Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/666e67-1546-413c-b6a1-5a78ba6091c1/1/qpUqc2_OTBeBpREYwZWfOcg5iGM.roa
File: qpUqc2_OTBeBpREYwZWfOcg5iGM.roa (raw, json)
Hash identifier: d8r61rarqu/7biT8GZJdupjoI7YGJuxKqrKBqWXojOk=
Subject key identifier: AA:95:2A:73:6F:CE:4C:17:81:A5:11:18:C1:95:9F:39:C8:39:88:63
Certificate issuer: /CN=b3040c7f451c614d7eeba82c32a398e87de3b8c9
Certificate serial: 018572837A90969EFEC64998B7F6030FF62B
Authority key identifier: B3:04:0C:7F:45:1C:61:4D:7E:EB:A8:2C:32:A3:98:E8:7D:E3:B8:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swQMf0UcYU1-66gsMqOY6H3juMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/666e67-1546-413c-b6a1-5a78ba6091c1/1/qpUqc2_OTBeBpREYwZWfOcg5iGM.roa
Signing time: Mon 02 Jan 2023 12:44:57 +0000
ROA not before: Mon 02 Jan 2023 12:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35122
IP address blocks: 45.146.140.0/22 maxlen: 22
85.255.160.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:7a:90:96:9e:fe:c6:49:98:b7:f6:03:0f:f6:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3040c7f451c614d7eeba82c32a398e87de3b8c9
Validity
Not Before: Jan 2 12:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa952a736fce4c1781a51118c1959f39c8398863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7f:32:d6:c0:70:eb:c2:13:28:50:c8:b8:fe:
96:85:36:2c:d6:ae:96:30:a4:65:72:66:3f:3e:f0:
82:64:14:1c:1c:b2:d0:2b:d9:25:a6:3f:0e:b3:47:
cc:41:bb:7a:99:12:48:35:f6:5f:4e:b5:7d:1a:8c:
a6:1d:af:52:a6:89:77:ef:bd:4b:26:7d:8c:a5:7d:
da:fe:57:ee:32:cd:f4:b1:36:10:73:eb:5b:74:11:
fd:22:f0:4d:85:2b:13:2a:67:e1:38:20:4c:cd:23:
76:eb:e2:b4:b1:13:76:c2:50:04:cb:de:b7:72:1a:
6f:94:50:76:0b:49:e4:de:25:2b:92:a4:b8:d7:cb:
f8:64:5f:b3:bd:66:aa:25:d6:39:57:92:31:cb:dc:
2d:c8:51:c0:ed:bc:9d:62:c0:6c:46:a9:9b:6b:02:
4b:68:67:ba:6c:d1:d4:5d:ec:56:4c:b1:b1:6d:fa:
a2:a5:dd:bf:87:b4:3e:58:a0:27:bb:fc:19:aa:da:
ff:8d:72:5a:ec:3c:49:bd:b2:02:ec:ca:2c:78:6d:
b9:0b:02:b9:a5:29:48:57:ff:65:20:c9:5b:54:ed:
96:e2:58:5b:2b:60:c1:3a:ea:6f:bc:06:0e:49:87:
9d:c6:3a:c3:91:9f:af:23:eb:1f:85:2b:f2:f1:8d:
38:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:95:2A:73:6F:CE:4C:17:81:A5:11:18:C1:95:9F:39:C8:39:88:63
X509v3 Authority Key Identifier:
keyid:B3:04:0C:7F:45:1C:61:4D:7E:EB:A8:2C:32:A3:98:E8:7D:E3:B8:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swQMf0UcYU1-66gsMqOY6H3juMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/666e67-1546-413c-b6a1-5a78ba6091c1/1/qpUqc2_OTBeBpREYwZWfOcg5iGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/666e67-1546-413c-b6a1-5a78ba6091c1/1/swQMf0UcYU1-66gsMqOY6H3juMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.140.0/22
85.255.160.0/20
Signature Algorithm: sha256WithRSAEncryption
86:0f:71:34:6b:ac:c8:15:c7:68:b4:35:83:e9:52:11:4f:fe:
ca:00:fe:b6:5b:ce:73:2b:08:ed:90:2e:1d:57:54:ba:2b:00:
69:74:9f:f3:73:4b:b5:a8:b2:8d:e8:86:df:cd:72:25:f4:ac:
d8:a3:72:00:b4:3c:26:bf:18:7c:ea:d2:46:89:e1:59:e6:04:
1e:db:77:a4:09:dc:d2:11:1f:5c:57:12:a6:1d:f8:71:57:23:
d6:ae:90:5f:43:e1:1a:94:60:d7:4a:91:76:73:0f:3c:f0:1b:
24:00:1e:f2:f9:78:50:62:48:c4:40:f8:7f:b0:3d:ee:bb:f8:
15:a1:ea:28:d9:68:71:ad:45:5d:66:fa:c6:7d:91:a2:61:ef:
1a:b2:b3:6a:66:e3:c5:13:94:d0:c1:41:29:0a:03:45:3a:5b:
e6:69:56:49:f5:ee:a4:32:04:2f:8d:94:58:3b:a1:34:ae:a4:
e6:74:07:71:2d:33:e1:33:99:e2:90:fb:9c:49:d0:24:f8:9c:
2b:73:3b:94:40:8a:ec:ef:93:dc:e5:f9:c4:88:aa:64:78:f8:
e8:fb:69:46:70:45:7a:ec:61:58:48:56:a0:2a:bd:13:43:cc:
1f:1d:ba:f8:d1:26:f6:dc:02:01:a4:fe:f1:dc:5d:25:79:d0:
42:c9:67:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyg3qQlp7+xkmYt/YDD/YrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDQwYzdmNDUxYzYxNGQ3ZWViYTgyYzMyYTM5OGU4N2Rl
M2I4YzkwHhcNMjMwMTAyMTI0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTk1MmE3MzZmY2U0YzE3ODFhNTExMThjMTk1OWYzOWM4Mzk4ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX8y1sBw68ITKFDIuP6WhTYs1q6W
MKRlcmY/PvCCZBQcHLLQK9klpj8Os0fMQbt6mRJINfZfTrV9GoymHa9Spol3771L
Jn2MpX3a/lfuMs30sTYQc+tbdBH9IvBNhSsTKmfhOCBMzSN26+K0sRN2wlAEy963
chpvlFB2C0nk3iUrkqS418v4ZF+zvWaqJdY5V5Ixy9wtyFHA7bydYsBsRqmbawJL
aGe6bNHUXexWTLGxbfqipd2/h7Q+WKAnu/wZqtr/jXJa7DxJvbIC7MoseG25CwK5
pSlIV/9lIMlbVO2W4lhbK2DBOupvvAYOSYedxjrDkZ+vI+sfhSvy8Y04DwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKqVKnNvzkwXgaURGMGVnznIOYhjMB8GA1UdIwQY
MBaAFLMEDH9FHGFNfuuoLDKjmOh947jJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dRTWYwVWNZVTEtNjZnc01xT1k2SDNqdU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82NjZlNjctMTU0Ni00MTNjLWI2YTEt
NWE3OGJhNjA5MWMxLzEvcXBVcWMyX09UQmVCcFJFWXdaV2ZPY2c1aUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82NjZlNjctMTU0Ni00MTNjLWI2YTEtNWE3OGJhNjA5MWMx
LzEvc3dRTWYwVWNZVTEtNjZnc01xT1k2SDNqdU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZKMAwQE
Vf+gMA0GCSqGSIb3DQEBCwUAA4IBAQCGD3E0a6zIFcdotDWD6VIRT/7KAP62W85z
KwjtkC4dV1S6KwBpdJ/zc0u1qLKN6IbfzXIl9KzYo3IAtDwmvxh86tJGieFZ5gQe
23ekCdzSER9cVxKmHfhxVyPWrpBfQ+EalGDXSpF2cw888BskAB7y+XhQYkjEQPh/
sD3uu/gVoeoo2WhxrUVdZvrGfZGiYe8asrNqZuPFE5TQwUEpCgNFOlvmaVZJ9e6k
MgQvjZRYO6E0rqTmdAdxLTPhM5nikPucSdAk+JwrczuUQIrs75Pc5fnEiKpkePjo
+2lGcEV67GFYSFagKr0TQ8wfHbr40Sb23AIBpP7x3F0ledBCyWe+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:49 2024 by rpki-client on console-ams.rpki-client.org