Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/q5JPfPNBRS5nWPkmd5IUSI4vAn4.roa
File: q5JPfPNBRS5nWPkmd5IUSI4vAn4.roa (raw, json)
Hash identifier: polTwOyWX54zOKPU5YBcSt2phGQJo2Ay7UcpppOiV6k=
Subject key identifier: AB:92:4F:7C:F3:41:45:2E:67:58:F9:26:77:92:14:48:8E:2F:02:7E
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 0189253F93AAA3C35F009E9F7FB7A389A033
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/q5JPfPNBRS5nWPkmd5IUSI4vAn4.roa
Signing time: Wed 05 Jul 2023 08:51:10 +0000
ROA not before: Wed 05 Jul 2023 08:51:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56382
IP address blocks: 45.152.125.0/24 maxlen: 24
45.152.124.0/24 maxlen: 24
45.152.127.0/24 maxlen: 24
45.152.126.0/24 maxlen: 24
2a0f:5700:1220::/44 maxlen: 44
2a0f:5702::/32 maxlen: 48
2a0f:5701:fe80::/48 maxlen: 48
2a0f:5700::/32 maxlen: 48
2a0f:5700:fe80::/48 maxlen: 48
2a0f:5707:ffff::/48 maxlen: 48
2a0f:5701:fe01::/48 maxlen: 48
2a0f:5701:1220::/44 maxlen: 44
2a0f:5707:1220::/44 maxlen: 44
2a0f:5707:ab80::/44 maxlen: 48
2a0f:5707:aa80::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:3f:93:aa:a3:c3:5f:00:9e:9f:7f:b7:a3:89:a0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jul 5 08:51:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab924f7cf341452e6758f926779214488e2f027e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e1:84:2a:58:c6:3a:ec:3d:22:9b:89:34:7e:
ed:59:1e:54:e3:cc:51:2e:4b:27:74:90:a6:34:28:
fa:6b:ac:61:9c:01:96:9b:2a:c5:b6:f1:19:a7:be:
2c:64:f1:62:da:05:e3:9a:a9:54:4f:b7:86:80:19:
fb:10:1b:9f:61:6a:57:df:92:82:b7:8a:02:d2:d1:
99:99:dd:58:35:30:f0:de:8d:85:aa:f7:bb:af:b7:
d9:13:0d:05:5c:e2:6a:16:e6:a8:eb:2b:09:b3:13:
d7:1d:c4:f7:9c:1f:9c:c1:76:39:33:99:01:84:0a:
80:b5:7a:67:f4:e9:82:2c:d9:0b:f1:56:91:27:16:
68:3f:c6:bc:0a:9a:e6:da:53:a4:e6:42:a0:62:5c:
74:74:da:c9:b7:bb:b8:7e:ad:ff:72:dc:d5:df:83:
2f:77:27:99:46:ae:04:f9:87:16:2d:dd:f8:7c:0e:
82:be:bc:5b:ed:cc:99:93:a8:67:bb:7b:26:65:11:
ad:1d:f3:8d:ff:37:7a:11:77:6d:9d:5f:77:44:02:
c7:71:ee:42:ac:4b:71:18:b6:26:78:dc:d5:30:1b:
78:f7:6d:b0:5a:52:9d:50:a8:60:47:6b:a7:4f:f1:
b3:e2:86:ec:2b:23:85:87:55:96:59:54:2e:7d:a4:
33:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:92:4F:7C:F3:41:45:2E:67:58:F9:26:77:92:14:48:8E:2F:02:7E
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/q5JPfPNBRS5nWPkmd5IUSI4vAn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.124.0/22
IPv6:
2a0f:5700::/32
2a0f:5701:1220::/44
2a0f:5701:fe01::/48
2a0f:5701:fe80::/48
2a0f:5702::/32
2a0f:5707:1220::/44
2a0f:5707:aa80::/44
2a0f:5707:ab80::/44
2a0f:5707:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
9b:03:95:72:ac:e5:42:14:22:e9:37:0c:a7:e3:fc:bd:b6:0d:
a3:3a:e6:8b:76:f3:c8:f4:37:69:87:24:ee:e2:49:56:6d:33:
7f:15:5b:89:4a:88:e0:9a:83:6a:2e:c3:12:b2:54:d6:fb:5f:
23:4f:e4:49:39:42:b5:69:25:05:f5:ee:84:cf:eb:6c:82:db:
8b:3d:66:de:9c:c2:da:43:f6:f5:a7:1d:04:4f:d0:d8:a2:5b:
da:bc:13:58:dd:3a:91:2c:58:56:64:84:83:1e:9f:5b:3e:62:
bf:0f:4d:ba:77:28:74:6b:cb:c8:f4:01:39:a4:5d:86:aa:ee:
05:ca:48:9a:ca:92:61:e3:a6:0b:c5:b3:a0:48:8f:83:6b:e3:
e7:fd:50:bc:ba:e6:b5:fd:b2:7e:dc:1c:e1:77:a1:e1:ab:7b:
94:a8:b9:71:af:51:68:88:b4:b7:96:a7:c7:94:51:35:f0:9a:
59:5e:78:15:6d:bc:93:8d:ba:bc:4f:6d:08:14:e1:72:a2:8e:
44:a0:7d:63:95:19:c3:28:fb:38:9e:ec:7f:99:db:ab:1b:6c:
1b:34:df:45:ef:34:4c:81:3c:bc:2f:a8:ee:9c:8d:05:77:d5:
d7:a9:59:15:86:75:fd:8e:19:c2:08:bb:20:89:1f:f2:cf:8a:
25:e0:77:56
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYklP5Oqo8NfAJ6ff7ejiaAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwNzA1MDg1MTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjkyNGY3Y2YzNDE0NTJlNjc1OGY5MjY3NzkyMTQ0ODhlMmYwMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+GEKljGOuw9IpuJNH7tWR5U48xR
LksndJCmNCj6a6xhnAGWmyrFtvEZp74sZPFi2gXjmqlUT7eGgBn7EBufYWpX35KC
t4oC0tGZmd1YNTDw3o2Fqve7r7fZEw0FXOJqFuao6ysJsxPXHcT3nB+cwXY5M5kB
hAqAtXpn9OmCLNkL8VaRJxZoP8a8Cprm2lOk5kKgYlx0dNrJt7u4fq3/ctzV34Mv
dyeZRq4E+YcWLd34fA6Cvrxb7cyZk6hnu3smZRGtHfON/zd6EXdtnV93RALHce5C
rEtxGLYmeNzVMBt4922wWlKdUKhgR2unT/Gz4obsKyOFh1WWWVQufaQzzQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFKuST3zzQUUuZ1j5JneSFEiOLwJ+MB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvcTVKUGZQTkJSUzVuV1BrbWQ1SVVTSTR2QW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzAMBAIAATAGAwQCLZh8MFME
AgACME0DBQAqD1cAAwcEKg9XARIgAwcAKg9XAf4BAwcAKg9XAf6AAwUAKg9XAgMH
BCoPVwcSIAMHBCoPVweqgAMHBCoPVwergAMHACoPVwf//zANBgkqhkiG9w0BAQsF
AAOCAQEAmwOVcqzlQhQi6TcMp+P8vbYNozrmi3bzyPQ3aYck7uJJVm0zfxVbiUqI
4JqDai7DErJU1vtfI0/kSTlCtWklBfXuhM/rbILbiz1m3pzC2kP29acdBE/Q2KJb
2rwTWN06kSxYVmSEgx6fWz5ivw9NuncodGvLyPQBOaRdhqruBcpImsqSYeOmC8Wz
oEiPg2vj5/1QvLrmtf2yftwc4Xeh4at7lKi5ca9RaIi0t5anx5RRNfCaWV54FW28
k426vE9tCBThcqKORKB9Y5UZwyj7OJ7sf5nbqxtsGzTfRe80TIE8vC+o7pyNBXfV
16lZFYZ1/Y4Zwgi7IIkf8s+KJeB3Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org