Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/mFtWK-gp1J5x5U7VdLhixtct1FM.roa
File: mFtWK-gp1J5x5U7VdLhixtct1FM.roa (raw, json)
Hash identifier: P2UXw8bqARb0qNCIu9Y+QlJrnq4fKRIZOl2r+Psf9ls=
Subject key identifier: 98:5B:56:2B:E8:29:D4:9E:71:E5:4E:D5:74:B8:62:C6:D7:2D:D4:53
Certificate issuer: /CN=a1d71853324eb060fbafc988233860499c96c53a
Certificate serial: 018892CCC032911AB8C2208573D9F3320EBA
Authority key identifier: A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/mFtWK-gp1J5x5U7VdLhixtct1FM.roa
Signing time: Tue 06 Jun 2023 22:21:12 +0000
ROA not before: Tue 06 Jun 2023 22:21:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.148.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Jun 2023 09:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:92:cc:c0:32:91:1a:b8:c2:20:85:73:d9:f3:32:0e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d71853324eb060fbafc988233860499c96c53a
Validity
Not Before: Jun 6 22:21:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=985b562be829d49e71e54ed574b862c6d72dd453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:07:a5:a6:c8:69:0d:e7:98:b5:fa:c8:2e:62:
70:14:36:a2:e4:48:35:1f:32:c1:81:c7:e8:8b:b7:
82:61:f0:0b:28:91:76:ae:c2:57:29:46:7f:53:c0:
88:1a:6e:d2:ed:60:c6:cd:69:bf:d1:df:dd:82:f1:
be:5c:fc:89:cd:02:31:78:14:ec:b3:6c:b4:4b:5c:
c3:22:53:dd:84:82:90:0f:f2:1a:6a:e1:5e:b3:b8:
6d:d5:06:15:f9:2d:2d:1e:46:11:aa:8e:b3:82:24:
96:7c:e5:7d:dd:8b:ee:e3:51:ed:cd:10:21:79:10:
9a:76:a6:59:22:d4:42:37:3a:db:e1:5f:0d:88:20:
13:15:7f:62:f0:15:0d:f4:c0:5c:55:f4:bf:69:77:
ce:a2:cb:e2:3c:84:a5:76:ba:40:1b:dd:d7:0b:d5:
45:32:a7:86:77:d1:06:aa:ce:1a:d9:78:c4:0a:69:
dd:5c:a7:74:ce:41:32:9b:cd:79:20:43:bd:80:c3:
7a:71:23:90:ad:fb:5a:57:99:2a:11:40:ce:e3:a8:
48:d4:bf:1b:c1:3c:c9:fa:d1:28:88:b5:08:0e:3d:
3f:c6:db:97:7e:7f:11:9e:49:4a:9a:c7:ff:e5:1a:
99:4b:f9:6c:0a:ed:f3:d5:16:58:16:07:37:79:c4:
45:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5B:56:2B:E8:29:D4:9E:71:E5:4E:D5:74:B8:62:C6:D7:2D:D4:53
X509v3 Authority Key Identifier:
keyid:A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/mFtWK-gp1J5x5U7VdLhixtct1FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.135.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:32:17:c0:9d:00:28:fa:d1:9c:f1:ee:ed:ef:b0:15:a1:d3:
45:a8:42:38:0f:51:d8:ab:fb:12:0d:e4:0b:ac:0c:6f:d1:25:
55:c0:bb:93:0f:eb:37:10:b1:a2:16:a2:60:32:6e:b5:0a:fe:
3d:63:f0:d7:04:26:64:22:14:80:c3:ac:00:3f:2e:62:4f:c1:
83:fa:d1:6f:7a:4f:72:ac:69:ff:c4:5f:65:1b:4c:8c:4e:db:
97:35:84:d2:d5:d5:a1:51:56:f4:bf:82:54:cb:67:d8:0b:65:
b6:37:88:29:6e:c3:1b:94:1a:e5:01:e7:aa:e5:ad:41:a1:72:
fd:b6:56:cb:b8:9a:71:08:16:e4:33:2b:1e:30:4a:ea:bf:4d:
8d:87:3c:ec:6e:8d:49:df:34:a3:01:2e:f6:2a:08:cc:c5:6b:
ad:cc:02:04:47:6b:d6:83:19:b8:6f:b7:dd:46:9e:8b:37:c4:
de:6c:6c:d2:c2:26:88:96:ff:54:20:eb:ea:28:3a:08:5d:ce:
ce:71:c3:96:14:d7:8a:17:3a:a6:fc:f7:d1:8f:d4:5d:03:b1:
d8:d8:e4:14:19:89:bd:31:d1:7d:dd:7d:0b:63:42:cb:03:84:
a4:32:5b:88:de:9b:af:dc:52:6e:87:ca:42:96:93:6f:da:f4:
a7:8b:96:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiSzMAykRq4wiCFc9nzMg66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDcxODUzMzI0ZWIwNjBmYmFmYzk4ODIzMzg2MDQ5OWM5
NmM1M2EwHhcNMjMwNjA2MjIyMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODViNTYyYmU4MjlkNDllNzFlNTRlZDU3NGI4NjJjNmQ3MmRkNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7welpshpDeeYtfrILmJwFDai5Eg1
HzLBgcfoi7eCYfALKJF2rsJXKUZ/U8CIGm7S7WDGzWm/0d/dgvG+XPyJzQIxeBTs
s2y0S1zDIlPdhIKQD/IaauFes7ht1QYV+S0tHkYRqo6zgiSWfOV93Yvu41HtzRAh
eRCadqZZItRCNzrb4V8NiCATFX9i8BUN9MBcVfS/aXfOosviPISldrpAG93XC9VF
MqeGd9EGqs4a2XjECmndXKd0zkEym815IEO9gMN6cSOQrftaV5kqEUDO46hI1L8b
wTzJ+tEoiLUIDj0/xtuXfn8RnklKmsf/5RqZS/lsCu3z1RZYFgc3ecRF7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhbVivoKdSeceVO1XS4YsbXLdRTMB8GA1UdIwQY
MBaAFKHXGFMyTrBg+6/JiCM4YEmclsU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUt
NzA2MTM1NmJlZjFiLzEvbUZ0V0stZ3AxSjV4NVU3VmRMaGl4dGN0MUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUtNzA2MTM1NmJlZjFi
LzEvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZSHMA0G
CSqGSIb3DQEBCwUAA4IBAQCPMhfAnQAo+tGc8e7t77AVodNFqEI4D1HYq/sSDeQL
rAxv0SVVwLuTD+s3ELGiFqJgMm61Cv49Y/DXBCZkIhSAw6wAPy5iT8GD+tFvek9y
rGn/xF9lG0yMTtuXNYTS1dWhUVb0v4JUy2fYC2W2N4gpbsMblBrlAeeq5a1BoXL9
tlbLuJpxCBbkMyseMErqv02Nhzzsbo1J3zSjAS72KgjMxWutzAIER2vWgxm4b7fd
Rp6LN8TebGzSwiaIlv9UIOvqKDoIXc7OccOWFNeKFzqm/PfRj9RdA7HY2OQUGYm9
MdF93X0LY0LLA4SkMluI3puv3FJuh8pClpNv2vSni5ZP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:51 2024 by rpki-client on console-fra.rpki-client.org