Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/q4RVJlWeKGAT8sicrw1H3CAIghg.roa
File: q4RVJlWeKGAT8sicrw1H3CAIghg.roa (raw, json)
Hash identifier: qd6oi9Ko1xYg0bx3pcM3HHpQlQ/c2EVZBTxoAbot7dY=
Subject key identifier: AB:84:55:26:55:9E:28:60:13:F2:C8:9C:AF:0D:47:DC:20:08:82:18
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0192251B733ED904562AD59D4992BBBBBE21
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/q4RVJlWeKGAT8sicrw1H3CAIghg.roa
Signing time: Tue 24 Sep 2024 17:36:48 +0000
ROA not before: Tue 24 Sep 2024 17:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.149.7.0/24 maxlen: 24
212.81.45.0/24 maxlen: 24
212.81.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 21:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:25:1b:73:3e:d9:04:56:2a:d5:9d:49:92:bb:bb:be:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Sep 24 17:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab845526559e286013f2c89caf0d47dc20088218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6c:25:58:cf:ed:f5:8d:bc:b4:74:af:b0:82:
e1:d3:ab:95:82:de:70:85:12:cb:9f:c1:b8:05:50:
24:01:c4:04:0d:77:5b:6c:a0:f1:d5:32:61:d1:fa:
6e:85:6c:36:03:1e:ce:84:0e:fc:79:30:46:d5:ba:
ed:09:0f:08:8b:e0:74:75:0f:48:d1:c5:2b:dc:9a:
e8:24:4e:d9:19:09:0d:97:19:d1:db:0f:68:6f:52:
b2:70:02:c1:bc:d2:b7:35:67:11:fd:7a:6b:2b:ce:
27:bf:79:aa:dd:ab:0e:db:6d:b4:1f:d8:da:ec:07:
14:74:42:82:16:eb:e8:77:a0:c9:80:08:ce:fe:57:
f7:38:0c:3f:38:e6:f1:0a:46:54:ad:fa:fe:af:4b:
e2:0f:6e:e9:3c:c1:c6:a5:b2:00:8c:34:c6:45:af:
70:fe:b2:46:d6:4a:92:bf:5f:c0:c3:26:66:d2:92:
98:1f:66:67:aa:e9:04:fd:f4:cd:51:66:17:ab:b3:
c2:ed:cc:d6:e7:ee:9f:90:4a:72:76:d2:09:75:a6:
9c:6e:11:c4:87:cb:24:f3:af:bd:69:6d:f1:fd:0e:
29:5a:a8:55:6f:44:68:f6:64:a6:82:4d:5a:be:a6:
e6:bc:fb:7b:26:ce:b1:b5:62:b8:7e:c9:9a:e9:a0:
1e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:84:55:26:55:9E:28:60:13:F2:C8:9C:AF:0D:47:DC:20:08:82:18
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/q4RVJlWeKGAT8sicrw1H3CAIghg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.7.0/24
212.81.45.0-212.81.46.255
Signature Algorithm: sha256WithRSAEncryption
31:ea:1a:b9:30:a5:e1:41:d8:c3:a0:ee:50:04:af:a7:55:00:
49:59:29:d0:08:90:08:58:01:b2:ee:6c:d8:70:9e:be:ce:a1:
27:9d:57:f6:9a:a6:94:65:1a:a0:64:ba:06:ed:d7:d8:d4:94:
d3:e2:bb:c1:e7:5b:ef:a0:5a:01:72:ed:2d:08:08:09:fc:6e:
21:1f:01:cb:dc:35:a8:05:f8:4b:66:ac:30:4f:d1:fa:35:c3:
7a:b8:10:65:09:4f:b9:99:b6:41:ab:ab:bf:c0:08:87:43:86:
d0:a2:0f:8d:4e:dc:b1:9a:a4:b1:38:80:90:88:23:16:86:15:
86:24:43:ce:b1:83:f3:64:2b:c5:f6:a9:e6:a7:0b:db:c7:11:
40:ce:d9:27:f1:9d:8c:16:37:e4:93:90:22:c7:35:01:c9:a3:
7b:3b:c2:ff:06:90:2d:6c:01:4b:ff:ed:ad:fe:94:40:68:85:
98:fe:99:fc:9b:52:95:ba:e7:84:bb:80:62:d1:94:91:63:f2:
19:71:19:80:d8:3c:ca:e4:75:ad:be:af:2a:81:31:bf:2b:a4:
51:0e:89:01:a7:53:65:c6:64:fa:c2:16:44:7c:42:42:db:77:
5b:26:ba:55:2c:1d:a3:cf:54:43:cb:9f:c6:58:59:58:ae:21:
92:18:04:68
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZIlG3M+2QRWKtWdSZK7u74hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwOTI0MTczNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjg0NTUyNjU1OWUyODYwMTNmMmM4OWNhZjBkNDdkYzIwMDg4MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2wlWM/t9Y28tHSvsILh06uVgt5w
hRLLn8G4BVAkAcQEDXdbbKDx1TJh0fpuhWw2Ax7OhA78eTBG1brtCQ8Ii+B0dQ9I
0cUr3JroJE7ZGQkNlxnR2w9ob1KycALBvNK3NWcR/XprK84nv3mq3asO2220H9ja
7AcUdEKCFuvod6DJgAjO/lf3OAw/OObxCkZUrfr+r0viD27pPMHGpbIAjDTGRa9w
/rJG1kqSv1/AwyZm0pKYH2ZnqukE/fTNUWYXq7PC7czW5+6fkEpydtIJdaacbhHE
h8sk86+9aW3x/Q4pWqhVb0Ro9mSmgk1avqbmvPt7Js6xtWK4fsma6aAe3QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKuEVSZVnihgE/LInK8NR9wgCIIYMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvcTRSVkpsV2VLR0FUOHNpY3J3MUgzQ0FJZ2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALZUHMAwD
BADUUS0DBADUUS4wDQYJKoZIhvcNAQELBQADggEBADHqGrkwpeFB2MOg7lAEr6dV
AElZKdAIkAhYAbLubNhwnr7OoSedV/aappRlGqBkugbt19jUlNPiu8HnW++gWgFy
7S0ICAn8biEfAcvcNagF+EtmrDBP0fo1w3q4EGUJT7mZtkGrq7/ACIdDhtCiD41O
3LGapLE4gJCIIxaGFYYkQ86xg/NkK8X2qeanC9vHEUDO2SfxnYwWN+STkCLHNQHJ
o3s7wv8GkC1sAUv/7a3+lEBohZj+mfybUpW654S7gGLRlJFj8hlxGYDYPMrkda2+
ryqBMb8rpFEOiQGnU2XGZPrCFkR8QkLbd1smulUsHaPPVEPLn8ZYWViuIZIYBGg=
-----END CERTIFICATE-----
Generated at Thu Sep 26 23:45:58 2024 by rpki-client on console-ams.rpki-client.org