Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/MFRcFvhMposZqHWMt4lsFYFFZz4.roa
File: MFRcFvhMposZqHWMt4lsFYFFZz4.roa (raw, json)
Hash identifier: PUlSdynjA6lIzAozzLnq/sY+umpxfm+lHlHC+TOUzy0=
Subject key identifier: 30:54:5C:16:F8:4C:A6:8B:19:A8:75:8C:B7:89:6C:15:81:45:67:3E
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 018CCC05C0BE4B5F4236BE789F6B3EA652DE
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/MFRcFvhMposZqHWMt4lsFYFFZz4.roa
Signing time: Tue 02 Jan 2024 21:12:58 +0000
ROA not before: Tue 02 Jan 2024 21:12:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 45.95.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 18:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cc:05:c0:be:4b:5f:42:36:be:78:9f:6b:3e:a6:52:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Jan 2 21:12:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30545c16f84ca68b19a8758cb7896c158145673e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f7:d5:35:42:94:cb:27:a9:e4:a1:8e:ab:ac:
32:8d:f9:83:f4:50:c2:df:31:10:50:f2:57:7b:84:
af:6c:d6:87:7d:fe:e3:e3:22:0f:81:e8:4a:c6:ca:
d5:13:93:6e:cc:3b:d0:af:af:6c:b0:0f:ed:f8:ef:
d6:da:e1:9d:9b:7c:c9:ca:bf:a8:1f:7d:42:b1:52:
2b:66:2c:ac:8e:5b:e7:ad:df:f3:e1:5e:11:cd:57:
b7:01:62:ec:35:f2:8a:eb:f3:3b:a0:b3:7b:e1:61:
1d:a8:2f:71:95:ac:15:f8:93:cb:47:d2:82:40:07:
eb:42:32:ac:8a:88:74:16:8c:93:7d:1a:53:48:28:
dc:c7:c7:0c:cf:52:58:bc:8c:1a:12:78:88:c1:d2:
cc:5e:f3:3b:9f:19:28:43:3a:31:c6:1b:25:ac:50:
30:83:e7:15:3d:37:61:72:12:fc:37:b0:22:dc:7f:
ac:14:4e:f9:65:d0:cd:36:5a:ae:ef:75:af:74:f1:
bb:6d:94:28:df:15:09:3d:58:7a:07:f3:15:fd:19:
71:a4:d4:e2:10:97:2c:66:8e:ef:1e:6e:59:61:79:
ad:24:2b:3e:07:df:a8:83:af:2a:7e:16:2e:59:c1:
d1:d9:d9:e0:0a:ec:6e:de:fa:d8:10:a6:fa:a3:20:
69:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:54:5C:16:F8:4C:A6:8B:19:A8:75:8C:B7:89:6C:15:81:45:67:3E
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/MFRcFvhMposZqHWMt4lsFYFFZz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.207.0/24
Signature Algorithm: sha256WithRSAEncryption
69:ce:d1:e5:34:91:6d:fd:8c:fc:f4:7f:76:af:53:a7:d1:d6:
a0:66:30:5f:51:28:1f:24:79:71:f0:40:31:18:54:02:9f:39:
7b:3c:78:68:b3:f9:c1:96:a9:12:a3:3b:4e:ee:ac:29:09:e0:
f6:3d:d2:cd:86:86:5e:29:32:8d:cf:a3:8c:4c:66:02:b9:5e:
21:4c:43:6b:73:45:a0:80:30:15:70:71:30:16:a5:f8:ef:5e:
89:59:1e:76:64:a9:74:7b:18:3b:d7:02:93:e1:fd:49:53:ea:
9b:ed:23:ac:89:a5:6f:52:53:30:79:8b:0d:01:bb:9b:5c:36:
a1:84:73:06:51:5a:fb:c5:97:4c:bc:92:96:a5:38:88:0e:e4:
ee:f5:fa:ef:03:c4:06:bb:a1:ed:de:b7:1e:b7:15:a0:fb:e6:
f1:4a:02:8d:5a:81:48:d7:06:85:a1:34:56:15:de:8e:84:d9:
86:61:f4:8b:8c:6f:89:89:12:34:f2:cd:85:46:cb:0d:0e:b9:
88:57:6c:0c:ae:71:69:d8:95:58:d0:ea:0c:f0:da:a4:28:c2:
36:0f:fb:bf:63:ac:9c:43:fc:f0:a1:24:99:fb:46:49:ba:ed:
18:87:5a:a9:d3:c9:e9:f7:3a:57:8c:58:3f:fe:63:b2:32:cf:
c9:aa:e5:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzMBcC+S19CNr54n2s+plLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjQwMTAyMjExMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDU0NWMxNmY4NGNhNjhiMTlhODc1OGNiNzg5NmMxNTgxNDU2NzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/fVNUKUyyep5KGOq6wyjfmD9FDC
3zEQUPJXe4SvbNaHff7j4yIPgehKxsrVE5NuzDvQr69ssA/t+O/W2uGdm3zJyr+o
H31CsVIrZiysjlvnrd/z4V4RzVe3AWLsNfKK6/M7oLN74WEdqC9xlawV+JPLR9KC
QAfrQjKsioh0FoyTfRpTSCjcx8cMz1JYvIwaEniIwdLMXvM7nxkoQzoxxhslrFAw
g+cVPTdhchL8N7Ai3H+sFE75ZdDNNlqu73WvdPG7bZQo3xUJPVh6B/MV/RlxpNTi
EJcsZo7vHm5ZYXmtJCs+B9+og68qfhYuWcHR2dngCuxu3vrYEKb6oyBphQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBUXBb4TKaLGah1jLeJbBWBRWc+MB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvTUZSY0Z2aE1wb3NacUhXTXQ0bHNGWUZGWno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/PMA0G
CSqGSIb3DQEBCwUAA4IBAQBpztHlNJFt/Yz89H92r1On0dagZjBfUSgfJHlx8EAx
GFQCnzl7PHhos/nBlqkSoztO7qwpCeD2PdLNhoZeKTKNz6OMTGYCuV4hTENrc0Wg
gDAVcHEwFqX4716JWR52ZKl0exg71wKT4f1JU+qb7SOsiaVvUlMweYsNAbubXDah
hHMGUVr7xZdMvJKWpTiIDuTu9frvA8QGu6Ht3rcetxWg++bxSgKNWoFI1waFoTRW
Fd6OhNmGYfSLjG+JiRI08s2FRssNDrmIV2wMrnFp2JVY0OoM8NqkKMI2D/u/Y6yc
Q/zwoSSZ+0ZJuu0Yh1qp08np9zpXjFg//mOyMs/JquVO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:35 2025 by rpki-client