Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/qa6SHs52FMA0SnXHjih15nmzlYg.roa
File: qa6SHs52FMA0SnXHjih15nmzlYg.roa (raw, json)
Hash identifier: jZiYTA3rYuWL6Kt45RBM7ks/CWj21PIp49d3srprBR8=
Subject key identifier: A9:AE:92:1E:CE:76:14:C0:34:4A:75:C7:8E:28:75:E6:79:B3:95:88
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 018ECBE465B481422C924F6A7437FFD04994
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/qa6SHs52FMA0SnXHjih15nmzlYg.roa
Signing time: Thu 11 Apr 2024 06:42:06 +0000
ROA not before: Thu 11 Apr 2024 06:42:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.241.0/24 maxlen: 24
194.143.214.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Apr 2024 09:53:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cb:e4:65:b4:81:42:2c:92:4f:6a:74:37:ff:d0:49:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 11 06:42:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9ae921ece7614c0344a75c78e2875e679b39588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9a:f4:2f:ab:57:a7:a5:ea:c1:5c:3b:42:9a:
65:5a:f9:58:3b:ea:29:f9:d1:fd:51:b4:e9:21:c1:
57:1c:95:b0:11:54:00:ad:39:3c:10:d5:3d:78:e5:
ac:f1:ad:c5:f3:44:6c:10:de:f7:e9:17:e8:79:fa:
5a:24:25:b6:c8:fc:64:d4:65:75:e9:13:ef:43:40:
7f:f8:30:60:9d:3e:36:30:4f:5d:2f:c0:7a:20:1a:
1d:3f:bb:20:b6:f3:2f:6a:19:aa:d7:d6:6c:60:6d:
60:26:ea:b2:9f:be:6c:6b:d5:43:6a:5b:18:4b:71:
20:35:9c:93:a4:c3:95:2e:f3:cf:6c:03:e4:d5:b4:
c6:d2:7a:14:49:da:10:ec:63:c4:cf:9c:04:f7:26:
c1:80:f0:3b:c2:e1:73:1e:2b:3a:73:13:8e:40:87:
13:24:08:34:88:1d:51:1d:43:fd:f5:ff:35:38:2f:
01:4f:f8:2c:57:20:eb:88:52:39:92:60:f6:1e:be:
5a:53:9b:c6:cc:93:9f:dd:a0:30:d4:29:d4:23:ec:
fd:72:5a:5a:f5:75:95:90:3a:87:1d:d4:af:dc:eb:
5c:f5:7b:68:8c:b0:79:88:92:9e:c3:fe:5c:b9:10:
98:3d:df:7c:69:5b:a5:e7:f6:fb:80:a1:21:8e:dc:
75:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AE:92:1E:CE:76:14:C0:34:4A:75:C7:8E:28:75:E6:79:B3:95:88
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/qa6SHs52FMA0SnXHjih15nmzlYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.241.0/24
194.143.214.0/24
195.114.192.0/23
Signature Algorithm: sha256WithRSAEncryption
24:90:93:90:63:16:11:e5:43:2b:09:a7:d1:f6:38:41:e6:20:
cf:b3:29:f4:03:09:f0:dc:0a:f2:54:00:f2:8c:77:16:fb:1a:
8a:0c:eb:84:5e:2d:7d:c4:12:a1:cf:13:78:7f:17:12:18:bd:
0e:76:1b:b9:d8:15:83:f4:a1:c4:06:2a:57:ca:4f:7e:64:0e:
e9:f1:9a:81:e8:35:a2:21:48:b2:87:7d:79:59:c8:19:6f:08:
61:17:1b:c3:3e:67:73:70:ab:1e:7e:af:f4:66:d9:41:30:e6:
ef:e6:a0:17:40:86:0d:95:89:1c:cc:5a:2b:92:5b:1b:be:c3:
50:10:5d:d8:5e:5e:a8:c2:81:3e:8f:12:5e:25:a9:53:eb:e3:
69:0f:32:66:c9:5d:3c:c9:3d:40:f3:4c:4f:5e:16:a5:d1:a2:
68:7f:14:56:c8:c6:11:14:2b:d9:f3:aa:96:e6:8c:b9:c5:e8:
d6:90:8b:44:37:fc:cd:fa:34:4a:06:80:6a:d8:fa:b6:fe:11:
10:e6:be:f1:43:64:dd:a6:a3:df:a9:9a:7c:06:97:49:12:fb:
e8:40:cc:4d:29:dc:b9:9e:0a:cd:7a:3e:03:b9:21:4d:5d:28:
9c:43:73:1c:fe:42:f7:ee:55:9a:63:c2:e8:40:41:27:a5:e1:
ab:22:72:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7L5GW0gUIskk9qdDf/0EmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNDExMDY0MjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFlOTIxZWNlNzYxNGMwMzQ0YTc1Yzc4ZTI4NzVlNjc5YjM5NTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZr0L6tXp6XqwVw7QpplWvlYO+op
+dH9UbTpIcFXHJWwEVQArTk8ENU9eOWs8a3F80RsEN736RfoefpaJCW2yPxk1GV1
6RPvQ0B/+DBgnT42ME9dL8B6IBodP7sgtvMvahmq19ZsYG1gJuqyn75sa9VDalsY
S3EgNZyTpMOVLvPPbAPk1bTG0noUSdoQ7GPEz5wE9ybBgPA7wuFzHis6cxOOQIcT
JAg0iB1RHUP99f81OC8BT/gsVyDriFI5kmD2Hr5aU5vGzJOf3aAw1CnUI+z9clpa
9XWVkDqHHdSv3Otc9XtojLB5iJKew/5cuRCYPd98aVul5/b7gKEhjtx1lwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKmukh7OdhTANEp1x44odeZ5s5WIMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvcWE2U0hzNTJGTUEwU25YSGppaDE1bm16bFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZvxAwQA
wo/WAwQBw3LAMA0GCSqGSIb3DQEBCwUAA4IBAQAkkJOQYxYR5UMrCafR9jhB5iDP
syn0Awnw3AryVADyjHcW+xqKDOuEXi19xBKhzxN4fxcSGL0Odhu52BWD9KHEBipX
yk9+ZA7p8ZqB6DWiIUiyh315WcgZbwhhFxvDPmdzcKsefq/0ZtlBMObv5qAXQIYN
lYkczForklsbvsNQEF3YXl6owoE+jxJeJalT6+NpDzJmyV08yT1A80xPXhal0aJo
fxRWyMYRFCvZ86qW5oy5xejWkItEN/zN+jRKBoBq2Pq2/hEQ5r7xQ2TdpqPfqZp8
BpdJEvvoQMxNKdy5ngrNej4DuSFNXSicQ3Mc/kL37lWaY8LoQEEnpeGrInJs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:18 2024 by rpki-client on console-fra.rpki-client.org