Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Qi1z21Wx23vuHTS-7E7kIvAtFEE.roa
File: Qi1z21Wx23vuHTS-7E7kIvAtFEE.roa (raw, json)
Hash identifier: IM+DJ1z5GB6PWVu1jYY4gJJVHEA1/P4hXXDz0Lv8r0o=
Subject key identifier: 42:2D:73:DB:55:B1:DB:7B:EE:1D:34:BE:EC:4E:E4:22:F0:2D:14:41
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 018CC87004B1C4584E366C022A8C5BB4F2E8
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Qi1z21Wx23vuHTS-7E7kIvAtFEE.roa
Signing time: Tue 02 Jan 2024 04:30:33 +0000
ROA not before: Tue 02 Jan 2024 04:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58026
IP address blocks: 65.111.0.0/19 maxlen: 19
104.207.32.0/19 maxlen: 19
45.78.80.0/20 maxlen: 20
45.3.32.0/19 maxlen: 19
Validation: Failed, certificate revoked on Fri 01 Mar 2024 10:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:04:b1:c4:58:4e:36:6c:02:2a:8c:5b:b4:f2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Jan 2 04:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=422d73db55b1db7bee1d34beec4ee422f02d1441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:11:fe:9b:73:8e:30:b7:5b:b7:df:9e:4e:5f:
5e:5b:4f:d2:78:93:1c:7b:f3:60:92:a4:80:fd:d5:
76:b0:a3:e0:e2:f6:4e:49:c0:0a:e5:cf:22:21:9f:
dd:58:a8:c8:b5:c6:1b:a4:dc:2b:bb:b0:c6:80:a9:
09:31:d3:3c:68:7e:98:a4:7e:69:8d:73:23:aa:04:
a5:3a:6b:57:92:ca:9b:5e:16:c9:79:22:ea:61:f2:
6d:b0:6d:aa:64:cf:24:d0:0c:ec:fc:88:2e:85:65:
c9:90:7f:e6:2d:96:10:8e:33:94:bb:3b:c2:c4:82:
a7:ac:18:71:26:70:58:99:14:f4:da:1b:fa:1d:1e:
04:0d:bf:e9:61:9b:64:ca:ad:68:77:48:da:78:f3:
22:22:72:e5:60:d1:c5:61:06:af:bb:12:f0:b3:5e:
45:ed:75:ba:77:a8:3c:7e:16:7d:50:9f:f7:ff:14:
6a:bb:06:88:c9:f3:64:aa:7b:31:d1:3b:e6:9a:9e:
7f:10:e0:ac:70:f9:f2:34:c1:5e:f7:d6:e0:59:ee:
16:e5:25:2e:af:6d:7c:6c:86:81:88:03:1f:be:d2:
93:35:6f:53:5d:f5:59:b3:24:a1:43:22:04:50:18:
08:46:80:da:b9:c5:ad:a0:30:34:a6:e6:0f:28:c6:
42:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2D:73:DB:55:B1:DB:7B:EE:1D:34:BE:EC:4E:E4:22:F0:2D:14:41
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Qi1z21Wx23vuHTS-7E7kIvAtFEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0/19
45.78.80.0/20
65.111.0.0/19
104.207.32.0/19
Signature Algorithm: sha256WithRSAEncryption
27:b7:53:29:74:d6:1f:ec:74:88:90:79:6e:8f:8b:38:f7:73:
24:97:1e:90:4e:17:10:3a:4d:17:8e:aa:c5:14:44:e0:99:e1:
a6:a3:0c:73:00:83:d1:89:16:e4:02:8b:b4:1b:95:33:0f:38:
ad:a0:71:58:44:fb:4b:d4:fa:6e:b7:26:09:21:a6:66:92:98:
a0:35:c7:1c:e0:27:e0:1c:5c:d9:84:12:e7:5e:02:54:0d:d5:
d4:56:36:ed:41:d9:17:c7:d8:34:6c:20:ff:5b:f8:79:70:84:
0a:76:ae:e4:d7:e9:a5:63:9c:1f:93:98:4d:fb:d2:ef:b8:f7:
64:83:f1:03:55:96:69:0f:7f:0a:27:4a:39:a1:74:0d:e3:85:
52:3c:55:e4:0a:4f:94:16:98:98:7f:dc:67:82:2f:2c:d3:6b:
f7:98:45:a9:69:9e:16:a3:b6:31:62:cd:18:84:c8:98:23:59:
4a:9b:d8:2c:6e:7b:3f:b8:16:51:9f:34:34:1b:9b:22:28:84:
e5:0c:b5:fa:b5:11:59:b5:2c:2d:3e:7f:f7:ce:7b:0a:24:02:
a4:c1:b0:79:fb:92:0f:e8:b5:cc:b6:3e:c0:29:18:1f:f9:ee:
e9:b0:9d:1d:01:89:be:ad:f6:0a:44:d3:ce:0c:d3:82:12:cf:
f5:84:28:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIcASxxFhONmwCKoxbtPLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjQwMTAyMDQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjJkNzNkYjU1YjFkYjdiZWUxZDM0YmVlYzRlZTQyMmYwMmQxNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBH+m3OOMLdbt9+eTl9eW0/SeJMc
e/NgkqSA/dV2sKPg4vZOScAK5c8iIZ/dWKjItcYbpNwru7DGgKkJMdM8aH6YpH5p
jXMjqgSlOmtXksqbXhbJeSLqYfJtsG2qZM8k0Azs/IguhWXJkH/mLZYQjjOUuzvC
xIKnrBhxJnBYmRT02hv6HR4EDb/pYZtkyq1od0jaePMiInLlYNHFYQavuxLws15F
7XW6d6g8fhZ9UJ/3/xRquwaIyfNkqnsx0Tvmmp5/EOCscPnyNMFe99bgWe4W5SUu
r218bIaBiAMfvtKTNW9TXfVZsyShQyIEUBgIRoDaucWtoDA0puYPKMZCeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEItc9tVsdt77h00vuxO5CLwLRRBMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvUWkxejIxV3gyM3Z1SFRTLTdFN2tJdkF0RkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFLQMgAwQE
LU5QAwQFQW8AAwQFaM8gMA0GCSqGSIb3DQEBCwUAA4IBAQAnt1MpdNYf7HSIkHlu
j4s493Mklx6QThcQOk0XjqrFFETgmeGmowxzAIPRiRbkAou0G5UzDzitoHFYRPtL
1PputyYJIaZmkpigNccc4CfgHFzZhBLnXgJUDdXUVjbtQdkXx9g0bCD/W/h5cIQK
dq7k1+mlY5wfk5hN+9LvuPdkg/EDVZZpD38KJ0o5oXQN44VSPFXkCk+UFpiYf9xn
gi8s02v3mEWpaZ4Wo7YxYs0YhMiYI1lKm9gsbns/uBZRnzQ0G5siKITlDLX6tRFZ
tSwtPn/3znsKJAKkwbB5+5IP6LXMtj7AKRgf+e7psJ0dAYm+rfYKRNPODNOCEs/1
hCj+
-----END CERTIFICATE-----
Generated at Fri Mar 1 14:52:56 2024 by rpki-client on console.sobornost.net