Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Qai_QDULJfK2Q_bFpa7pTuAZb24.roa
File: Qai_QDULJfK2Q_bFpa7pTuAZb24.roa (raw, json)
Hash identifier: qqhvNwe4AIfCCZbmyZyEcK444BLy9bKXAqna+xXKq90=
Subject key identifier: 41:A8:BF:40:35:0B:25:F2:B6:43:F6:C5:A5:AE:E9:4E:E0:19:6F:6E
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01969FE9047C2C4440E24CD52E59270ACAB1
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Qai_QDULJfK2Q_bFpa7pTuAZb24.roa
Signing time: Mon 05 May 2025 10:06:10 +0000
ROA not before: Mon 05 May 2025 10:06:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26210
IP address blocks: 45.145.132.0/24 maxlen: 24
45.145.133.0/24 maxlen: 24
45.145.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 12:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:e9:04:7c:2c:44:40:e2:4c:d5:2e:59:27:0a:ca:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 5 10:06:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41a8bf40350b25f2b643f6c5a5aee94ee0196f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d9:2a:b8:e9:05:fa:3f:37:3f:f4:47:58:ac:
cc:8d:18:af:de:26:fc:fb:17:c3:53:d5:0a:c8:54:
df:8a:d6:be:7c:70:c1:7b:9e:25:83:96:9f:ef:5e:
26:40:32:af:bb:10:00:46:78:00:16:12:bc:43:5e:
f5:ec:88:ef:49:ed:71:a6:f2:0d:09:f8:cc:8b:5d:
e0:d7:17:d9:bf:a6:57:d9:0d:3a:c2:90:f1:a0:2c:
3e:34:75:97:58:2e:2a:b7:94:d4:b3:55:06:52:b9:
b0:e6:9a:77:04:d5:1e:59:41:ef:7b:c7:2e:0f:f1:
d2:04:55:7a:fc:9f:41:2d:1e:1b:89:0c:58:98:a4:
e6:3b:2f:02:b8:64:3d:e5:85:9a:a6:66:b0:21:28:
ef:5d:73:e2:7d:33:35:9a:e7:e0:86:a3:7a:e2:5a:
bc:78:d2:fb:2b:cf:00:19:1a:3d:9b:65:fe:1f:67:
1e:83:74:41:c2:25:06:10:4d:2f:ef:03:c8:40:4e:
fd:13:45:88:9b:b7:65:b0:09:bd:58:9b:15:53:33:
4e:25:2e:c1:83:01:0b:f0:1e:87:6b:cf:64:39:3c:
09:63:7a:a5:f9:b5:63:10:81:4f:61:cc:cf:59:c9:
c3:06:e1:5c:1e:83:db:17:55:fa:50:33:f2:6d:18:
66:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A8:BF:40:35:0B:25:F2:B6:43:F6:C5:A5:AE:E9:4E:E0:19:6F:6E
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Qai_QDULJfK2Q_bFpa7pTuAZb24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.132.0-45.145.134.255
Signature Algorithm: sha256WithRSAEncryption
73:8f:8d:e9:92:68:6f:c6:e6:7e:67:84:f0:6d:c6:93:4f:b9:
c4:14:14:ec:51:62:e7:63:aa:6b:29:0a:39:21:45:10:aa:c2:
84:2d:01:42:0a:dd:b6:76:67:a1:c9:63:66:b4:37:62:6b:c1:
55:96:a5:73:0f:54:d5:b4:5d:2a:0a:77:43:7a:1c:55:ac:48:
9c:e5:a4:5c:a1:9a:04:61:7f:fd:d1:87:9f:03:16:90:2b:1e:
95:39:91:e0:61:36:81:14:9d:72:b9:fa:07:53:f8:bc:b9:0b:
8d:05:b0:3c:26:cd:b4:81:5f:9e:5a:8c:52:23:81:19:ad:8a:
5f:5a:a2:0d:01:26:8e:91:28:74:c9:52:4f:58:1a:3b:cd:92:
3a:0e:bf:6e:65:63:46:f7:14:05:2a:25:9c:3b:56:21:f7:19:
5d:49:38:12:aa:23:a6:cc:eb:87:df:5e:8d:7f:af:2a:f2:3a:
f2:1b:4d:3c:56:ba:5c:80:25:db:ac:e0:7a:da:34:dd:02:4b:
5d:a9:5d:cb:fb:5c:5e:8e:cf:aa:1f:c0:c5:8f:50:80:a5:8e:
2d:17:c8:d8:4f:44:ce:2b:f2:95:32:6e:46:56:ce:ed:27:5c:
fb:6f:34:90:31:c2:87:20:74:28:4c:42:f9:48:3d:85:8c:c5:
2c:33:15:99
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZaf6QR8LERA4kzVLlknCsqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNTA1MTAwNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE4YmY0MDM1MGIyNWYyYjY0M2Y2YzVhNWFlZTk0ZWUwMTk2ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdkquOkF+j83P/RHWKzMjRiv3ib8
+xfDU9UKyFTfita+fHDBe54lg5af714mQDKvuxAARngAFhK8Q1717IjvSe1xpvIN
CfjMi13g1xfZv6ZX2Q06wpDxoCw+NHWXWC4qt5TUs1UGUrmw5pp3BNUeWUHve8cu
D/HSBFV6/J9BLR4biQxYmKTmOy8CuGQ95YWapmawISjvXXPifTM1mufghqN64lq8
eNL7K88AGRo9m2X+H2ceg3RBwiUGEE0v7wPIQE79E0WIm7dlsAm9WJsVUzNOJS7B
gwEL8B6Ha89kOTwJY3ql+bVjEIFPYczPWcnDBuFcHoPbF1X6UDPybRhmLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEGov0A1CyXytkP2xaWu6U7gGW9uMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvUWFpX1FEVUxKZksyUV9iRnBhN3BUdUFaYjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItkYQD
BAAtkYYwDQYJKoZIhvcNAQELBQADggEBAHOPjemSaG/G5n5nhPBtxpNPucQUFOxR
YudjqmspCjkhRRCqwoQtAUIK3bZ2Z6HJY2a0N2JrwVWWpXMPVNW0XSoKd0N6HFWs
SJzlpFyhmgRhf/3Rh58DFpArHpU5keBhNoEUnXK5+gdT+Ly5C40FsDwmzbSBX55a
jFIjgRmtil9aog0BJo6RKHTJUk9YGjvNkjoOv25lY0b3FAUqJZw7ViH3GV1JOBKq
I6bM64ffXo1/ryryOvIbTTxWulyAJdus4HraNN0CS12pXcv7XF6Oz6ofwMWPUICl
ji0XyNhPRM4r8pUybkZWzu0nXPtvNJAxwocgdChMQvlIPYWMxSwzFZk=
-----END CERTIFICATE-----
Generated at Sun May 11 22:28:11 2025 by rpki-client