Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/MGKWk-YPW77fAf7aP7v9iwT9FcM.roa
File: MGKWk-YPW77fAf7aP7v9iwT9FcM.roa (raw, json)
Hash identifier: AUKolVNef+B2sb78b/tXMPksLYVmRY9otrI5ItPxWTo=
Subject key identifier: 30:62:96:93:E6:0F:5B:BE:DF:01:FE:DA:3F:BB:FD:8B:04:FD:15:C3
Certificate issuer: /CN=bda1e55f744e1412bd753fd277b77408dcdf8cb4
Certificate serial: 01919E3730B6EFFC4496058E44D74CF606AE
Authority key identifier: BD:A1:E5:5F:74:4E:14:12:BD:75:3F:D2:77:B7:74:08:DC:DF:8C:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/MGKWk-YPW77fAf7aP7v9iwT9FcM.roa
Signing time: Thu 29 Aug 2024 12:58:22 +0000
ROA not before: Thu 29 Aug 2024 12:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44377
IP address blocks: 45.137.248.0/22 maxlen: 24
45.143.216.0/22 maxlen: 24
77.81.160.0/22 maxlen: 24
92.242.224.0/19 maxlen: 24
185.121.200.0/22 maxlen: 24
193.19.220.0/22 maxlen: 24
2a13:ca80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:37:30:b6:ef:fc:44:96:05:8e:44:d7:4c:f6:06:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda1e55f744e1412bd753fd277b77408dcdf8cb4
Validity
Not Before: Aug 29 12:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30629693e60f5bbedf01feda3fbbfd8b04fd15c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:95:2c:92:91:69:cc:b4:f2:b3:4f:af:d3:04:
a4:eb:ad:ba:e1:52:59:64:c3:d2:eb:74:32:c3:6c:
52:2d:d0:86:83:78:9b:f2:e9:b6:1f:23:01:d1:67:
8d:af:99:4c:d1:90:24:51:c7:39:d2:22:41:65:b3:
5b:68:71:08:40:51:30:58:68:b2:32:95:2c:1b:e3:
c1:12:71:6b:74:44:d6:ea:35:4c:51:77:93:8f:80:
61:5d:f4:50:21:6f:d3:6c:99:a1:12:72:61:49:ec:
aa:88:ec:79:75:43:1b:87:ec:d2:44:cf:af:d0:e3:
79:a8:98:d0:54:b8:ce:32:dd:29:9e:db:6a:85:cb:
ad:59:32:f3:02:20:2c:3c:30:e6:c6:56:9b:89:6b:
e7:e1:79:27:2b:90:df:d6:5e:3f:91:27:a8:f8:57:
f7:93:c1:7a:0b:7f:6e:2e:d5:7c:32:8e:76:5f:84:
f7:87:7d:6f:9c:01:1f:da:d3:fe:5d:fe:fd:a1:2e:
98:fb:a0:27:b4:1f:93:d2:01:9f:c2:ae:80:05:22:
37:57:6f:78:cd:2c:21:a1:44:ad:5e:ef:48:07:e5:
12:e8:84:b6:34:f1:7d:83:05:f6:64:34:0d:01:5c:
ba:16:c1:91:17:e7:df:cb:4b:93:80:7f:55:e4:43:
d8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:62:96:93:E6:0F:5B:BE:DF:01:FE:DA:3F:BB:FD:8B:04:FD:15:C3
X509v3 Authority Key Identifier:
keyid:BD:A1:E5:5F:74:4E:14:12:BD:75:3F:D2:77:B7:74:08:DC:DF:8C:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/MGKWk-YPW77fAf7aP7v9iwT9FcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.248.0/22
45.143.216.0/22
77.81.160.0/22
92.242.224.0/19
185.121.200.0/22
193.19.220.0/22
IPv6:
2a13:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
49:63:da:78:f9:c1:3f:1f:47:da:d1:98:10:cb:9d:f4:4a:d0:
69:a0:ef:31:18:59:0e:25:6e:bd:71:74:fe:48:15:1e:ef:59:
8f:89:f0:3f:7b:c3:23:3f:b6:b3:73:7c:64:38:a9:17:96:f6:
8f:ec:2c:99:7f:d2:56:52:fa:9c:95:14:49:46:cb:63:0b:cd:
06:46:71:93:fc:6a:88:05:97:81:be:e0:76:40:9e:8f:cf:6f:
d9:69:2c:4e:7b:9f:4b:5e:f6:af:d9:42:6b:82:38:54:b7:8a:
0b:eb:b3:57:10:b8:4b:b4:82:00:86:72:fa:35:ad:14:f3:11:
02:9c:99:94:d7:d8:d3:94:94:31:58:ca:08:14:ee:09:3c:4f:
1d:bc:58:e9:67:0a:03:a5:12:d9:16:cc:6a:c3:d5:92:6c:e2:
78:6e:75:0a:09:cc:3c:33:20:ef:c9:7e:9a:a1:4d:9d:f0:90:
7b:f1:ec:b6:56:d8:54:af:31:6d:6d:6b:0a:50:54:ed:30:c7:
66:fd:68:b0:bd:d9:d6:14:6e:82:ff:d8:54:af:9f:bd:e1:8d:
89:4e:6c:6c:cb:14:69:ab:a6:3c:b6:24:16:b9:c8:dd:62:59:
c4:53:ba:dd:98:22:5e:1d:7d:52:a4:a6:f8:95:76:4c:c0:fd:
1d:28:45:df
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZGeNzC27/xElgWORNdM9gauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTFlNTVmNzQ0ZTE0MTJiZDc1M2ZkMjc3Yjc3NDA4ZGNk
ZjhjYjQwHhcNMjQwODI5MTI1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDYyOTY5M2U2MGY1YmJlZGYwMWZlZGEzZmJiZmQ4YjA0ZmQxNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZUskpFpzLTys0+v0wSk66264VJZ
ZMPS63Qyw2xSLdCGg3ib8um2HyMB0WeNr5lM0ZAkUcc50iJBZbNbaHEIQFEwWGiy
MpUsG+PBEnFrdETW6jVMUXeTj4BhXfRQIW/TbJmhEnJhSeyqiOx5dUMbh+zSRM+v
0ON5qJjQVLjOMt0pnttqhcutWTLzAiAsPDDmxlabiWvn4XknK5Df1l4/kSeo+Ff3
k8F6C39uLtV8Mo52X4T3h31vnAEf2tP+Xf79oS6Y+6AntB+T0gGfwq6ABSI3V294
zSwhoUStXu9IB+US6IS2NPF9gwX2ZDQNAVy6FsGRF+ffy0uTgH9V5EPY7QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDBilpPmD1u+3wH+2j+7/YsE/RXDMB8GA1UdIwQY
MBaAFL2h5V90ThQSvXU/0ne3dAjc34y0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFIbFgzUk9GQks5ZFRfU2Q3ZDBDTnpmakxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zY2Q0NWYtMGI3OS00M2I3LWE5ZTYt
YzBiY2VkYjM0Mjc0LzEvTUdLV2stWVBXNzdmQWY3YVA3djlpd1Q5RmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zY2Q0NWYtMGI3OS00M2I3LWE5ZTYtYzBiY2VkYjM0Mjc0
LzEvdmFIbFgzUk9GQks5ZFRfU2Q3ZDBDTnpmakxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYn4AwQC
LY/YAwQCTVGgAwQFXPLgAwQCuXnIAwQCwRPcMA0EAgACMAcDBQMqE8qAMA0GCSqG
SIb3DQEBCwUAA4IBAQBJY9p4+cE/H0fa0ZgQy530StBpoO8xGFkOJW69cXT+SBUe
71mPifA/e8MjP7azc3xkOKkXlvaP7CyZf9JWUvqclRRJRstjC80GRnGT/GqIBZeB
vuB2QJ6Pz2/ZaSxOe59LXvav2UJrgjhUt4oL67NXELhLtIIAhnL6Na0U8xECnJmU
19jTlJQxWMoIFO4JPE8dvFjpZwoDpRLZFsxqw9WSbOJ4bnUKCcw8MyDvyX6aoU2d
8JB78ey2VthUrzFtbWsKUFTtMMdm/WiwvdnWFG6C/9hUr5+94Y2JTmxsyxRpq6Y8
tiQWucjdYlnEU7rdmCJeHX1SpKb4lXZMwP0dKEXf
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:08 2025 by rpki-client