Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/MkdwbF1jdJSoxGTYl8KL5o8DHdU.roa
File: MkdwbF1jdJSoxGTYl8KL5o8DHdU.roa (raw, json)
Hash identifier: ZonM5kVkoFNsG2OukHS+gNTZeo53jTOwwebyixZQ3Lg=
Subject key identifier: 32:47:70:6C:5D:63:74:94:A8:C4:64:D8:97:C2:8B:E6:8F:03:1D:D5
Certificate issuer: /CN=b43d4e9fe3a5487d20f1000191629150f628f3a1
Certificate serial: 018CC9BC51090A90EF926996782EEA0B6E3D
Authority key identifier: B4:3D:4E:9F:E3:A5:48:7D:20:F1:00:01:91:62:91:50:F6:28:F3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tD1On-OlSH0g8QABkWKRUPYo86E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/MkdwbF1jdJSoxGTYl8KL5o8DHdU.roa
Signing time: Tue 02 Jan 2024 10:33:31 +0000
ROA not before: Tue 02 Jan 2024 10:33:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208201
IP address blocks: 45.153.120.0/24 maxlen: 24
2a0f:af00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:51:09:0a:90:ef:92:69:96:78:2e:ea:0b:6e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43d4e9fe3a5487d20f1000191629150f628f3a1
Validity
Not Before: Jan 2 10:33:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3247706c5d637494a8c464d897c28be68f031dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a6:e7:4e:49:79:a2:0e:2a:47:50:73:69:b5:
d2:d9:27:b2:f5:ac:61:52:e8:45:54:af:a3:e7:00:
ed:7c:66:5f:b1:84:7f:9f:e2:de:4b:d0:db:b2:d9:
f8:08:c1:1e:79:13:9e:5d:04:26:30:d4:7c:22:85:
ce:c3:d8:2a:d8:50:69:8a:05:9f:4b:c2:e5:6a:af:
7e:f5:a4:8a:3b:5f:c4:5a:83:4b:c6:dc:2b:1b:54:
67:77:79:cd:5e:ed:3b:97:27:3b:72:2c:e5:3f:5d:
60:ab:92:d8:95:1c:c0:58:5b:3b:6b:93:e0:eb:84:
90:72:b5:08:fa:79:3d:0c:c9:fd:3d:54:84:7e:08:
09:f1:78:16:29:41:48:34:3f:7a:77:e4:bf:67:4a:
33:ef:77:d8:4f:22:b5:64:76:2a:17:5c:43:5b:2f:
94:a2:7e:ae:ab:39:c7:ec:0e:db:15:85:d8:c6:4a:
df:17:26:40:02:46:7a:c5:12:9a:3b:00:92:74:ce:
c1:bc:90:45:15:89:16:7c:8c:59:05:46:d2:9e:97:
ef:b5:9c:b1:77:16:6a:e8:21:a4:15:07:7f:d7:27:
ed:b9:57:b5:28:1c:00:b0:8c:b9:89:68:93:fc:bc:
16:b7:d8:6e:0c:54:10:d4:1f:a5:86:b4:5f:c7:6c:
aa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:47:70:6C:5D:63:74:94:A8:C4:64:D8:97:C2:8B:E6:8F:03:1D:D5
X509v3 Authority Key Identifier:
keyid:B4:3D:4E:9F:E3:A5:48:7D:20:F1:00:01:91:62:91:50:F6:28:F3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tD1On-OlSH0g8QABkWKRUPYo86E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/MkdwbF1jdJSoxGTYl8KL5o8DHdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/tD1On-OlSH0g8QABkWKRUPYo86E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.120.0/24
IPv6:
2a0f:af00::/32
Signature Algorithm: sha256WithRSAEncryption
1a:dd:44:a5:5a:af:41:87:2b:90:c9:65:3c:8c:36:fc:8b:42:
a0:18:c0:82:12:bf:8d:b9:36:d3:ec:66:b0:58:cc:f9:b9:6f:
ab:0f:ca:7b:45:29:ea:d7:e2:a8:2f:6f:ab:89:f0:8d:e2:fb:
fd:37:d2:38:0e:7c:d9:86:61:92:83:c6:62:df:ec:5f:eb:d5:
9a:9f:35:f3:81:d4:6c:7f:89:a5:3e:6a:35:f6:89:2d:78:63:
da:b7:e7:66:fc:c9:a2:fc:38:e0:dc:7d:d5:f1:e8:14:12:e0:
50:2d:d7:63:e6:74:a8:71:68:a9:a4:ce:0b:3c:a8:e1:7f:8a:
27:b4:36:c2:79:fd:c2:2c:11:c7:7b:a3:df:17:24:2e:ab:22:
e5:bf:be:ed:13:c0:41:e5:1c:6f:e1:78:3e:14:99:e3:30:ed:
48:a9:99:de:75:49:db:f5:11:e4:2c:6c:69:b0:e2:eb:3d:d7:
95:77:3f:2e:36:0c:f2:5c:e1:68:92:45:0d:06:58:5f:85:c0:
4a:3c:03:20:5a:f8:e4:2d:c8:eb:3b:c7:b5:8d:e5:1e:d0:31:
0e:bc:b7:c3:27:a2:61:09:82:ca:09:65:af:fa:fc:91:fc:1b:
f5:b8:71:fa:9a:0f:05:10:a0:00:9a:49:25:cc:ca:6a:32:62:
2f:56:eb:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvFEJCpDvkmmWeC7qC249MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2Q0ZTlmZTNhNTQ4N2QyMGYxMDAwMTkxNjI5MTUwZjYy
OGYzYTEwHhcNMjQwMTAyMTAzMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ3NzA2YzVkNjM3NDk0YThjNDY0ZDg5N2MyOGJlNjhmMDMxZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6bnTkl5og4qR1BzabXS2Sey9axh
UuhFVK+j5wDtfGZfsYR/n+LeS9Dbstn4CMEeeROeXQQmMNR8IoXOw9gq2FBpigWf
S8Llaq9+9aSKO1/EWoNLxtwrG1Rnd3nNXu07lyc7cizlP11gq5LYlRzAWFs7a5Pg
64SQcrUI+nk9DMn9PVSEfggJ8XgWKUFIND96d+S/Z0oz73fYTyK1ZHYqF1xDWy+U
on6uqznH7A7bFYXYxkrfFyZAAkZ6xRKaOwCSdM7BvJBFFYkWfIxZBUbSnpfvtZyx
dxZq6CGkFQd/1yftuVe1KBwAsIy5iWiT/LwWt9huDFQQ1B+lhrRfx2yqbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDJHcGxdY3SUqMRk2JfCi+aPAx3VMB8GA1UdIwQY
MBaAFLQ9Tp/jpUh9IPEAAZFikVD2KPOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEQxT24tT2xTSDBnOFFBQmtXS1JVUFlvODZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xOGQwMzUtMzQ5NC00YWI3LWE1Y2It
OWY3ODhmZDI3NTIwLzEvTWtkd2JGMWpkSlNveEdUWWw4S0w1bzhESGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xOGQwMzUtMzQ5NC00YWI3LWE1Y2ItOWY3ODhmZDI3NTIw
LzEvdEQxT24tT2xTSDBnOFFBQmtXS1JVUFlvODZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZl4MA0E
AgACMAcDBQAqD68AMA0GCSqGSIb3DQEBCwUAA4IBAQAa3USlWq9BhyuQyWU8jDb8
i0KgGMCCEr+NuTbT7GawWMz5uW+rD8p7RSnq1+KoL2+rifCN4vv9N9I4DnzZhmGS
g8Zi3+xf69WanzXzgdRsf4mlPmo19okteGPat+dm/Mmi/Djg3H3V8egUEuBQLddj
5nSocWippM4LPKjhf4ontDbCef3CLBHHe6PfFyQuqyLlv77tE8BB5Rxv4Xg+FJnj
MO1IqZnedUnb9RHkLGxpsOLrPdeVdz8uNgzyXOFokkUNBlhfhcBKPAMgWvjkLcjr
O8e1jeUe0DEOvLfDJ6JhCYLKCWWv+vyR/Bv1uHH6mg8FEKAAmkklzMpqMmIvVutn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:53 2025 by rpki-client