Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/CQOH-0r4J0cIxZqEAxDGXfysX9s.roa
File: CQOH-0r4J0cIxZqEAxDGXfysX9s.roa (raw, json)
Hash identifier: 4pToWInJLEuErSQmGuL9Wfa9+2SAApXF/+CiWsqtN2c=
Subject key identifier: 09:03:87:FB:4A:F8:27:47:08:C5:9A:84:03:10:C6:5D:FC:AC:5F:DB
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01888FEAD5DEE56BBB483BD36E43B4C62CAB
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/CQOH-0r4J0cIxZqEAxDGXfysX9s.roa
Signing time: Tue 06 Jun 2023 08:55:12 +0000
ROA not before: Tue 06 Jun 2023 08:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149485
IP address blocks: 45.138.210.0/24 maxlen: 32
45.138.211.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8f:ea:d5:de:e5:6b:bb:48:3b:d3:6e:43:b4:c6:2c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jun 6 08:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=090387fb4af8274708c59a840310c65dfcac5fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f3:28:12:42:21:b9:6f:86:8a:1f:f9:8c:ae:
b5:f1:5f:c8:c8:cb:e1:3f:d7:5a:d3:1e:7d:c9:c3:
1c:cf:3a:3d:64:ec:67:8e:29:3b:42:f7:69:33:9a:
25:92:40:55:3e:a8:af:90:b1:63:ed:df:51:c9:ae:
a6:27:cf:04:5f:24:ba:a0:b5:68:e8:b6:27:0f:74:
02:c1:d6:ab:ab:c6:7f:06:5d:b6:6d:12:28:a2:9d:
55:98:c8:ff:5f:61:cc:11:58:f8:8c:17:a5:da:3f:
f2:4c:eb:a9:3f:53:e1:57:ab:8d:26:df:da:19:b5:
c7:10:89:fb:89:92:00:a1:c7:6a:13:2a:cc:fa:0d:
07:52:5a:31:86:e7:7f:ed:c3:f7:a3:60:d1:25:15:
aa:48:51:ff:84:10:b2:47:a9:f6:bc:ab:82:78:e9:
58:a4:a9:91:19:da:cb:d7:db:75:63:28:69:37:34:
fa:f3:1c:9e:a9:c5:25:b1:d1:f9:20:91:7b:5f:4e:
83:96:3f:17:b7:16:ce:62:f8:05:a1:dc:d7:24:53:
1a:89:07:70:e7:cb:1e:5b:c7:85:b0:2a:7c:45:94:
0e:da:cc:cd:34:13:cd:b6:6e:07:53:bf:67:ca:61:
d9:86:04:c6:d5:09:8c:1a:ae:e1:19:e1:58:80:23:
a5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:03:87:FB:4A:F8:27:47:08:C5:9A:84:03:10:C6:5D:FC:AC:5F:DB
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/CQOH-0r4J0cIxZqEAxDGXfysX9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.210.0/23
Signature Algorithm: sha256WithRSAEncryption
72:24:7a:f4:0c:2f:aa:6d:81:31:30:f1:80:2e:28:a6:01:08:
4a:31:94:ed:95:d1:e1:46:10:d3:07:43:51:58:57:9a:9b:f6:
72:f9:de:c2:d6:c0:86:2f:36:3f:dd:15:de:47:b7:39:a3:19:
64:c9:34:2a:8a:a2:28:92:a2:83:fc:80:bc:5b:4d:e0:8f:f8:
2c:fa:c1:dd:cc:a0:91:ef:ba:f7:56:a5:93:fd:6b:85:08:62:
77:13:48:9d:50:a4:af:52:ce:9a:94:35:85:4b:2c:65:ed:cd:
f6:4b:e4:66:8b:6d:2d:0d:32:5f:a3:a6:65:76:fe:7c:97:3f:
d6:a7:f4:db:a3:98:3d:72:00:38:69:19:19:16:02:11:cf:da:
86:f1:8f:96:6c:44:8c:7c:62:13:62:ce:57:32:7a:90:aa:c7:
bd:d5:e4:d5:16:b6:0f:ca:11:7e:3c:25:43:a1:26:43:84:f1:
a9:24:f7:1b:19:78:72:83:b8:2e:ba:65:69:5f:10:90:ca:cb:
f3:56:e6:66:76:ff:d7:f3:ea:e7:75:96:b6:3b:d4:3a:fe:f7:
24:2e:ca:bf:7f:89:ef:ed:8f:3e:df:da:c3:93:5a:cd:4c:de:
26:4a:4b:22:5a:03:aa:fc:f2:77:0d:29:b6:ad:d5:c7:ba:07:
09:cc:cb:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiP6tXe5Wu7SDvTbkO0xiyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwNjA2MDg1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAzODdmYjRhZjgyNzQ3MDhjNTlhODQwMzEwYzY1ZGZjYWM1ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/MoEkIhuW+Gih/5jK618V/IyMvh
P9da0x59ycMczzo9ZOxnjik7QvdpM5olkkBVPqivkLFj7d9Rya6mJ88EXyS6oLVo
6LYnD3QCwdarq8Z/Bl22bRIoop1VmMj/X2HMEVj4jBel2j/yTOupP1PhV6uNJt/a
GbXHEIn7iZIAocdqEyrM+g0HUloxhud/7cP3o2DRJRWqSFH/hBCyR6n2vKuCeOlY
pKmRGdrL19t1YyhpNzT68xyeqcUlsdH5IJF7X06Dlj8XtxbOYvgFodzXJFMaiQdw
58seW8eFsCp8RZQO2szNNBPNtm4HU79nymHZhgTG1QmMGq7hGeFYgCOlkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkDh/tK+CdHCMWahAMQxl38rF/bMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvQ1FPSC0wcjRKMGNJeFpxRUF4REdYZnlzWDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYrSMA0G
CSqGSIb3DQEBCwUAA4IBAQByJHr0DC+qbYExMPGALiimAQhKMZTtldHhRhDTB0NR
WFeam/Zy+d7C1sCGLzY/3RXeR7c5oxlkyTQqiqIokqKD/IC8W03gj/gs+sHdzKCR
77r3VqWT/WuFCGJ3E0idUKSvUs6alDWFSyxl7c32S+Rmi20tDTJfo6Zldv58lz/W
p/Tbo5g9cgA4aRkZFgIRz9qG8Y+WbESMfGITYs5XMnqQqse91eTVFrYPyhF+PCVD
oSZDhPGpJPcbGXhyg7guumVpXxCQysvzVuZmdv/X8+rndZa2O9Q6/vckLsq/f4nv
7Y8+39rDk1rNTN4mSksiWgOq/PJ3DSm2rdXHugcJzMut
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org