Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/nqpFG0JN7J08efwGCyaikGO1CSg.roa
File: nqpFG0JN7J08efwGCyaikGO1CSg.roa (raw, json)
Hash identifier: TCk0lZ1F1emLBo0RpMa5nF/ts3P5ORXlQ59On4zQqlA=
Subject key identifier: 9E:AA:45:1B:42:4D:EC:9D:3C:79:FC:06:0B:26:A2:90:63:B5:09:28
Certificate issuer: /CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
Certificate serial: 018BD04E585D7954EBCC4E09B616C6C62373
Authority key identifier: 51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/nqpFG0JN7J08efwGCyaikGO1CSg.roa
Signing time: Wed 15 Nov 2023 00:07:57 +0000
ROA not before: Wed 15 Nov 2023 00:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.158.62.0/23 maxlen: 23
45.158.60.0/23 maxlen: 23
45.158.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 12:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d0:4e:58:5d:79:54:eb:cc:4e:09:b6:16:c6:c6:23:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51ecf9babc9ca6bae9085ce292fb1c2cc18d344f
Validity
Not Before: Nov 15 00:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9eaa451b424dec9d3c79fc060b26a29063b50928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:96:d4:ab:db:b8:9e:b6:5d:4b:1a:cc:82:
34:3f:1b:12:1e:ed:9c:2b:a4:ff:e5:18:46:9e:77:
e1:28:03:91:89:d5:f6:a6:33:12:4c:05:21:42:6e:
06:67:7a:e9:93:f3:01:9e:78:67:f2:2b:d1:de:21:
28:58:15:27:b4:98:17:08:ab:69:2d:8e:92:8b:55:
32:37:e3:3e:24:32:ca:13:ec:c2:01:80:ab:cd:36:
7b:f3:ec:a3:7a:9f:ba:6e:d0:ac:03:59:06:2f:03:
78:7e:56:f3:42:e8:27:af:ff:c6:41:6a:84:65:b2:
10:14:c7:b7:c0:46:97:c0:ff:d6:3b:5f:df:cd:75:
f8:d4:04:fe:14:d2:85:94:89:32:fd:4f:a7:00:06:
f9:11:86:55:0d:4e:d3:a2:73:cb:cd:40:cb:aa:03:
68:5d:15:0d:5e:35:92:af:e7:a7:e7:e7:28:cb:7a:
d5:9b:f8:ff:29:7e:f2:b3:3f:67:52:a4:45:04:06:
46:ca:9e:45:a0:3f:90:05:4e:5c:61:d9:58:d2:56:
06:0e:ed:9a:bd:b4:dc:ac:00:02:b7:7a:b0:37:78:
08:32:d3:20:c3:0e:3b:4e:f4:25:56:22:c3:08:70:
16:e6:de:10:06:a1:e8:57:05:5d:e2:47:b9:d7:f2:
8c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AA:45:1B:42:4D:EC:9D:3C:79:FC:06:0B:26:A2:90:63:B5:09:28
X509v3 Authority Key Identifier:
keyid:51:EC:F9:BA:BC:9C:A6:BA:E9:08:5C:E2:92:FB:1C:2C:C1:8D:34:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uez5urycprrpCFzikvscLMGNNE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/nqpFG0JN7J08efwGCyaikGO1CSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fb04c8-7057-45b7-a34c-dcfc6a9e0dc7/1/Uez5urycprrpCFzikvscLMGNNE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.60.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:4a:93:b1:e9:2c:1d:a2:a6:b7:92:fa:d0:e7:12:4b:77:f8:
34:69:d8:b1:2d:74:28:d0:c5:db:0e:b5:59:f6:a6:e3:da:1f:
5c:8e:cb:cf:d1:69:7f:59:fb:68:b3:aa:b3:a6:04:81:f5:71:
eb:47:5c:0e:7d:09:12:48:5c:d1:26:4a:b2:ae:d1:ab:69:1e:
16:91:3b:7f:cd:8f:39:08:e9:b3:84:5e:5f:08:6e:c8:dc:28:
3f:f2:0b:8b:19:9e:db:fd:74:ef:ff:b4:65:de:e5:c8:32:19:
40:8f:e0:6c:43:7f:14:1c:d4:4c:03:16:24:82:0d:23:ca:22:
17:e9:76:2e:fe:5e:85:86:c0:c1:89:e3:ad:22:8f:19:09:40:
95:ec:91:89:e3:aa:02:9e:7c:e8:4b:68:ea:4e:fe:94:15:18:
2b:fb:7f:a1:d3:82:64:4c:5b:0f:da:23:6a:20:b3:52:44:99:
28:8c:27:9f:fd:f6:bc:fa:4c:34:1b:8c:ea:06:40:b9:f5:c8:
05:4b:6f:7f:ed:1a:b3:f8:fc:ed:f8:bf:43:8d:4e:3b:95:ad:
53:ac:f1:c9:5a:c3:85:9e:a9:24:15:98:7d:18:46:bb:22:0f:
3f:50:fb:a0:9c:02:d1:e7:e8:f8:83:19:ac:03:a0:94:ef:4a:
b9:0a:27:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvQTlhdeVTrzE4JthbGxiNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZWNmOWJhYmM5Y2E2YmFlOTA4NWNlMjkyZmIxYzJjYzE4
ZDM0NGYwHhcNMjMxMTE1MDAwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWFhNDUxYjQyNGRlYzlkM2M3OWZjMDYwYjI2YTI5MDYzYjUwOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSyW1KvbuJ62XUsazII0PxsSHu2c
K6T/5RhGnnfhKAORidX2pjMSTAUhQm4GZ3rpk/MBnnhn8ivR3iEoWBUntJgXCKtp
LY6Si1UyN+M+JDLKE+zCAYCrzTZ78+yjep+6btCsA1kGLwN4flbzQugnr//GQWqE
ZbIQFMe3wEaXwP/WO1/fzXX41AT+FNKFlIky/U+nAAb5EYZVDU7TonPLzUDLqgNo
XRUNXjWSr+en5+coy3rVm/j/KX7ysz9nUqRFBAZGyp5FoD+QBU5cYdlY0lYGDu2a
vbTcrAACt3qwN3gIMtMgww47TvQlViLDCHAW5t4QBqHoVwVd4ke51/KMtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6qRRtCTeydPHn8BgsmopBjtQkoMB8GA1UdIwQY
MBaAFFHs+bq8nKa66Qhc4pL7HCzBjTRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMt
ZGNmYzZhOWUwZGM3LzEvbnFwRkcwSk43SjA4ZWZ3R0N5YWlrR08xQ1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mYjA0YzgtNzA1Ny00NWI3LWEzNGMtZGNmYzZhOWUwZGM3
LzEvVWV6NXVyeWNwcnJwQ0Z6aWt2c2NMTUdOTkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ48MA0G
CSqGSIb3DQEBCwUAA4IBAQB/SpOx6Swdoqa3kvrQ5xJLd/g0adixLXQo0MXbDrVZ
9qbj2h9cjsvP0Wl/Wftos6qzpgSB9XHrR1wOfQkSSFzRJkqyrtGraR4WkTt/zY85
COmzhF5fCG7I3Cg/8guLGZ7b/XTv/7Rl3uXIMhlAj+BsQ38UHNRMAxYkgg0jyiIX
6XYu/l6FhsDBieOtIo8ZCUCV7JGJ46oCnnzoS2jqTv6UFRgr+3+h04JkTFsP2iNq
ILNSRJkojCef/fa8+kw0G4zqBkC59cgFS29/7Rqz+Pzt+L9DjU47la1TrPHJWsOF
nqkkFZh9GEa7Ig8/UPugnALR5+j4gxmsA6CU70q5CidP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:16 2024 by rpki-client on console-fra.rpki-client.org