Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/Q6aaF8DcBSMMB_RIUqkj2gSBkGY.roa
File: Q6aaF8DcBSMMB_RIUqkj2gSBkGY.roa (raw, json)
Hash identifier: BVVH2vPxxztqCmbEGDnyMCRZATH7OewNaoQ2KxIoE7A=
Subject key identifier: 43:A6:9A:17:C0:DC:05:23:0C:07:F4:48:52:A9:23:DA:04:81:90:66
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 01918FC47749A90575982643A30C550F1747
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/Q6aaF8DcBSMMB_RIUqkj2gSBkGY.roa
Signing time: Mon 26 Aug 2024 17:38:23 +0000
ROA not before: Mon 26 Aug 2024 17:38:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 45.11.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 17:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8f:c4:77:49:a9:05:75:98:26:43:a3:0c:55:0f:17:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Aug 26 17:38:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43a69a17c0dc05230c07f44852a923da04819066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:cb:4a:6f:dc:aa:f2:ce:88:68:2b:62:c1:
9d:c0:fd:6a:ec:81:4c:c6:6c:1e:dc:49:f3:20:09:
6d:0b:4b:56:74:ac:80:be:36:0e:82:7b:f2:bf:89:
62:71:f4:7e:d0:ca:5d:92:34:2f:39:a6:0c:14:b7:
bc:e5:46:df:de:2a:8d:15:53:00:0e:1a:71:b9:8b:
2d:82:df:c8:55:fd:be:41:66:00:0f:9b:dd:90:8b:
cd:f5:d4:39:c2:f4:3b:bd:d9:5e:4a:fa:f6:1e:74:
ec:58:69:55:3b:95:16:e3:19:e7:09:f8:e7:1f:2f:
31:24:cc:9e:44:70:a0:d8:5d:05:d0:e2:8e:6f:3f:
79:dd:56:30:2a:75:88:83:d2:99:44:0c:9d:66:39:
56:29:ab:71:a7:6a:8d:a3:e1:a6:09:f0:d0:76:39:
6e:b5:35:80:0f:5c:bc:97:89:d6:5b:9a:26:be:ab:
cf:a9:9c:26:f2:91:26:23:3f:6e:d6:74:bc:bb:72:
d4:2d:5a:dd:b2:21:4b:5c:8a:83:77:8d:42:47:ca:
13:a3:75:86:28:28:61:4d:de:f4:25:6b:62:9c:22:
0a:4c:a3:31:e1:dd:70:e3:de:ec:e6:55:88:5c:aa:
e0:99:3c:4e:38:96:94:21:5c:fb:75:63:80:43:bf:
8b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A6:9A:17:C0:DC:05:23:0C:07:F4:48:52:A9:23:DA:04:81:90:66
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/Q6aaF8DcBSMMB_RIUqkj2gSBkGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.187.0/24
Signature Algorithm: sha256WithRSAEncryption
27:3e:7c:b8:24:8e:00:00:b7:30:45:e5:41:f8:93:e6:da:3c:
75:80:1f:2a:ad:49:94:ed:d8:a3:5f:3a:cf:3d:20:9f:8d:23:
04:4b:d1:15:55:fe:fe:10:b3:34:4d:f4:77:0a:9b:0d:23:0d:
7d:9d:04:61:cd:62:ca:36:87:08:af:67:dc:ca:7b:c1:12:ac:
0d:e7:89:29:1c:a2:d0:79:c5:02:81:57:a8:ad:e0:62:6a:3c:
57:9c:a6:0e:4e:be:de:a1:9f:5c:df:9a:ae:46:37:b5:58:7a:
00:ff:bd:cf:a1:57:53:75:df:a6:e3:c6:81:a4:19:8c:f4:a7:
4f:65:67:72:14:32:c8:ce:87:99:af:a0:a3:62:3a:5f:97:ff:
cb:21:59:e6:f6:e0:c0:ed:64:c6:79:8f:4b:d3:0a:77:41:83:
cb:01:9e:bb:db:26:7f:8d:17:7e:19:6b:ee:75:7d:91:4d:ef:
ff:a7:fa:f1:ea:44:73:5c:b5:49:f9:62:ed:72:f5:c7:46:64:
c9:fd:12:a5:ba:c5:6e:2e:77:ee:11:76:f7:29:fc:f3:46:90:
06:9d:a4:6e:d8:68:79:4b:92:9d:1b:e8:66:a2:e0:11:5e:39:
37:ba:17:0e:02:94:c2:9c:17:f6:ee:e4:8c:29:19:fe:45:b7:
0a:73:38:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGPxHdJqQV1mCZDowxVDxdHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQwODI2MTczODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E2OWExN2MwZGMwNTIzMGMwN2Y0NDg1MmE5MjNkYTA0ODE5MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH/LSm/cqvLOiGgrYsGdwP1q7IFM
xmwe3EnzIAltC0tWdKyAvjYOgnvyv4licfR+0MpdkjQvOaYMFLe85Ubf3iqNFVMA
DhpxuYstgt/IVf2+QWYAD5vdkIvN9dQ5wvQ7vdleSvr2HnTsWGlVO5UW4xnnCfjn
Hy8xJMyeRHCg2F0F0OKObz953VYwKnWIg9KZRAydZjlWKatxp2qNo+GmCfDQdjlu
tTWAD1y8l4nWW5omvqvPqZwm8pEmIz9u1nS8u3LULVrdsiFLXIqDd41CR8oTo3WG
KChhTd70JWtinCIKTKMx4d1w497s5lWIXKrgmTxOOJaUIVz7dWOAQ7+LxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOmmhfA3AUjDAf0SFKpI9oEgZBmMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvUTZhYUY4RGNCU01NQl9SSVVxa2oyZ1NCa0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu7MA0G
CSqGSIb3DQEBCwUAA4IBAQAnPny4JI4AALcwReVB+JPm2jx1gB8qrUmU7dijXzrP
PSCfjSMES9EVVf7+ELM0TfR3CpsNIw19nQRhzWLKNocIr2fcynvBEqwN54kpHKLQ
ecUCgVeoreBiajxXnKYOTr7eoZ9c35quRje1WHoA/73PoVdTdd+m48aBpBmM9KdP
ZWdyFDLIzoeZr6CjYjpfl//LIVnm9uDA7WTGeY9L0wp3QYPLAZ672yZ/jRd+GWvu
dX2RTe//p/rx6kRzXLVJ+WLtcvXHRmTJ/RKlusVuLnfuEXb3KfzzRpAGnaRu2Gh5
S5KdG+hmouARXjk3uhcOApTCnBf27uSMKRn+RbcKczhr
-----END CERTIFICATE-----
Generated at Mon Sep 2 20:17:15 2024 by rpki-client on console-fra.rpki-client.org