Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/8b400d-1e8e-40da-b1d6-a6541ceb1e43/1/QdixeSX4hy8xz2ylD7ux27CkV3k.roa
File: QdixeSX4hy8xz2ylD7ux27CkV3k.roa (raw, json)
Hash identifier: ZBxkccLZSQKmR3S9wVxJdw6ik5Bp+HCK0e5dXNe2Y0A=
Subject key identifier: 41:D8:B1:79:25:F8:87:2F:31:CF:6C:A5:0F:BB:B1:DB:B0:A4:57:79
Certificate issuer: /CN=5232d44d9e08c873db35c02151ca44ae54b4b8af
Certificate serial: 01856F1DA0D2C610DC34B82D26A24D882A33
Authority key identifier: 52:32:D4:4D:9E:08:C8:73:DB:35:C0:21:51:CA:44:AE:54:B4:B8:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UjLUTZ4IyHPbNcAhUcpErlS0uK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/8b400d-1e8e-40da-b1d6-a6541ceb1e43/1/QdixeSX4hy8xz2ylD7ux27CkV3k.roa
Signing time: Sun 01 Jan 2023 20:54:50 +0000
ROA not before: Sun 01 Jan 2023 20:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208989
IP address blocks: 45.12.8.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:a0:d2:c6:10:dc:34:b8:2d:26:a2:4d:88:2a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5232d44d9e08c873db35c02151ca44ae54b4b8af
Validity
Not Before: Jan 1 20:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41d8b17925f8872f31cf6ca50fbbb1dbb0a45779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a9:a1:61:6c:38:1d:ba:d6:c3:fd:e5:58:69:
a5:52:b6:83:01:4c:24:bf:ef:da:5f:f4:27:d8:d5:
e0:8e:e8:3e:7f:ac:2b:ea:70:9c:fd:b8:0c:94:e9:
03:d2:fb:9d:ce:37:56:43:78:4f:b4:3a:c2:ca:3f:
f7:98:d0:92:4e:88:e3:79:09:12:71:be:f9:a6:cd:
7c:91:a1:33:fa:03:98:44:4c:a2:cc:5f:1f:c7:9e:
f8:09:1b:58:6b:1c:0a:bc:83:9e:95:7f:9d:30:69:
0c:41:cd:37:b7:63:8e:f7:79:92:62:5a:33:88:85:
14:f5:2b:84:c2:47:18:d2:5f:c8:52:f3:f4:5c:f2:
68:de:42:e2:28:dc:e2:a7:0d:a1:27:8b:4e:a0:9d:
dd:89:9c:f3:9f:fd:b6:a0:de:89:6e:7c:1f:1f:e2:
fa:5a:50:0b:47:ac:4f:18:37:61:43:28:ee:20:a4:
7d:12:3c:ad:04:65:9d:61:c8:7b:08:5a:81:af:a5:
06:f8:ce:03:fa:1f:d3:56:07:19:6e:1f:1d:a3:cf:
80:2c:b2:9f:5f:86:c9:92:eb:5f:e6:41:71:c7:00:
40:a9:db:55:16:0f:8c:ae:4d:c8:51:6e:2e:b0:ed:
fc:fc:1c:24:b2:81:14:20:af:65:2b:74:fc:1f:74:
e0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D8:B1:79:25:F8:87:2F:31:CF:6C:A5:0F:BB:B1:DB:B0:A4:57:79
X509v3 Authority Key Identifier:
keyid:52:32:D4:4D:9E:08:C8:73:DB:35:C0:21:51:CA:44:AE:54:B4:B8:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UjLUTZ4IyHPbNcAhUcpErlS0uK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8b400d-1e8e-40da-b1d6-a6541ceb1e43/1/QdixeSX4hy8xz2ylD7ux27CkV3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8b400d-1e8e-40da-b1d6-a6541ceb1e43/1/UjLUTZ4IyHPbNcAhUcpErlS0uK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:4e:06:01:41:aa:48:4c:41:96:8f:a4:a8:53:51:4d:9b:b0:
14:2f:36:11:f8:c9:04:33:90:d1:31:77:b3:a2:30:02:83:ba:
f4:27:00:07:0b:6d:73:fb:db:89:55:ab:39:86:cb:95:9e:48:
5b:3a:7d:d7:d4:8a:94:fc:0a:de:c8:08:2b:8d:94:19:99:4c:
fd:b8:c2:e2:8d:34:cf:56:c0:e1:e6:4c:26:0c:8f:1a:19:ca:
41:9b:b8:51:ff:dd:7f:78:da:ec:5c:7f:4a:0b:ac:ac:5e:cb:
7c:db:62:da:a3:eb:65:9d:7d:4e:7b:bc:9a:54:7e:24:bc:53:
47:d0:15:e7:50:78:72:31:1b:03:be:08:a1:fb:bd:77:69:e2:
98:1a:63:f0:fd:b2:8a:e1:71:f4:8d:2c:8d:94:95:aa:ff:21:
6d:20:f8:68:6f:12:07:39:c3:cc:18:d5:e4:23:77:eb:8e:1f:
5d:83:46:d5:4f:2a:b6:1f:ce:a4:c7:af:35:a1:33:9b:f7:30:
8a:3d:53:23:43:9d:b1:af:d8:60:86:f4:80:51:b8:57:d6:02:
6d:5e:a6:4a:83:82:af:d1:ea:04:ac:4d:2d:a2:4b:c7:6e:a1:
a9:3d:f6:c7:19:58:3a:8f:39:1c:2e:ab:98:8a:73:4e:72:bf:
09:30:04:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHaDSxhDcNLgtJqJNiCozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMzJkNDRkOWUwOGM4NzNkYjM1YzAyMTUxY2E0NGFlNTRi
NGI4YWYwHhcNMjMwMTAxMjA1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ4YjE3OTI1Zjg4NzJmMzFjZjZjYTUwZmJiYjFkYmIwYTQ1Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKmhYWw4HbrWw/3lWGmlUraDAUwk
v+/aX/Qn2NXgjug+f6wr6nCc/bgMlOkD0vudzjdWQ3hPtDrCyj/3mNCSTojjeQkS
cb75ps18kaEz+gOYREyizF8fx574CRtYaxwKvIOelX+dMGkMQc03t2OO93mSYloz
iIUU9SuEwkcY0l/IUvP0XPJo3kLiKNzipw2hJ4tOoJ3diZzzn/22oN6JbnwfH+L6
WlALR6xPGDdhQyjuIKR9EjytBGWdYch7CFqBr6UG+M4D+h/TVgcZbh8do8+ALLKf
X4bJkutf5kFxxwBAqdtVFg+Mrk3IUW4usO38/BwksoEUIK9lK3T8H3TgQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHYsXkl+IcvMc9spQ+7sduwpFd5MB8GA1UdIwQY
MBaAFFIy1E2eCMhz2zXAIVHKRK5UtLivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWpMVVRaNEl5SFBiTmNBaFVjcEVybFMwdUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84YjQwMGQtMWU4ZS00MGRhLWIxZDYt
YTY1NDFjZWIxZTQzLzEvUWRpeGVTWDRoeTh4ejJ5bEQ3dXgyN0NrVjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84YjQwMGQtMWU4ZS00MGRhLWIxZDYtYTY1NDFjZWIxZTQz
LzEvVWpMVVRaNEl5SFBiTmNBaFVjcEVybFMwdUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQwIMA0G
CSqGSIb3DQEBCwUAA4IBAQBMTgYBQapITEGWj6SoU1FNm7AULzYR+MkEM5DRMXez
ojACg7r0JwAHC21z+9uJVas5hsuVnkhbOn3X1IqU/AreyAgrjZQZmUz9uMLijTTP
VsDh5kwmDI8aGcpBm7hR/91/eNrsXH9KC6ysXst822Lao+tlnX1Oe7yaVH4kvFNH
0BXnUHhyMRsDvgih+713aeKYGmPw/bKK4XH0jSyNlJWq/yFtIPhobxIHOcPMGNXk
I3frjh9dg0bVTyq2H86kx681oTOb9zCKPVMjQ52xr9hghvSAUbhX1gJtXqZKg4Kv
0eoErE0tokvHbqGpPfbHGVg6jzkcLquYinNOcr8JMARh
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:14 2024 by rpki-client on console.sobornost.net