Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/25R-QBGXhUWk0Z7bUyd6SBuqHXQ.roa
File: 25R-QBGXhUWk0Z7bUyd6SBuqHXQ.roa (raw, json)
Hash identifier: qUtviJEvx/mdYiQHgTyk2htgEQ825Ssi7NBg0Tsxle4=
Subject key identifier: DB:94:7E:40:11:97:85:45:A4:D1:9E:DB:53:27:7A:48:1B:AA:1D:74
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571031257832887D1642A94F5A1F91EF0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/25R-QBGXhUWk0Z7bUyd6SBuqHXQ.roa
Signing time: Mon 02 Jan 2023 05:45:04 +0000
ROA not before: Mon 02 Jan 2023 05:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149782
IP address blocks: 45.91.51.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:12:57:83:28:87:d1:64:2a:94:f5:a1:f9:1e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db947e4011978545a4d19edb53277a481baa1d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:eb:15:a7:ca:82:b8:b6:11:43:47:6e:90:55:
10:96:b5:e7:df:03:ab:1c:fc:39:e9:30:b7:14:2f:
bc:a2:d8:d6:96:2b:ed:e3:49:d9:88:41:94:7c:63:
be:9b:28:4b:94:fe:71:0d:2b:83:97:43:e2:71:e9:
bb:c7:a2:53:54:b1:ba:fe:a6:4e:d3:3f:ab:d3:65:
d5:60:6b:3d:09:3d:83:be:e2:c9:6c:3e:90:e5:02:
23:e7:75:ab:59:91:bf:22:22:94:76:e8:9a:f5:91:
9f:6b:66:37:bf:05:aa:26:6e:99:a6:0f:c9:1f:70:
8e:d6:e7:84:c6:4a:f1:35:b8:1a:bb:cc:f2:4a:c6:
14:fb:4c:01:f6:dd:54:2b:2d:e7:0d:71:3b:d3:72:
41:7c:23:57:c8:84:d5:20:43:67:a0:49:f8:e6:fc:
30:be:d2:8c:42:f2:47:75:24:be:d9:e3:19:37:b9:
b3:ed:72:99:b4:52:13:f5:a2:32:80:75:3b:bb:9e:
f6:1b:3b:a5:92:82:99:46:e9:62:37:2b:69:a5:df:
98:9e:ca:a1:3e:f9:dc:3f:aa:bd:c4:32:00:9e:43:
8c:99:55:49:b4:95:d4:43:a7:f0:0c:6b:21:c4:45:
1d:04:3b:02:fe:11:72:44:33:4c:f5:f4:e1:5b:db:
95:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:94:7E:40:11:97:85:45:A4:D1:9E:DB:53:27:7A:48:1B:AA:1D:74
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/25R-QBGXhUWk0Z7bUyd6SBuqHXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.51.0/24
Signature Algorithm: sha256WithRSAEncryption
14:ab:12:09:15:94:45:f3:45:96:c2:cc:e0:b9:28:a5:fd:cb:
ed:79:79:80:e4:6d:3e:57:23:b5:c1:01:09:84:c6:f5:1b:1c:
66:14:d3:ec:41:15:86:82:f7:04:45:f5:9f:9c:76:fa:06:e0:
84:9e:2d:a7:a4:c0:8b:56:c8:1b:3e:52:16:80:03:a1:7e:fe:
23:4b:9a:6d:92:dd:61:21:12:95:d3:0c:da:66:a0:11:5c:02:
92:45:c0:0a:c0:a0:2d:b5:c4:d5:0d:b5:f5:0f:c3:92:fa:0e:
8f:07:c8:ea:70:b1:42:50:e5:2b:28:e7:35:1c:b8:8c:dd:c4:
f5:fd:fc:81:30:d2:07:89:e7:e9:ad:de:62:35:ec:a6:f9:1b:
df:bf:98:95:2a:97:b5:aa:55:bf:c0:e9:9c:8c:51:02:86:96:
49:02:c5:15:5c:0a:fd:14:62:4a:b5:41:5c:36:37:6a:d8:9f:
c6:cf:a4:d2:03:92:4a:25:80:44:ac:07:9c:6f:fb:6a:99:05:
05:36:8c:b5:e0:c9:fb:e1:52:00:70:13:df:e8:00:bf:58:cf:
8d:2f:a5:3f:81:ec:03:88:3d:e2:98:3d:2a:be:e9:f8:c8:82:
38:54:18:6c:aa:0a:47:19:a7:75:70:57:20:ec:f6:5b:c6:c3:
5a:3a:ed:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAxJXgyiH0WQqlPWh+R7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk0N2U0MDExOTc4NTQ1YTRkMTllZGI1MzI3N2E0ODFiYWExZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsusVp8qCuLYRQ0dukFUQlrXn3wOr
HPw56TC3FC+8otjWlivt40nZiEGUfGO+myhLlP5xDSuDl0Picem7x6JTVLG6/qZO
0z+r02XVYGs9CT2DvuLJbD6Q5QIj53WrWZG/IiKUduia9ZGfa2Y3vwWqJm6Zpg/J
H3CO1ueExkrxNbgau8zySsYU+0wB9t1UKy3nDXE703JBfCNXyITVIENnoEn45vww
vtKMQvJHdSS+2eMZN7mz7XKZtFIT9aIygHU7u572GzulkoKZRuliNytppd+Ynsqh
PvncP6q9xDIAnkOMmVVJtJXUQ6fwDGshxEUdBDsC/hFyRDNM9fThW9uVBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuUfkARl4VFpNGe21Mnekgbqh10MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMjVSLVFCR1hoVVdrMFo3YlV5ZDZTQnVxSFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVszMA0G
CSqGSIb3DQEBCwUAA4IBAQAUqxIJFZRF80WWwszguSil/cvteXmA5G0+VyO1wQEJ
hMb1GxxmFNPsQRWGgvcERfWfnHb6BuCEni2npMCLVsgbPlIWgAOhfv4jS5ptkt1h
IRKV0wzaZqARXAKSRcAKwKAttcTVDbX1D8OS+g6PB8jqcLFCUOUrKOc1HLiM3cT1
/fyBMNIHiefprd5iNeym+Rvfv5iVKpe1qlW/wOmcjFEChpZJAsUVXAr9FGJKtUFc
Njdq2J/Gz6TSA5JKJYBErAecb/tqmQUFNoy14Mn74VIAcBPf6AC/WM+NL6U/gewD
iD3imD0qvun4yII4VBhsqgpHGad1cFcg7PZbxsNaOu3A
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org