Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/qvIsipyhqiB-KHh1ZwqUpeZWPRY.roa
File: qvIsipyhqiB-KHh1ZwqUpeZWPRY.roa (raw, json)
Hash identifier: Yb9IH+MN+FEsbv/n6ACStl9UwGmbQDp6cuGdQ1yj7fI=
Subject key identifier: AA:F2:2C:8A:9C:A1:AA:20:7E:28:78:75:67:0A:94:A5:E6:56:3D:16
Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial: 018CCA2B7664C705A81DDDEA7CD17E9D051B
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/qvIsipyhqiB-KHh1ZwqUpeZWPRY.roa
Signing time: Tue 02 Jan 2024 12:34:55 +0000
ROA not before: Tue 02 Jan 2024 12:34:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61157
IP address blocks: 45.84.74.0/23 maxlen: 23
2a0e:a680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 15 Jun 2024 15:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:76:64:c7:05:a8:1d:dd:ea:7c:d1:7e:9d:05:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Validity
Not Before: Jan 2 12:34:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaf22c8a9ca1aa207e287875670a94a5e6563d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7e:d8:3f:76:5b:1c:17:e4:7e:20:53:f8:ba:
b3:01:20:e8:3e:f9:33:69:2d:f0:72:17:a1:dc:88:
7e:33:d5:b6:f4:ac:98:40:a6:f4:63:d2:ca:29:58:
1a:6f:cf:d5:ba:7d:39:71:18:fc:30:17:cb:bf:96:
68:72:f9:a0:07:e4:33:e2:e1:6a:06:74:45:0a:e9:
a6:38:b6:c4:f0:5d:15:f5:cd:3c:47:b5:46:c6:b4:
81:73:75:e3:eb:13:f5:ca:2a:47:a4:b6:0b:4b:70:
90:ce:ca:a2:d8:46:53:bf:51:78:19:80:91:d9:69:
6f:04:5e:bd:5c:48:00:05:72:e8:4a:82:7c:2b:42:
f8:22:5a:89:46:5a:10:2d:94:d1:be:2b:cf:13:d1:
1c:e9:97:eb:f5:4e:1f:2e:09:fd:e2:95:bc:90:85:
94:28:66:ff:fa:71:55:0c:6a:95:cc:33:bb:7e:60:
78:a1:b9:f6:83:57:1f:e1:71:5a:62:26:4c:ba:bf:
f6:f2:67:af:66:65:eb:a1:41:54:28:e1:e9:72:c1:
60:c2:00:4f:27:62:87:64:64:d8:92:ad:d2:f7:8a:
0a:f6:f8:de:d5:26:c5:4a:c2:28:45:1e:93:b0:71:
69:dc:a1:bb:1c:7c:f2:09:1d:4b:d4:3a:29:95:3b:
34:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F2:2C:8A:9C:A1:AA:20:7E:28:78:75:67:0A:94:A5:E6:56:3D:16
X509v3 Authority Key Identifier:
keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/qvIsipyhqiB-KHh1ZwqUpeZWPRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.74.0/23
IPv6:
2a0e:a680:1::/48
Signature Algorithm: sha256WithRSAEncryption
04:81:62:34:da:cf:c4:b1:aa:2e:aa:08:84:52:dc:41:c5:9e:
5b:05:a9:51:cd:84:50:3f:61:1f:59:1a:1d:68:a9:81:83:32:
4e:b9:a7:0e:dd:34:16:e9:87:45:07:a2:0f:be:7e:19:d5:68:
7a:c4:a5:3b:7e:d3:dd:b3:24:1d:eb:c8:49:59:19:ae:ae:85:
c1:5f:69:5d:93:ce:74:f9:2d:10:ea:28:85:08:88:d6:78:d6:
df:e2:15:f6:0d:56:eb:c0:06:4c:7d:52:f2:6b:de:db:47:4b:
17:61:e0:30:f8:01:74:6b:28:82:43:00:77:e8:6d:fc:37:f5:
88:3a:97:dd:c6:1b:d4:3d:c0:87:ad:f1:3b:d0:6e:59:d2:11:
28:c5:c8:a7:04:55:bc:5d:84:76:7c:a8:2e:a7:38:10:9d:29:
2c:dc:fd:a7:d2:82:76:cb:ec:4d:94:f8:9d:18:6f:cf:12:7c:
87:d3:c5:fe:7e:6d:1a:57:77:75:3f:dd:38:26:82:fb:4e:e3:
59:8a:d7:94:03:eb:49:ce:ba:14:d7:97:04:ef:cf:44:38:e5:
e1:dc:b8:b6:56:eb:d5:8a:70:7b:6c:c9:41:bb:6e:b6:a6:4b:
16:fe:5d:32:f3:50:30:55:a3:e5:b2:17:df:9b:86:86:54:31:
8f:09:6e:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKK3ZkxwWoHd3qfNF+nQUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjQwMTAyMTIzNDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWYyMmM4YTljYTFhYTIwN2UyODc4NzU2NzBhOTRhNWU2NTYzZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu37YP3ZbHBfkfiBT+LqzASDoPvkz
aS3wcheh3Ih+M9W29KyYQKb0Y9LKKVgab8/Vun05cRj8MBfLv5ZocvmgB+Qz4uFq
BnRFCummOLbE8F0V9c08R7VGxrSBc3Xj6xP1yipHpLYLS3CQzsqi2EZTv1F4GYCR
2WlvBF69XEgABXLoSoJ8K0L4IlqJRloQLZTRvivPE9Ec6Zfr9U4fLgn94pW8kIWU
KGb/+nFVDGqVzDO7fmB4obn2g1cf4XFaYiZMur/28mevZmXroUFUKOHpcsFgwgBP
J2KHZGTYkq3S94oK9vje1SbFSsIoRR6TsHFp3KG7HHzyCR1L1DoplTs08QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKryLIqcoaogfih4dWcKlKXmVj0WMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEvcXZJc2lweWhxaUItS0hoMVp3cVVwZVpXUFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLVRKMA8E
AgACMAkDBwAqDqaAAAEwDQYJKoZIhvcNAQELBQADggEBAASBYjTaz8Sxqi6qCIRS
3EHFnlsFqVHNhFA/YR9ZGh1oqYGDMk65pw7dNBbph0UHog++fhnVaHrEpTt+092z
JB3ryElZGa6uhcFfaV2TznT5LRDqKIUIiNZ41t/iFfYNVuvABkx9UvJr3ttHSxdh
4DD4AXRrKIJDAHfobfw39Yg6l93GG9Q9wIet8TvQblnSESjFyKcEVbxdhHZ8qC6n
OBCdKSzc/afSgnbL7E2U+J0Yb88SfIfTxf5+bRpXd3U/3TgmgvtO41mK15QD60nO
uhTXlwTvz0Q45eHcuLZW69WKcHtsyUG7bramSxb+XTLzUDBVo+WyF9+bhoZUMY8J
bhw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:40 2025 by rpki-client