Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0mkjdFWTnj7GNfhr17b0Bk4IiQU.roa
File: 0mkjdFWTnj7GNfhr17b0Bk4IiQU.roa (raw, json)
Hash identifier: giPDmofNkEVleLWpnB2ZN56Cuh6P/k1YMbrgfA8wCiU=
Subject key identifier: D2:69:23:74:55:93:9E:3E:C6:35:F8:6B:D7:B6:F4:06:4E:08:89:05
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018C7C0EAEBA6294081F49F9C948A882ABA5
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0mkjdFWTnj7GNfhr17b0Bk4IiQU.roa
Signing time: Mon 18 Dec 2023 08:33:06 +0000
ROA not before: Mon 18 Dec 2023 08:33:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 45.138.2.0/23 maxlen: 23
45.141.124.0/22 maxlen: 23
45.130.54.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 18 Dec 2023 09:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:0e:ae:ba:62:94:08:1f:49:f9:c9:48:a8:82:ab:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 18 08:33:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d269237455939e3ec635f86bd7b6f4064e088905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ba:2f:a8:2e:02:e6:e5:81:fb:c5:cb:b4:3d:
91:2f:7f:36:10:05:13:d6:0c:82:5f:d0:ab:d9:c1:
58:21:70:4a:8f:ad:a3:a5:a0:00:3a:da:08:63:b6:
6a:06:ac:68:e0:c2:69:b1:c3:3d:25:ee:19:30:eb:
ed:af:f3:38:c4:f4:ee:d9:15:6f:db:d6:61:99:e8:
0c:32:45:65:36:b6:d1:7f:60:7d:ce:ad:c0:04:f8:
54:25:b6:75:3c:30:49:18:78:33:66:d5:19:0a:93:
6a:c1:6b:7f:be:f8:b8:d2:a7:02:f0:44:91:19:26:
91:3d:28:fc:76:6f:2f:2e:3e:28:29:82:8d:26:2e:
5b:cd:13:f3:fb:77:bc:ce:69:59:11:58:8d:c7:cf:
14:ed:5d:7f:45:5a:2b:85:e6:dd:bd:e0:ab:c6:6c:
33:56:14:72:2c:8c:10:73:5b:b1:57:03:5b:ab:30:
c7:a4:08:6e:b2:10:09:46:cf:cf:98:82:42:b7:81:
72:a3:c3:dc:49:d3:5d:52:c6:53:18:90:6f:fb:d3:
3d:91:72:d9:37:4e:07:d8:d8:9d:6a:e6:60:30:07:
5c:5d:93:09:52:9f:00:b6:32:e1:3f:bd:2c:91:b6:
37:c4:47:76:91:98:e6:96:6a:88:29:e8:90:97:8f:
13:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:69:23:74:55:93:9E:3E:C6:35:F8:6B:D7:B6:F4:06:4E:08:89:05
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0mkjdFWTnj7GNfhr17b0Bk4IiQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.54.0/23
45.138.2.0/23
45.141.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:dd:22:33:e4:59:b3:a3:f4:8d:7e:d2:ca:9b:bd:7f:fa:3a:
eb:09:79:e6:18:4f:ae:7f:31:2c:08:fa:fe:75:ce:c0:26:45:
95:ef:2f:56:75:9f:f2:6f:1d:64:14:74:ae:7a:aa:04:c0:b2:
e3:89:73:1d:fe:05:d7:bc:6c:df:4e:89:f3:62:be:df:6b:e7:
88:bf:45:ef:2d:b9:4e:98:7d:d7:da:cd:1f:79:e4:b6:7a:8e:
d5:9b:33:c9:34:38:16:1f:a8:54:97:02:52:39:12:aa:d5:c1:
1e:a9:0f:00:e1:b0:cf:1f:31:52:75:64:a2:61:99:c1:8b:7f:
97:17:c8:e5:7b:02:92:af:7c:6c:ed:42:bc:c6:71:bc:67:fe:
15:45:fe:a3:5b:92:56:01:0c:fe:10:11:aa:99:68:fd:d8:5a:
f7:6f:3b:dd:35:90:b3:51:4b:f4:7d:b9:4f:c3:e6:22:dd:ea:
e7:6e:89:4e:b4:3b:b6:24:3a:3e:ed:4d:60:a8:5a:38:6f:ee:
d1:0a:62:e1:95:c3:d2:02:47:06:7f:38:21:93:ca:30:c4:c1:
48:46:27:19:5d:46:31:97:54:23:a9:1f:d5:2c:f6:43:62:42:
a0:e3:4c:ce:32:65:93:8b:95:47:6a:36:70:6b:71:7b:43:53:
3f:ee:61:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx8Dq66YpQIH0n5yUiogqulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMjE4MDgzMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY5MjM3NDU1OTM5ZTNlYzYzNWY4NmJkN2I2ZjQwNjRlMDg4OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrovqC4C5uWB+8XLtD2RL382EAUT
1gyCX9Cr2cFYIXBKj62jpaAAOtoIY7ZqBqxo4MJpscM9Je4ZMOvtr/M4xPTu2RVv
29ZhmegMMkVlNrbRf2B9zq3ABPhUJbZ1PDBJGHgzZtUZCpNqwWt/vvi40qcC8ESR
GSaRPSj8dm8vLj4oKYKNJi5bzRPz+3e8zmlZEViNx88U7V1/RVorhebdveCrxmwz
VhRyLIwQc1uxVwNbqzDHpAhushAJRs/PmIJCt4Fyo8PcSdNdUsZTGJBv+9M9kXLZ
N04H2NidauZgMAdcXZMJUp8AtjLhP70skbY3xEd2kZjmlmqIKeiQl48TEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNJpI3RVk54+xjX4a9e29AZOCIkFMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMG1ramRGV1RuajdHTmZocjE3YjBCazRJaVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYI2AwQB
LYoCAwQCLY18MA0GCSqGSIb3DQEBCwUAA4IBAQBr3SIz5Fmzo/SNftLKm71/+jrr
CXnmGE+ufzEsCPr+dc7AJkWV7y9WdZ/ybx1kFHSueqoEwLLjiXMd/gXXvGzfTonz
Yr7fa+eIv0XvLblOmH3X2s0feeS2eo7VmzPJNDgWH6hUlwJSORKq1cEeqQ8A4bDP
HzFSdWSiYZnBi3+XF8jlewKSr3xs7UK8xnG8Z/4VRf6jW5JWAQz+EBGqmWj92Fr3
bzvdNZCzUUv0fblPw+Yi3ernbolOtDu2JDo+7U1gqFo4b+7RCmLhlcPSAkcGfzgh
k8owxMFIRicZXUYxl1QjqR/VLPZDYkKg40zOMmWTi5VHajZwa3F7Q1M/7mEK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org