Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/qK7grP0KMivuTFkXgOQZfdGm8Zk.roa
File: qK7grP0KMivuTFkXgOQZfdGm8Zk.roa (raw, json)
Hash identifier: +JugvJd/UFETQpNjUAEqChvAOLm+zAXHV9SGHReEbTc=
Subject key identifier: A8:AE:E0:AC:FD:0A:32:2B:EE:4C:59:17:80:E4:19:7D:D1:A6:F1:99
Certificate issuer: /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial: 019190DE70BA5A330D0E5EE387D125B920D7
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/qK7grP0KMivuTFkXgOQZfdGm8Zk.roa
Signing time: Mon 26 Aug 2024 22:46:22 +0000
ROA not before: Mon 26 Aug 2024 22:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.158.125.0/24 maxlen: 24
45.158.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 13:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:90:de:70:ba:5a:33:0d:0e:5e:e3:87:d1:25:b9:20:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Validity
Not Before: Aug 26 22:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8aee0acfd0a322bee4c591780e4197dd1a6f199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a0:c0:65:49:4e:23:21:61:09:bd:18:3c:b2:
6a:73:16:2a:47:a0:e7:15:45:a2:d4:c5:6c:ef:5a:
e7:49:64:fd:23:98:f9:a4:c5:8d:d9:56:69:05:d9:
f6:79:b8:1e:9a:b5:1b:7e:83:65:0c:c5:bc:fb:b1:
fa:93:fa:75:40:bb:0f:95:82:1e:3e:91:56:43:71:
ed:cd:66:55:61:46:32:53:9d:ca:9a:9a:a5:9f:3b:
0b:d7:b8:98:5e:f2:85:22:50:c6:c6:d0:f0:6d:c3:
04:a3:ef:f7:c8:47:b0:04:3c:76:3e:7b:44:47:df:
11:b1:dc:2e:e9:2d:6b:b4:78:a9:bc:d0:fc:83:5a:
d1:36:7a:43:0b:f2:5c:5a:d1:b4:36:b1:dc:1a:65:
8f:3c:fa:35:aa:63:55:ca:00:07:e2:32:c1:56:67:
bb:62:ae:27:5a:ff:98:0c:f8:ba:8e:20:57:15:49:
bb:fb:a0:e6:fd:f3:c5:9d:76:6d:82:93:b2:b1:b7:
dd:e6:eb:4e:55:a0:d4:a4:da:d5:95:af:cf:86:3c:
a3:66:95:37:83:e0:70:8a:65:6a:f3:61:b4:be:4e:
3d:9f:5f:d3:cf:a4:73:2f:61:6c:94:d1:9a:7c:a4:
9a:f5:f9:e8:aa:f3:6e:60:42:67:00:68:80:cf:08:
ff:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AE:E0:AC:FD:0A:32:2B:EE:4C:59:17:80:E4:19:7D:D1:A6:F1:99
X509v3 Authority Key Identifier:
keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/qK7grP0KMivuTFkXgOQZfdGm8Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.125.0/24
45.158.127.0/24
Signature Algorithm: sha256WithRSAEncryption
57:56:b5:2e:3a:3b:4c:2f:68:20:45:d5:47:12:e0:31:77:84:
d6:a5:1f:2e:f9:ae:98:12:af:7a:ed:db:6b:19:86:2d:fc:93:
68:88:78:e3:cb:0e:bf:d5:23:29:92:20:43:ba:02:ad:87:ff:
92:f6:4d:b6:c9:89:c7:92:39:08:bd:7b:54:05:d2:2d:39:ff:
1d:83:38:c8:99:d7:70:66:05:f4:a1:2e:f1:c4:a6:10:bf:78:
0c:42:82:56:28:a7:1e:04:e4:bf:31:8c:6b:18:5e:f5:1e:ee:
c7:70:32:33:21:81:8b:ec:a9:14:54:f5:b5:b0:35:ef:16:d6:
38:04:ba:16:8e:5d:57:fb:9f:97:e4:13:50:d4:1b:a4:0d:b2:
aa:c9:b8:fc:f1:8d:20:13:53:6b:60:c3:31:c7:85:9c:64:ec:
4c:67:70:1d:f8:61:8d:dd:94:a4:64:25:d1:37:9b:a8:0d:96:
63:f8:2f:37:2d:16:d6:e6:c7:b2:1a:74:68:76:5f:0f:bf:45:
5e:ba:c6:03:d1:f4:a5:aa:7c:7e:92:c6:32:5d:0c:1c:f1:50:
3b:38:7f:8b:28:5e:4e:66:c2:f4:0b:60:e6:be:5c:a6:8c:16:
d9:e2:16:40:24:01:cb:2e:f4:38:9e:dc:d3:07:bc:7d:7c:5e:
03:1f:e6:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGQ3nC6WjMNDl7jh9EluSDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjQwODI2MjI0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFlZTBhY2ZkMGEzMjJiZWU0YzU5MTc4MGU0MTk3ZGQxYTZmMTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaDAZUlOIyFhCb0YPLJqcxYqR6Dn
FUWi1MVs71rnSWT9I5j5pMWN2VZpBdn2ebgemrUbfoNlDMW8+7H6k/p1QLsPlYIe
PpFWQ3HtzWZVYUYyU53KmpqlnzsL17iYXvKFIlDGxtDwbcMEo+/3yEewBDx2PntE
R98Rsdwu6S1rtHipvND8g1rRNnpDC/JcWtG0NrHcGmWPPPo1qmNVygAH4jLBVme7
Yq4nWv+YDPi6jiBXFUm7+6Dm/fPFnXZtgpOysbfd5utOVaDUpNrVla/PhjyjZpU3
g+BwimVq82G0vk49n1/Tz6RzL2FslNGafKSa9fnoqvNuYEJnAGiAzwj/fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKiu4Kz9CjIr7kxZF4DkGX3RpvGZMB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvcUs3Z3JQMEtNaXZ1VEZrWGdPUVpmZEdtOFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ59AwQA
LZ5/MA0GCSqGSIb3DQEBCwUAA4IBAQBXVrUuOjtML2ggRdVHEuAxd4TWpR8u+a6Y
Eq967dtrGYYt/JNoiHjjyw6/1SMpkiBDugKth/+S9k22yYnHkjkIvXtUBdItOf8d
gzjImddwZgX0oS7xxKYQv3gMQoJWKKceBOS/MYxrGF71Hu7HcDIzIYGL7KkUVPW1
sDXvFtY4BLoWjl1X+5+X5BNQ1BukDbKqybj88Y0gE1NrYMMxx4WcZOxMZ3Ad+GGN
3ZSkZCXRN5uoDZZj+C83LRbW5seyGnRodl8Pv0VeusYD0fSlqnx+ksYyXQwc8VA7
OH+LKF5OZsL0C2DmvlymjBbZ4hZAJAHLLvQ4ntzTB7x9fF4DH+bX
-----END CERTIFICATE-----
Generated at Fri Sep 6 14:56:08 2024 by rpki-client on console-fra.rpki-client.org