:be:c7:bc:
42:20:6b:67:d8:d3:5e:1f:82:21:6d:33:e4:82:36:5b:91:be:
1d:43:ab:d2:6d:99:2d:1f:dd:90:41:fd:0a:00:8d:34:c6:b5:
33:27:ba:9c:6d:43:ae:3c:2e:72:cb:8b:3a:4c:9f:df:e2:10:
b8:98:33:fd:ea:e6:e7:32:df:45:3c:99:64:2a:7d:86:0b:98:
61:33:2b:b4:da:1d:a0:40:e2:72:93:31:73:5d:b8:fc:c3:c1:
ba:9e:2b:da:8c:f9:8f:b6:e2:0e:a1:72:81:d0:dc:ec:b7:7b:
60:fe:f7:a7:fa:25:40:d9:20:95:4a:1a:45:72:a6:7f:f6:6b:
c9:7d:27:d9:64:98:7f:49:89:01:d4:bf:04:7c:e7:21:ea:87:
7f:0c:92:3c:cd:9b:06:77:a2:3c:37:ad:2a:4f:17:d7:d3:e8:
1a:c7:26:5d:61:76:78:bb:c7:ae:11:77:34:cf:54:73:a3:df:
98:51:03:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuLlsZ1aTxSrp0l7vd9R035MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTAxMTU1MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTYzMDBkOWRkMjdlNjlhYTBmZTFhNWI0ZjkxOWY5OTQyMmY3ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8IYLb4x4RYwaNss9bOtdXKBvb5w
10AMvrgRVdfQHbsdmlCNnaNuFJQ+N0hmMXgX1vfm0gbfAYCxGZzDz+ZWdOBjEWAa
16lkkDPHhdCE+y+jSOSL6FIFu/ghBfm4J/NHQOoXTJGCbz9E3GsRjv3dbOFLzHeu
a+cXQswXLEYMhxCH6tx2BD2p0Vv3Pt0Uwdi0l2ugD20A+/ELxbNgCMtDimPA0ezv
0Z/VLnbdqIx851Vb3//aUyFwdzBKlRmA35dvEAAjtXT8qB8QoRlR44sW0mD3D607
uJfROg2O05OT02Fzho3lMzMohZA3n2UpcCZoaSVr9yOp2LU1wWdy3GGX9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpjANndJ+aaoP4aW0+Rn5lCL34qMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcW1NQTJkMG41cHFnX2hwYlQ1R2ZtVUl2ZmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVVaMA0G
CSqGSIb3DQEBCwUAA4IBAQCDQaz7KqzVwa20HFXZNGmwjIxEWCM4p8bxLIqwgU/y
qbtW321/8JYnfn/b1i7/QOvSpKFkgKvitbLQ7OvclYBapdv0WtW+x7xCIGtn2NNe
H4IhbTPkgjZbkb4dQ6vSbZktH92QQf0KAI00xrUzJ7qcbUOuPC5yy4s6TJ/f4hC4
mDP96ubnMt9FPJlkKn2GC5hhMyu02h2gQOJykzFzXbj8w8G6nivajPmPtuIOoXKB
0Nzst3tg/ven+iVA2SCVShpFcqZ/9mvJfSfZZJh/SYkB1L8EfOch6od/DJI8zZsG
d6I8N60qTxfX0+gaxyZdYXZ4u8euEXc0z1Rzo9+YUQPu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org