Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/2cbf88-58d9-424e-8f8f-fd4604d7e7af/1/Q7j4rDlvWr64Z5WHqrjOoVNkI-0.roa
File: Q7j4rDlvWr64Z5WHqrjOoVNkI-0.roa (raw, json)
Hash identifier: RLhmnW1tSxKRjPeX4vAwpctEBiYJbkH9CT1QNOBM25c=
Subject key identifier: 43:B8:F8:AC:39:6F:5A:BE:B8:67:95:87:AA:B8:CE:A1:53:64:23:ED
Certificate issuer: /CN=1b368fbf5bbd6d32f3dddc24ec204038c49b0550
Certificate serial: 0190964A5DA3574AA9A1FDF2174A427D9151
Authority key identifier: 1B:36:8F:BF:5B:BD:6D:32:F3:DD:DC:24:EC:20:40:38:C4:9B:05:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzaPv1u9bTLz3dwk7CBAOMSbBVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/2cbf88-58d9-424e-8f8f-fd4604d7e7af/1/Q7j4rDlvWr64Z5WHqrjOoVNkI-0.roa
Signing time: Tue 09 Jul 2024 06:59:34 +0000
ROA not before: Tue 09 Jul 2024 06:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211978
IP address blocks: 45.135.72.0/23 maxlen: 23
45.135.74.0/23 maxlen: 23
45.135.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:96:4a:5d:a3:57:4a:a9:a1:fd:f2:17:4a:42:7d:91:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b368fbf5bbd6d32f3dddc24ec204038c49b0550
Validity
Not Before: Jul 9 06:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43b8f8ac396f5abeb8679587aab8cea1536423ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:50:a2:94:45:03:5e:23:8d:ab:89:31:6d:d3:
6a:4d:bf:b3:a5:6c:1b:bd:76:8c:8b:ff:7a:4f:0b:
f6:dc:1e:aa:12:46:0b:41:94:ed:f3:25:8f:c1:5d:
e2:01:49:84:27:c4:7e:f5:1c:d9:99:4c:dd:37:35:
f0:bb:29:f3:1d:ff:4f:3f:9a:94:0a:36:8c:b1:a0:
32:df:d5:ef:6c:5c:d8:79:eb:93:66:50:19:2d:2d:
f1:68:b1:9c:13:f1:f0:87:9b:71:1b:17:ef:0e:40:
07:24:34:b8:d7:64:b0:42:6b:6d:36:ef:c5:02:6c:
73:82:94:cf:f1:a5:3d:21:68:a2:c6:a7:ca:a5:aa:
87:88:24:70:4c:4f:34:42:a2:d3:76:06:5c:a2:86:
55:67:66:26:f1:9b:1e:c7:d7:27:94:7a:d8:45:6d:
90:03:35:37:be:3f:db:86:98:7f:9e:f9:7d:d1:06:
5e:41:f5:30:60:8f:90:2a:44:60:55:b1:a7:b5:0c:
a8:b8:f5:a0:45:9d:63:04:3d:da:b4:66:de:7e:d9:
b6:95:96:dd:82:72:e6:21:a3:81:3d:fb:76:ba:ab:
a3:15:1e:39:8c:22:65:f8:48:1a:ed:9c:1d:da:25:
d1:f3:53:18:88:32:c2:89:79:e1:09:d2:19:45:72:
11:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B8:F8:AC:39:6F:5A:BE:B8:67:95:87:AA:B8:CE:A1:53:64:23:ED
X509v3 Authority Key Identifier:
keyid:1B:36:8F:BF:5B:BD:6D:32:F3:DD:DC:24:EC:20:40:38:C4:9B:05:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzaPv1u9bTLz3dwk7CBAOMSbBVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/2cbf88-58d9-424e-8f8f-fd4604d7e7af/1/Q7j4rDlvWr64Z5WHqrjOoVNkI-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/2cbf88-58d9-424e-8f8f-fd4604d7e7af/1/GzaPv1u9bTLz3dwk7CBAOMSbBVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.72.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:62:0f:d5:bf:0f:19:89:a8:da:72:50:e3:2e:96:7f:5d:97:
fe:38:a5:c9:92:a0:d0:cb:43:fc:a3:92:f2:06:86:6c:ae:1b:
04:3a:d4:93:16:27:ed:df:d2:f4:a1:04:21:0f:7f:d2:7d:c5:
9a:5d:3d:20:fd:e5:03:ad:b3:93:da:80:af:88:bb:15:90:a3:
32:cc:5e:6c:53:f9:45:6b:eb:8f:d6:3a:9c:8a:4d:c6:c5:be:
04:57:8b:ec:15:4a:eb:0d:55:ee:ac:48:ae:69:86:20:bd:d0:
c3:03:d8:d5:7e:bb:69:82:83:2c:bc:f5:92:b5:ea:f9:54:e7:
81:5f:a0:4f:be:90:e0:8c:13:89:d1:47:b4:0b:47:a3:bf:54:
36:d4:95:03:8b:68:60:a4:e7:a8:c7:30:04:6e:2a:25:d3:8a:
d5:4e:2b:07:a8:83:b3:33:70:dd:c3:58:79:7b:82:f6:c7:3c:
41:0b:7a:67:36:8f:68:a3:94:dd:71:6a:be:55:66:f1:95:4e:
f7:df:91:c2:4c:bc:c1:78:bd:18:ca:54:e8:5d:ce:66:a6:04:
02:9e:8b:65:3f:41:62:74:49:04:79:97:d3:97:b4:c5:00:1d:
67:52:94:f5:44:25:ca:5d:5e:44:1c:c7:ca:5c:5d:00:91:70:
e5:3d:27:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCWSl2jV0qpof3yF0pCfZFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzY4ZmJmNWJiZDZkMzJmM2RkZGMyNGVjMjA0MDM4YzQ5
YjA1NTAwHhcNMjQwNzA5MDY1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I4ZjhhYzM5NmY1YWJlYjg2Nzk1ODdhYWI4Y2VhMTUzNjQyM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVCilEUDXiONq4kxbdNqTb+zpWwb
vXaMi/96Twv23B6qEkYLQZTt8yWPwV3iAUmEJ8R+9RzZmUzdNzXwuynzHf9PP5qU
CjaMsaAy39XvbFzYeeuTZlAZLS3xaLGcE/Hwh5txGxfvDkAHJDS412SwQmttNu/F
AmxzgpTP8aU9IWiixqfKpaqHiCRwTE80QqLTdgZcooZVZ2Ym8Zsex9cnlHrYRW2Q
AzU3vj/bhph/nvl90QZeQfUwYI+QKkRgVbGntQyouPWgRZ1jBD3atGbeftm2lZbd
gnLmIaOBPft2uqujFR45jCJl+Ega7Zwd2iXR81MYiDLCiXnhCdIZRXIRWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEO4+Kw5b1q+uGeVh6q4zqFTZCPtMB8GA1UdIwQY
MBaAFBs2j79bvW0y893cJOwgQDjEmwVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3phUHYxdTliVEx6M2R3azdDQkFPTVNiQlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8yY2JmODgtNThkOS00MjRlLThmOGYt
ZmQ0NjA0ZDdlN2FmLzEvUTdqNHJEbHZXcjY0WjVXSHFyak9vVk5rSS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8yY2JmODgtNThkOS00MjRlLThmOGYtZmQ0NjA0ZDdlN2Fm
LzEvR3phUHYxdTliVEx6M2R3azdDQkFPTVNiQlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYdIMA0G
CSqGSIb3DQEBCwUAA4IBAQCKYg/Vvw8ZiajaclDjLpZ/XZf+OKXJkqDQy0P8o5Ly
BoZsrhsEOtSTFift39L0oQQhD3/SfcWaXT0g/eUDrbOT2oCviLsVkKMyzF5sU/lF
a+uP1jqcik3Gxb4EV4vsFUrrDVXurEiuaYYgvdDDA9jVfrtpgoMsvPWSter5VOeB
X6BPvpDgjBOJ0Ue0C0ejv1Q21JUDi2hgpOeoxzAEbiol04rVTisHqIOzM3Ddw1h5
e4L2xzxBC3pnNo9oo5TdcWq+VWbxlU7335HCTLzBeL0YylToXc5mpgQCnotlP0Fi
dEkEeZfTl7TFAB1nUpT1RCXKXV5EHMfKXF0AkXDlPSce
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:23 2025 by rpki-client