Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mqJqNuJgQUuuIiW3OM9dHPqsOZk.roa
File: mqJqNuJgQUuuIiW3OM9dHPqsOZk.roa (raw, json)
Hash identifier: 9aI2BOZ1dAzPcrU6OqrQi1p67AyCWi57Kh4j2nm64YY=
Subject key identifier: 9A:A2:6A:36:E2:60:41:4B:AE:22:25:B7:38:CF:5D:1C:FA:AC:39:99
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DF9C11B25CA0F2BDDF40F42FCF5ADB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mqJqNuJgQUuuIiW3OM9dHPqsOZk.roa
Signing time: Tue 02 Jan 2024 06:32:26 +0000
ROA not before: Tue 02 Jan 2024 06:32:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 45.8.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:9c:11:b2:5c:a0:f2:bd:df:40:f4:2f:cf:5a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aa26a36e260414bae2225b738cf5d1cfaac3999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ec:c9:2a:0b:a5:51:0a:75:6f:ed:b3:be:1c:
d4:a1:3d:67:2c:80:04:e7:70:98:1e:67:ce:e8:1b:
72:ef:34:ca:31:2f:33:8f:40:09:83:ef:4b:59:b1:
81:da:23:e9:7b:02:48:c6:09:4b:ba:0e:49:6d:0b:
fb:8a:71:bd:2f:57:e8:47:53:28:d9:d4:59:65:af:
36:55:5f:da:b3:3f:c4:db:7d:e2:3e:c6:fd:01:4e:
3e:7c:4f:8f:6f:f3:0b:df:d2:55:78:c4:41:52:f4:
41:91:35:ca:c1:db:6b:a0:6b:0c:dd:f6:ad:d5:62:
5f:e7:92:b3:79:43:6d:70:5c:32:39:55:c3:d8:09:
a0:32:95:e1:eb:1a:c9:95:95:7b:a3:22:1b:46:c5:
05:3e:47:ce:b9:2d:70:29:5a:46:3d:1d:be:f5:fa:
c7:69:5c:9c:49:5e:df:c5:ec:80:b3:5c:9c:29:79:
2d:e3:81:d1:3d:d4:2a:5b:97:3c:d0:cb:ec:03:b2:
03:d3:c7:95:bd:ff:09:61:8f:34:22:d2:25:95:48:
01:c5:75:a8:49:b0:3d:b8:bd:83:f7:d4:0d:cb:f9:
5b:c6:15:14:89:96:64:5c:67:e0:97:f4:d8:67:5e:
8a:eb:04:ce:36:f3:17:0f:13:f2:18:13:de:3c:6d:
cc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A2:6A:36:E2:60:41:4B:AE:22:25:B7:38:CF:5D:1C:FA:AC:39:99
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mqJqNuJgQUuuIiW3OM9dHPqsOZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.208.0/24
Signature Algorithm: sha256WithRSAEncryption
64:f5:84:c3:98:ea:dd:30:7f:74:55:58:d1:8f:07:dc:05:3e:
52:19:2f:1d:ec:94:8c:ec:e4:de:08:90:af:fb:83:52:b9:71:
68:cd:d8:6f:48:d4:30:37:70:f3:04:98:47:e6:0a:9d:3d:c2:
99:e8:ea:24:58:96:6a:60:f1:a6:a4:df:56:4c:96:08:3d:c3:
04:5e:05:f8:70:26:b4:35:66:54:4a:a0:1d:fa:78:61:84:b7:
d9:9b:5d:9f:ae:71:72:94:d0:ac:66:f2:cb:13:e0:a2:90:ba:
aa:b3:dc:66:36:66:af:8e:3c:8a:d3:e4:9b:f8:6e:5b:cd:25:
2a:85:ad:8b:46:b2:70:97:bd:3f:2c:44:30:c3:37:a9:5f:39:
1a:da:b4:be:02:fe:b8:a1:55:cd:de:84:83:1f:27:06:9e:44:
8a:82:3d:66:be:59:8e:a0:fb:96:68:4d:0e:a9:ca:b7:84:f2:
ee:3e:1b:eb:e1:0e:92:cb:17:47:e7:90:1b:b3:d3:1c:f8:e6:
69:4e:27:f7:65:76:24:d8:80:da:64:e2:05:b7:16:31:38:fe:
19:6d:cd:c9:68:37:17:2c:c4:09:78:dd:a9:4a:78:f8:a6:94:
1e:00:db:84:32:09:f2:e9:d2:ad:8c:b3:25:92:89:97:d7:28:
f0:db:3f:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI35wRslyg8r3fQPQvz1rbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWEyNmEzNmUyNjA0MTRiYWUyMjI1YjczOGNmNWQxY2ZhYWMzOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ezJKgulUQp1b+2zvhzUoT1nLIAE
53CYHmfO6Bty7zTKMS8zj0AJg+9LWbGB2iPpewJIxglLug5JbQv7inG9L1foR1Mo
2dRZZa82VV/asz/E233iPsb9AU4+fE+Pb/ML39JVeMRBUvRBkTXKwdtroGsM3fat
1WJf55KzeUNtcFwyOVXD2AmgMpXh6xrJlZV7oyIbRsUFPkfOuS1wKVpGPR2+9frH
aVycSV7fxeyAs1ycKXkt44HRPdQqW5c80MvsA7ID08eVvf8JYY80ItIllUgBxXWo
SbA9uL2D99QNy/lbxhUUiZZkXGfgl/TYZ16K6wTONvMXDxPyGBPePG3MQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqiajbiYEFLriIltzjPXRz6rDmZMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbXFKcU51SmdRVXV1SWlXM09NOWRIUHFzT1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjQMA0G
CSqGSIb3DQEBCwUAA4IBAQBk9YTDmOrdMH90VVjRjwfcBT5SGS8d7JSM7OTeCJCv
+4NSuXFozdhvSNQwN3DzBJhH5gqdPcKZ6OokWJZqYPGmpN9WTJYIPcMEXgX4cCa0
NWZUSqAd+nhhhLfZm12frnFylNCsZvLLE+CikLqqs9xmNmavjjyK0+Sb+G5bzSUq
ha2LRrJwl70/LEQwwzepXzka2rS+Av64oVXN3oSDHycGnkSKgj1mvlmOoPuWaE0O
qcq3hPLuPhvr4Q6SyxdH55Abs9Mc+OZpTif3ZXYk2IDaZOIFtxYxOP4Zbc3JaDcX
LMQJeN2pSnj4ppQeANuEMgny6dKtjLMlkomX1yjw2z9Z
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:31:09 2025 by rpki-client