Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/QxSR6SI38bccXUWIx7WJYqgKb6w.roa
File: QxSR6SI38bccXUWIx7WJYqgKb6w.roa (raw, json)
Hash identifier: QLYc2E6d8KN7gEUnVvTEQKsQ970EgVdpqM583ZzZ6HE=
Subject key identifier: 43:14:91:E9:22:37:F1:B7:1C:5D:45:88:C7:B5:89:62:A8:0A:6F:AC
Certificate issuer: /CN=9eec34baf922028c3432f8f8f22bda6af86b77b2
Certificate serial: 01856F14E4017160D28B772108F1E35941F2
Authority key identifier: 9E:EC:34:BA:F9:22:02:8C:34:32:F8:F8:F2:2B:DA:6A:F8:6B:77:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nuw0uvkiAow0Mvj48ivaavhrd7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/QxSR6SI38bccXUWIx7WJYqgKb6w.roa
Signing time: Sun 01 Jan 2023 20:45:18 +0000
ROA not before: Sun 01 Jan 2023 20:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 45.150.212.0/24 maxlen: 24
45.150.213.0/24 maxlen: 24
45.150.215.0/24 maxlen: 24
45.150.214.0/24 maxlen: 24
2a0f:100::/30 maxlen: 30
2a0f:104::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e4:01:71:60:d2:8b:77:21:08:f1:e3:59:41:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eec34baf922028c3432f8f8f22bda6af86b77b2
Validity
Not Before: Jan 1 20:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=431491e92237f1b71c5d4588c7b58962a80a6fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:1f:80:39:b0:dd:a3:ac:0b:0a:22:a1:ae:
1d:00:45:a8:48:60:88:1f:a0:da:dd:98:f3:25:57:
cc:2b:4a:52:f5:1e:72:a3:da:40:25:e1:1a:0e:86:
bc:48:50:e9:d7:00:41:d9:4c:7d:87:05:db:51:dc:
ec:a5:76:f7:48:b7:d8:13:97:45:25:02:41:bc:e5:
c6:fb:ea:4d:42:6e:7d:26:29:95:c8:6a:8e:63:b7:
1e:5b:7e:8d:7b:fc:a6:0e:61:32:3c:df:02:6d:06:
70:58:25:8b:eb:20:cf:fe:14:5c:c6:42:96:cc:67:
12:8d:a8:85:1f:a8:5a:62:cf:bb:45:4a:2d:db:33:
45:76:d8:42:41:14:6d:50:4d:e5:c3:43:2e:4d:75:
c5:b5:71:d2:3b:ee:2f:2a:d1:b3:d8:e3:b4:be:6d:
44:23:4a:97:52:39:3f:3a:be:1b:66:83:2f:d6:8c:
4a:bf:54:e2:24:9d:0a:14:d5:f9:87:4c:98:52:98:
43:2b:c8:a0:72:bd:f5:a9:7b:98:69:64:11:84:3c:
b9:94:81:eb:a3:55:24:08:19:92:eb:e1:1f:58:8f:
d7:fe:a1:98:45:67:aa:e4:f1:62:b6:e6:ad:ba:29:
73:52:6c:21:9c:c1:80:91:53:18:57:57:17:ff:cf:
ff:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:14:91:E9:22:37:F1:B7:1C:5D:45:88:C7:B5:89:62:A8:0A:6F:AC
X509v3 Authority Key Identifier:
keyid:9E:EC:34:BA:F9:22:02:8C:34:32:F8:F8:F2:2B:DA:6A:F8:6B:77:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuw0uvkiAow0Mvj48ivaavhrd7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/QxSR6SI38bccXUWIx7WJYqgKb6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/nuw0uvkiAow0Mvj48ivaavhrd7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.212.0/22
IPv6:
2a0f:100::/29
Signature Algorithm: sha256WithRSAEncryption
df:71:a1:2f:7f:a6:70:1b:b4:ec:85:c9:8f:15:63:12:e8:d8:
b0:59:8e:e2:ae:7d:41:ff:9b:1b:3c:fd:ac:0d:39:2c:52:45:
9a:89:05:f7:e8:9a:75:aa:15:02:2a:98:5c:d0:9a:26:12:39:
90:86:56:9f:46:fc:91:c5:b7:27:04:ab:6c:9b:e5:9e:17:a7:
78:58:92:8c:7b:52:47:bf:77:bb:7d:f8:c3:7f:6e:0c:67:30:
64:c3:2c:84:25:dd:06:15:0c:07:40:dc:f6:51:ee:80:1a:22:
83:90:d4:b0:f7:4c:20:47:6c:78:38:0d:2e:4c:e6:c6:fb:dd:
76:d4:48:73:29:86:47:e8:d6:2f:e2:68:c7:7d:ec:27:45:de:
f8:83:91:34:43:9b:42:17:ac:81:d7:1e:33:2d:b0:9d:b7:ff:
63:3d:71:d2:fb:1f:f7:28:58:b0:2b:2a:1b:92:e0:83:7a:63:
ab:66:ca:23:49:6d:60:3d:82:9e:8d:31:55:c0:f0:ac:fa:e8:
f1:58:cd:a8:1f:5b:35:39:3b:0f:12:19:00:44:42:55:fb:ac:
bf:4a:22:17:88:01:d7:33:d3:32:2e:09:0f:1c:15:62:dc:75:
85:8b:2f:db:f4:d1:a5:90:27:ff:6c:00:d0:20:88:28:7b:3e:
e0:15:fb:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFOQBcWDSi3chCPHjWUHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWMzNGJhZjkyMjAyOGMzNDMyZjhmOGYyMmJkYTZhZjg2
Yjc3YjIwHhcNMjMwMTAxMjA0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE0OTFlOTIyMzdmMWI3MWM1ZDQ1ODhjN2I1ODk2MmE4MGE2ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLsfgDmw3aOsCwoioa4dAEWoSGCI
H6Da3ZjzJVfMK0pS9R5yo9pAJeEaDoa8SFDp1wBB2Ux9hwXbUdzspXb3SLfYE5dF
JQJBvOXG++pNQm59JimVyGqOY7ceW36Ne/ymDmEyPN8CbQZwWCWL6yDP/hRcxkKW
zGcSjaiFH6haYs+7RUot2zNFdthCQRRtUE3lw0MuTXXFtXHSO+4vKtGz2OO0vm1E
I0qXUjk/Or4bZoMv1oxKv1TiJJ0KFNX5h0yYUphDK8igcr31qXuYaWQRhDy5lIHr
o1UkCBmS6+EfWI/X/qGYRWeq5PFituatuilzUmwhnMGAkVMYV1cX/8//8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEMUkekiN/G3HF1FiMe1iWKoCm+sMB8GA1UdIwQY
MBaAFJ7sNLr5IgKMNDL4+PIr2mr4a3eyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnV3MHV2a2lBb3cwTXZqNDhpdmFhdmhyZDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82ZWE4ZjctY2I0YS00ZTRlLWFkNzkt
YWM4NzE3MWY0ZTVjLzEvUXhTUjZTSTM4YmNjWFVXSXg3V0pZcWdLYjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82ZWE4ZjctY2I0YS00ZTRlLWFkNzktYWM4NzE3MWY0ZTVj
LzEvbnV3MHV2a2lBb3cwTXZqNDhpdmFhdmhyZDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZbUMA0E
AgACMAcDBQMqDwEAMA0GCSqGSIb3DQEBCwUAA4IBAQDfcaEvf6ZwG7TshcmPFWMS
6NiwWY7irn1B/5sbPP2sDTksUkWaiQX36Jp1qhUCKphc0JomEjmQhlafRvyRxbcn
BKtsm+WeF6d4WJKMe1JHv3e7ffjDf24MZzBkwyyEJd0GFQwHQNz2Ue6AGiKDkNSw
90wgR2x4OA0uTObG+9121EhzKYZH6NYv4mjHfewnRd74g5E0Q5tCF6yB1x4zLbCd
t/9jPXHS+x/3KFiwKyobkuCDemOrZsojSW1gPYKejTFVwPCs+ujxWM2oH1s1OTsP
EhkAREJV+6y/SiIXiAHXM9MyLgkPHBVi3HWFiy/b9NGlkCf/bADQIIgoez7gFfuy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:25 2023 by rpki-client on console-ams.rpki-client.org