Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/lMAs9kIFsrUA5ptOd812ehOerHg.roa
File: lMAs9kIFsrUA5ptOd812ehOerHg.roa (raw, json)
Hash identifier: e0eEiN7lZBYQ4z8XxDkJ372witJ8zYCwmIUmJViCeSk=
Subject key identifier: 94:C0:2C:F6:42:05:B2:B5:00:E6:9B:4E:77:CD:76:7A:13:9E:AC:78
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 0189DF3FF5C6B13D2EC0EAB2910907308918
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/lMAs9kIFsrUA5ptOd812ehOerHg.roa
Signing time: Thu 10 Aug 2023 11:40:58 +0000
ROA not before: Thu 10 Aug 2023 11:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39801
IP address blocks: 45.146.32.0/22 maxlen: 24
77.95.68.0/23 maxlen: 24
2a00:a4c0:c000::/36 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:3f:f5:c6:b1:3d:2e:c0:ea:b2:91:09:07:30:89:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Aug 10 11:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94c02cf64205b2b500e69b4e77cd767a139eac78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a5:99:8a:c2:f0:76:14:31:41:9b:c9:26:ba:
de:59:41:5b:a2:94:4f:2b:ca:92:38:e7:a4:b8:29:
05:cc:b7:be:8c:7c:26:9a:b7:40:b6:1d:73:60:68:
9e:36:7a:6f:67:4a:81:25:8e:60:22:3e:ac:fe:64:
1b:87:7f:8b:83:aa:ac:92:a9:cb:6a:25:66:cc:2d:
0f:f2:86:b1:ea:69:0e:3a:e0:e7:b5:55:77:de:09:
d0:0f:6f:01:bc:da:79:41:dc:5c:49:8a:b1:4c:40:
c6:1f:0d:00:dc:d2:5b:19:62:83:05:df:48:89:cd:
a7:18:d2:5d:fe:36:0a:b2:8f:e1:41:e7:d6:c9:77:
e4:19:d1:a6:c2:22:90:c7:eb:b0:b2:f5:10:32:98:
14:69:21:80:b1:d2:69:e8:1c:2d:3a:30:e8:36:c4:
0e:8b:10:42:25:d3:f7:41:2e:9a:75:ed:c6:9a:f6:
7d:1d:af:5c:c3:f2:5e:77:69:c8:f5:19:74:19:73:
4f:58:01:e7:fd:05:d2:ea:18:4e:4d:0f:59:36:57:
4e:08:9c:3f:a2:09:bd:fe:04:50:37:fa:47:cc:35:
f2:ae:c5:d3:e6:f8:90:78:2f:42:fc:8d:17:40:30:
de:10:1d:bb:0e:4e:07:39:f8:17:27:b1:02:f2:20:
91:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C0:2C:F6:42:05:B2:B5:00:E6:9B:4E:77:CD:76:7A:13:9E:AC:78
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/lMAs9kIFsrUA5ptOd812ehOerHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.32.0/22
77.95.68.0/23
IPv6:
2a00:a4c0:c000::/36
Signature Algorithm: sha256WithRSAEncryption
16:14:24:fb:8f:cd:31:65:c2:70:c3:56:c9:ae:23:1c:64:4a:
c5:ba:a1:46:d6:02:44:21:05:c9:cb:0d:fc:80:68:ae:40:e3:
0d:ac:3f:a8:16:5a:c6:83:c8:cc:dd:30:ff:de:87:35:5e:15:
38:af:87:77:da:f0:1e:72:ac:6c:fa:60:d3:47:2e:34:d3:d5:
b6:3e:08:d4:80:54:af:ea:c3:85:79:16:cc:16:f3:05:7a:7c:
de:1b:8e:5a:b0:d9:1e:9f:43:cd:1d:3c:78:fe:b1:60:5f:ed:
0e:b1:e3:bd:be:8c:ea:f9:53:96:5c:8b:60:7c:a3:4f:23:ca:
ba:bd:ba:a3:78:a3:92:a8:ab:67:7f:94:c3:ce:d2:36:f3:dc:
3d:a5:12:22:ed:f3:56:12:86:00:24:ef:e3:b3:e4:e8:12:6d:
5c:69:38:fd:81:5c:43:7b:69:e6:92:12:47:85:7e:47:c0:8f:
cb:64:f4:5a:94:d9:af:fa:fe:c1:57:ed:07:c5:82:a4:4c:9d:
2d:88:63:61:71:bb:63:03:84:0a:2b:c3:d8:31:23:e6:45:24:
41:c1:e3:51:7b:57:31:59:72:d8:51:11:9d:18:e6:46:9d:93:
51:7d:48:10:b3:81:e8:95:6d:2c:63:76:68:2e:ba:09:e2:f4:
ae:82:d0:4a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYnfP/XGsT0uwOqykQkHMIkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjMwODEwMTE0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGMwMmNmNjQyMDViMmI1MDBlNjliNGU3N2NkNzY3YTEzOWVhYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKWZisLwdhQxQZvJJrreWUFbopRP
K8qSOOekuCkFzLe+jHwmmrdAth1zYGieNnpvZ0qBJY5gIj6s/mQbh3+Lg6qskqnL
aiVmzC0P8oax6mkOOuDntVV33gnQD28BvNp5QdxcSYqxTEDGHw0A3NJbGWKDBd9I
ic2nGNJd/jYKso/hQefWyXfkGdGmwiKQx+uwsvUQMpgUaSGAsdJp6BwtOjDoNsQO
ixBCJdP3QS6ade3GmvZ9Ha9cw/Jed2nI9Rl0GXNPWAHn/QXS6hhOTQ9ZNldOCJw/
ogm9/gRQN/pHzDXyrsXT5viQeC9C/I0XQDDeEB27Dk4HOfgXJ7EC8iCRQwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJTALPZCBbK1AOabTnfNdnoTnqx4MB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvbE1BczlrSUZzclVBNXB0T2Q4MTJlaE9lckhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCLZIgAwQB
TV9EMA4EAgACMAgDBgQqAKTAwDANBgkqhkiG9w0BAQsFAAOCAQEAFhQk+4/NMWXC
cMNWya4jHGRKxbqhRtYCRCEFycsN/IBorkDjDaw/qBZaxoPIzN0w/96HNV4VOK+H
d9rwHnKsbPpg00cuNNPVtj4I1IBUr+rDhXkWzBbzBXp83huOWrDZHp9DzR08eP6x
YF/tDrHjvb6M6vlTllyLYHyjTyPKur26o3ijkqirZ3+Uw87SNvPcPaUSIu3zVhKG
ACTv47Pk6BJtXGk4/YFcQ3tp5pISR4V+R8CPy2T0WpTZr/r+wVftB8WCpEydLYhj
YXG7YwOECivD2DEj5kUkQcHjUXtXMVly2FERnRjmRp2TUX1IELOB6JVtLGN2aC66
CeL0roLQSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:37 2024 by rpki-client on console-fra.rpki-client.org