Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/QNo18nnhVVuNGUFrn5sovY3LxoY.roa
File: QNo18nnhVVuNGUFrn5sovY3LxoY.roa (raw, json)
Hash identifier: YF2kagxDYit6Iz/4qXx/a0SEzePM/M+1mP6KEGlKQAE=
Subject key identifier: 40:DA:35:F2:79:E1:55:5B:8D:19:41:6B:9F:9B:28:BD:8D:CB:C6:86
Certificate issuer: /CN=dd982f979a2d25ebb2dab2654b8c27c928cf5ac7
Certificate serial: 0185700B93104E12C2B101C4C54AFE195635
Authority key identifier: DD:98:2F:97:9A:2D:25:EB:B2:DA:B2:65:4B:8C:27:C9:28:CF:5A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Zgvl5otJeuy2rJlS4wnySjPWsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/QNo18nnhVVuNGUFrn5sovY3LxoY.roa
Signing time: Mon 02 Jan 2023 01:14:44 +0000
ROA not before: Mon 02 Jan 2023 01:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208135
IP address blocks: 45.158.40.0/22 maxlen: 24
2a0f:5380::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:93:10:4e:12:c2:b1:01:c4:c5:4a:fe:19:56:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd982f979a2d25ebb2dab2654b8c27c928cf5ac7
Validity
Not Before: Jan 2 01:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40da35f279e1555b8d19416b9f9b28bd8dcbc686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:fa:d6:03:1a:fa:c8:bc:73:e7:8a:20:80:
94:83:11:ae:79:8a:9a:c4:d1:3c:2e:40:91:1b:cc:
05:56:08:c1:bc:2e:8e:9e:74:dc:15:09:db:86:35:
06:64:92:7c:60:b3:fa:70:de:e9:f0:32:a9:7c:6b:
1e:ec:d3:45:3c:31:be:e6:9f:5d:e7:f3:f1:5e:41:
ae:62:7a:7d:88:65:dc:0a:9a:ff:78:e5:20:f2:4c:
41:76:31:56:22:be:f3:50:cc:af:01:6f:89:a9:0f:
83:24:34:34:2b:e7:af:94:ea:29:2b:63:f9:4c:b4:
b0:aa:2c:7b:9c:44:da:c1:da:e1:ec:97:99:84:e3:
d5:f1:e4:00:81:3e:19:ad:ae:32:69:ed:0e:94:4c:
05:f4:69:48:73:09:96:c2:fd:31:ed:a3:b5:f0:d8:
b5:d1:c2:ca:c5:f1:56:0b:c9:16:9d:36:34:10:24:
94:d0:81:29:bf:38:5f:05:08:47:b6:b3:4f:2c:e3:
fa:17:88:59:f5:9d:fc:28:bd:71:10:49:a9:32:74:
46:5a:61:2e:c4:ec:fe:df:7e:a8:35:34:a9:da:71:
17:1d:5f:77:1e:b6:f4:c8:4a:d5:20:cd:d1:fb:b1:
bf:a5:3e:20:aa:21:5f:7d:5a:a4:17:8e:dc:2c:a6:
5e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DA:35:F2:79:E1:55:5B:8D:19:41:6B:9F:9B:28:BD:8D:CB:C6:86
X509v3 Authority Key Identifier:
keyid:DD:98:2F:97:9A:2D:25:EB:B2:DA:B2:65:4B:8C:27:C9:28:CF:5A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Zgvl5otJeuy2rJlS4wnySjPWsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/QNo18nnhVVuNGUFrn5sovY3LxoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/37ea19-6f25-42bc-ad27-9886cb1b640e/1/3Zgvl5otJeuy2rJlS4wnySjPWsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.40.0/22
IPv6:
2a0f:5380::/29
Signature Algorithm: sha256WithRSAEncryption
9a:07:5a:c0:c6:80:7b:95:a4:a4:fb:bb:0d:8d:79:0a:10:c7:
a8:19:91:fd:4a:22:2d:ec:20:9e:9f:4e:b0:e2:5b:d9:87:bb:
19:c4:9c:72:c5:85:b8:40:8a:3a:6a:b1:3b:31:25:6e:f7:ae:
05:5a:3e:cd:63:b6:e1:72:42:8f:2c:1c:3a:a8:26:d6:13:b9:
f7:ae:94:83:f3:27:58:57:90:06:42:63:50:ba:30:0b:40:a8:
0c:41:f4:ed:34:19:a3:4f:66:8b:f7:ca:f2:c8:a2:80:0c:fb:
1a:7b:a5:8d:dc:12:74:85:44:9c:2c:02:20:fd:d5:99:3e:b9:
bf:3d:ba:81:67:f1:c2:a8:84:c9:bb:b7:0b:24:08:13:a8:0a:
69:3c:81:b8:f7:33:be:ec:79:25:69:b5:44:cf:41:f7:1d:06:
9b:00:b6:01:04:80:11:f9:1a:b7:fd:07:22:4e:73:ec:99:c4:
59:0d:c1:73:0b:fe:ae:db:71:a8:17:4b:29:14:00:2b:04:89:
44:e6:03:ee:73:4b:30:fb:4c:c0:15:7f:c1:b0:b8:14:26:1a:
f8:c3:ed:02:f0:97:76:39:be:52:b0:6d:40:70:72:cc:f6:85:
45:f1:08:52:d1:e7:64:76:34:4d:38:b3:e2:d5:d3:90:c0:1e:
a0:e4:21:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwC5MQThLCsQHExUr+GVY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTgyZjk3OWEyZDI1ZWJiMmRhYjI2NTRiOGMyN2M5Mjhj
ZjVhYzcwHhcNMjMwMTAyMDExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGRhMzVmMjc5ZTE1NTViOGQxOTQxNmI5ZjliMjhiZDhkY2JjNjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut761gMa+si8c+eKIICUgxGueYqa
xNE8LkCRG8wFVgjBvC6OnnTcFQnbhjUGZJJ8YLP6cN7p8DKpfGse7NNFPDG+5p9d
5/PxXkGuYnp9iGXcCpr/eOUg8kxBdjFWIr7zUMyvAW+JqQ+DJDQ0K+evlOopK2P5
TLSwqix7nETawdrh7JeZhOPV8eQAgT4Zra4yae0OlEwF9GlIcwmWwv0x7aO18Ni1
0cLKxfFWC8kWnTY0ECSU0IEpvzhfBQhHtrNPLOP6F4hZ9Z38KL1xEEmpMnRGWmEu
xOz+336oNTSp2nEXHV93Hrb0yErVIM3R+7G/pT4gqiFffVqkF47cLKZeRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDaNfJ54VVbjRlBa5+bKL2Ny8aGMB8GA1UdIwQY
MBaAFN2YL5eaLSXrstqyZUuMJ8koz1rHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pndmw1b3RKZXV5MnJKbFM0d255U2pQV3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8zN2VhMTktNmYyNS00MmJjLWFkMjct
OTg4NmNiMWI2NDBlLzEvUU5vMThubmhWVnVOR1VGcm41c292WTNMeG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8zN2VhMTktNmYyNS00MmJjLWFkMjctOTg4NmNiMWI2NDBl
LzEvM1pndmw1b3RKZXV5MnJKbFM0d255U2pQV3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ4oMA0E
AgACMAcDBQMqD1OAMA0GCSqGSIb3DQEBCwUAA4IBAQCaB1rAxoB7laSk+7sNjXkK
EMeoGZH9SiIt7CCen06w4lvZh7sZxJxyxYW4QIo6arE7MSVu964FWj7NY7bhckKP
LBw6qCbWE7n3rpSD8ydYV5AGQmNQujALQKgMQfTtNBmjT2aL98ryyKKADPsae6WN
3BJ0hUScLAIg/dWZPrm/PbqBZ/HCqITJu7cLJAgTqAppPIG49zO+7HklabVEz0H3
HQabALYBBIAR+Rq3/QciTnPsmcRZDcFzC/6u23GoF0spFAArBIlE5gPuc0sw+0zA
FX/BsLgUJhr4w+0C8Jd2Ob5SsG1AcHLM9oVF8QhS0edkdjRNOLPi1dOQwB6g5CHF
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:22 2024 by rpki-client on console-ams.rpki-client.org