Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2773b3-5109-43c0-8009-424dda519ef1/1/mzq9idPQCmasaRHeOdafJtI4zC8.roa
File: mzq9idPQCmasaRHeOdafJtI4zC8.roa (raw, json)
Hash identifier: Z7ZNEfk4jRhERDKEzUhSUMPDhkNACUVztheBmnkI1iw=
Subject key identifier: 9B:3A:BD:89:D3:D0:0A:66:AC:69:11:DE:39:D6:9F:26:D2:38:CC:2F
Certificate issuer: /CN=1a83ce44ae4c701ea971d334dfabbc5b28e6476e
Certificate serial: 0185F2FA5403BEB0C7C6796473DD62351FE6
Authority key identifier: 1A:83:CE:44:AE:4C:70:1E:A9:71:D3:34:DF:AB:BC:5B:28:E6:47:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GoPORK5McB6pcdM036u8WyjmR24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2773b3-5109-43c0-8009-424dda519ef1/1/mzq9idPQCmasaRHeOdafJtI4zC8.roa
Signing time: Fri 27 Jan 2023 11:26:09 +0000
ROA not before: Fri 27 Jan 2023 11:26:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 45.134.250.0/24 maxlen: 24
45.134.248.0/24 maxlen: 24
45.140.70.0/24 maxlen: 24
45.140.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:fa:54:03:be:b0:c7:c6:79:64:73:dd:62:35:1f:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a83ce44ae4c701ea971d334dfabbc5b28e6476e
Validity
Not Before: Jan 27 11:26:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b3abd89d3d00a66ac6911de39d69f26d238cc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:45:de:18:9a:9c:32:cf:5b:f7:b5:31:76:4e:
f3:ea:55:89:d0:ea:80:06:9d:f1:05:dc:66:db:ba:
79:09:dc:df:b2:ba:be:3d:b5:1c:40:86:b5:84:5e:
5e:33:01:92:7d:9a:f6:a1:f8:c6:ec:3f:59:44:b4:
3e:f4:95:5c:35:a6:76:61:5c:e6:a6:25:29:26:56:
fd:ba:50:23:7c:6c:ee:fc:c5:83:63:d8:ed:1a:20:
e1:d4:f5:83:cb:cc:f9:10:a6:f6:e2:bc:71:42:b9:
0f:30:ae:45:d0:f4:b0:6b:e1:31:2e:4d:89:d8:78:
eb:1d:22:6c:f9:19:08:f4:ec:05:b0:bb:1a:ea:ae:
36:96:7a:9b:6a:d9:b8:fd:cd:37:5e:9b:06:ce:7e:
f5:d4:4b:94:86:7b:57:25:f3:5d:4b:30:64:66:b5:
a7:35:95:ff:1a:fd:18:ff:76:98:96:f5:83:99:d6:
9e:91:bb:6b:7d:64:41:99:a6:c2:86:89:34:e6:da:
6e:90:d9:4e:97:26:0e:5d:bb:98:46:21:a2:53:a5:
19:c7:21:6d:1b:21:1c:df:70:7c:30:5e:c2:f2:1a:
19:5f:45:fc:78:c1:4c:fc:1f:72:d5:fe:d2:02:88:
e3:f3:5c:e9:b6:0a:63:db:f4:df:96:88:39:4b:3a:
5a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3A:BD:89:D3:D0:0A:66:AC:69:11:DE:39:D6:9F:26:D2:38:CC:2F
X509v3 Authority Key Identifier:
keyid:1A:83:CE:44:AE:4C:70:1E:A9:71:D3:34:DF:AB:BC:5B:28:E6:47:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GoPORK5McB6pcdM036u8WyjmR24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2773b3-5109-43c0-8009-424dda519ef1/1/mzq9idPQCmasaRHeOdafJtI4zC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2773b3-5109-43c0-8009-424dda519ef1/1/GoPORK5McB6pcdM036u8WyjmR24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.248.0/24
45.134.250.0/24
45.140.68.0/24
45.140.70.0/24
Signature Algorithm: sha256WithRSAEncryption
77:2e:3f:e7:be:d9:c8:b0:12:b7:47:11:be:88:10:d6:34:b5:
20:48:cf:21:8f:3a:fe:68:0b:ce:f9:4e:69:13:ae:2c:b4:f1:
57:c5:c1:06:74:b0:69:d5:af:72:ed:fb:c8:f6:15:af:11:a3:
47:2d:aa:94:06:54:e4:f5:db:15:d7:f2:24:d3:be:1b:b3:0d:
06:1a:33:68:39:a3:65:ff:90:f6:6e:ac:d9:3d:44:21:e1:06:
d4:f8:a5:8e:3d:9e:71:48:93:c0:ea:86:2b:54:59:d4:18:e3:
ec:a6:3a:ea:0b:b1:17:66:d8:7e:6b:e7:2b:ea:50:a0:b0:5c:
a8:c1:2c:b5:38:fb:99:8b:77:74:30:b5:ba:44:cf:98:47:9a:
f4:a7:95:58:35:c4:a0:e5:03:a8:99:84:c4:0a:c1:95:82:63:
b1:bd:4c:2a:75:65:7a:5c:cf:45:0d:c5:c5:9a:5d:c2:f2:c1:
8b:ad:f6:fe:4f:6a:b2:f9:33:b7:96:d2:d3:fd:a1:08:a2:ce:
0d:13:9e:de:5d:4d:48:60:01:5b:c0:b2:09:54:30:f1:2f:b5:
d9:aa:b2:67:9b:d0:af:55:7f:21:13:6b:b7:47:35:20:4a:33:
6c:80:68:9d:b3:0c:8f:85:15:00:27:f5:c0:ee:96:3f:30:0d:
36:32:45:bc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXy+lQDvrDHxnlkc91iNR/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODNjZTQ0YWU0YzcwMWVhOTcxZDMzNGRmYWJiYzViMjhl
NjQ3NmUwHhcNMjMwMTI3MTEyNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNhYmQ4OWQzZDAwYTY2YWM2OTExZGUzOWQ2OWYyNmQyMzhjYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEXeGJqcMs9b97Uxdk7z6lWJ0OqA
Bp3xBdxm27p5Cdzfsrq+PbUcQIa1hF5eMwGSfZr2ofjG7D9ZRLQ+9JVcNaZ2YVzm
piUpJlb9ulAjfGzu/MWDY9jtGiDh1PWDy8z5EKb24rxxQrkPMK5F0PSwa+ExLk2J
2HjrHSJs+RkI9OwFsLsa6q42lnqbatm4/c03XpsGzn711EuUhntXJfNdSzBkZrWn
NZX/Gv0Y/3aYlvWDmdaekbtrfWRBmabChok05tpukNlOlyYOXbuYRiGiU6UZxyFt
GyEc33B8MF7C8hoZX0X8eMFM/B9y1f7SAojj81zptgpj2/Tflog5SzpaxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJs6vYnT0ApmrGkR3jnWnybSOMwvMB8GA1UdIwQY
MBaAFBqDzkSuTHAeqXHTNN+rvFso5kduMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29QT1JLNU1jQjZwY2RNMDM2dThXeWptUjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yNzczYjMtNTEwOS00M2MwLTgwMDkt
NDI0ZGRhNTE5ZWYxLzEvbXpxOWlkUFFDbWFzYVJIZU9kYWZKdEk0ekM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yNzczYjMtNTEwOS00M2MwLTgwMDktNDI0ZGRhNTE5ZWYx
LzEvR29QT1JLNU1jQjZwY2RNMDM2dThXeWptUjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYb4AwQA
LYb6AwQALYxEAwQALYxGMA0GCSqGSIb3DQEBCwUAA4IBAQB3Lj/nvtnIsBK3RxG+
iBDWNLUgSM8hjzr+aAvO+U5pE64stPFXxcEGdLBp1a9y7fvI9hWvEaNHLaqUBlTk
9dsV1/Ik074bsw0GGjNoOaNl/5D2bqzZPUQh4QbU+KWOPZ5xSJPA6oYrVFnUGOPs
pjrqC7EXZth+a+cr6lCgsFyowSy1OPuZi3d0MLW6RM+YR5r0p5VYNcSg5QOomYTE
CsGVgmOxvUwqdWV6XM9FDcXFml3C8sGLrfb+T2qy+TO3ltLT/aEIos4NE57eXU1I
YAFbwLIJVDDxL7XZqrJnm9CvVX8hE2u3RzUgSjNsgGidswyPhRUAJ/XA7pY/MA02
MkW8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:26 2024 by rpki-client on console-fra.rpki-client.org