Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/mRkUfko6KbnPHNEK9k1g4EcLxoo.roa
File: mRkUfko6KbnPHNEK9k1g4EcLxoo.roa (raw, json)
Hash identifier: 4nLaxRM+dkRiUZkVbw08BhMLm7d4G1f0lbCeCB7iacY=
Subject key identifier: 99:19:14:7E:4A:3A:29:B9:CF:1C:D1:0A:F6:4D:60:E0:47:0B:C6:8A
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018B427957D21E1001266ED50CDFE3128C88
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/mRkUfko6KbnPHNEK9k1g4EcLxoo.roa
Signing time: Wed 18 Oct 2023 11:08:50 +0000
ROA not before: Wed 18 Oct 2023 11:08:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 45.152.58.0/23 maxlen: 23
45.152.56.0/23 maxlen: 23
45.149.90.0/23 maxlen: 23
45.141.204.0/23 maxlen: 23
195.88.190.0/23 maxlen: 24
195.88.210.0/23 maxlen: 24
45.148.51.0/24 maxlen: 24
45.148.66.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 21 Nov 2023 15:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:79:57:d2:1e:10:01:26:6e:d5:0c:df:e3:12:8c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 18 11:08:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9919147e4a3a29b9cf1cd10af64d60e0470bc68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9f:e5:1c:cd:30:53:c4:a9:53:33:38:df:57:
5b:cd:2a:29:b2:97:93:68:25:37:ba:7d:76:26:c1:
b9:16:0b:3a:5c:99:0d:9e:fb:dc:a4:71:0d:f6:b1:
c9:5e:ee:05:79:3b:7f:6c:f9:1e:86:ff:7e:0b:91:
1e:79:e6:e0:7d:7a:7d:ce:d1:dc:15:84:7b:5b:dd:
98:fb:84:ae:07:f4:b0:2c:ef:58:70:a7:8c:04:28:
88:d5:a8:b6:b0:f4:a4:83:0c:0e:04:65:aa:f5:23:
2b:30:a4:7a:d3:76:79:7e:d9:1c:25:1f:8d:6e:09:
43:84:53:98:25:0b:34:54:7c:ee:7b:ae:37:df:09:
13:6c:61:84:b9:20:92:27:32:77:cc:72:24:08:4c:
e5:09:d9:ef:cd:05:61:98:7c:10:1e:e2:62:3d:ea:
05:56:59:22:69:05:8d:02:90:e4:7a:47:51:fd:83:
ad:6f:60:bb:c8:c0:b7:b8:d3:d1:4c:d3:17:1d:ed:
12:47:42:01:05:c4:15:e8:33:07:9e:2d:55:41:ba:
8e:0b:e0:31:35:37:4d:0d:75:35:88:1c:9b:c4:67:
29:7a:9e:f6:7d:e0:7a:e0:b4:3f:76:c0:98:34:73:
ff:f3:cb:d5:1c:aa:41:b5:f8:16:5e:23:b5:41:0a:
e8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:19:14:7E:4A:3A:29:B9:CF:1C:D1:0A:F6:4D:60:E0:47:0B:C6:8A
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/mRkUfko6KbnPHNEK9k1g4EcLxoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
45.148.66.0/23
45.149.90.0/23
45.152.56.0/22
195.88.190.0/23
195.88.210.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:c7:b2:09:7d:1b:44:4f:9f:7a:07:88:af:44:e0:fa:fe:f1:
d0:61:5d:b8:5b:2d:81:cf:8b:cf:66:ac:d2:85:e6:65:03:dc:
71:d6:da:81:55:60:ac:a6:bf:ad:f6:1d:d7:84:a2:a4:9e:ff:
7d:d8:58:b0:b7:e0:79:1d:52:81:d2:ac:42:95:53:d4:52:78:
99:ca:8e:3d:55:08:d1:be:79:ec:ee:e9:f0:a1:e0:b3:b8:f5:
25:14:df:09:70:39:18:f6:f2:36:d5:23:f5:e7:ea:ae:81:a9:
da:1a:a4:de:11:72:a6:14:cc:c2:2c:bd:df:80:61:54:22:f3:
99:21:5f:89:3c:ca:da:5d:a7:f9:77:a1:ce:f9:f3:b5:14:6e:
36:0b:3d:31:5c:ab:48:d2:b3:22:92:e8:2d:29:26:a4:09:43:
c5:39:85:35:27:04:f2:4d:71:fc:48:b4:3c:61:d5:50:8e:3c:
04:2e:a5:6c:3d:92:49:fe:77:78:f0:b6:28:2f:36:e8:3c:4b:
11:c1:7d:51:69:90:93:42:5b:d2:f2:3e:2d:9b:c6:67:36:5e:
74:b1:a1:88:c9:27:1b:30:79:b3:ab:67:8b:dd:12:b4:e6:da:
c5:34:d6:94:cd:5f:cc:ba:dc:04:05:d3:e1:c0:3b:eb:6c:81:
fc:4b:c4:3f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYtCeVfSHhABJm7VDN/jEoyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMDE4MTEwODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE5MTQ3ZTRhM2EyOWI5Y2YxY2QxMGFmNjRkNjBlMDQ3MGJjNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5/lHM0wU8SpUzM431dbzSopspeT
aCU3un12JsG5Fgs6XJkNnvvcpHEN9rHJXu4FeTt/bPkehv9+C5EeeebgfXp9ztHc
FYR7W92Y+4SuB/SwLO9YcKeMBCiI1ai2sPSkgwwOBGWq9SMrMKR603Z5ftkcJR+N
bglDhFOYJQs0VHzue6433wkTbGGEuSCSJzJ3zHIkCEzlCdnvzQVhmHwQHuJiPeoF
VlkiaQWNApDkekdR/YOtb2C7yMC3uNPRTNMXHe0SR0IBBcQV6DMHni1VQbqOC+Ax
NTdNDXU1iBybxGcpep72feB64LQ/dsCYNHP/88vVHKpBtfgWXiO1QQrozwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJkZFH5KOim5zxzRCvZNYOBHC8aKMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvbVJrVWZrbzZLYm5QSE5FSzlrMWc0RWNMeG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLY3MAwQA
LZQzAwQBLZRCAwQBLZVaAwQCLZg4AwQBw1i+AwQBw1jSMA0GCSqGSIb3DQEBCwUA
A4IBAQBMx7IJfRtET596B4ivROD6/vHQYV24Wy2Bz4vPZqzSheZlA9xx1tqBVWCs
pr+t9h3XhKKknv992Fiwt+B5HVKB0qxClVPUUniZyo49VQjRvnns7unwoeCzuPUl
FN8JcDkY9vI21SP15+quganaGqTeEXKmFMzCLL3fgGFUIvOZIV+JPMraXaf5d6HO
+fO1FG42Cz0xXKtI0rMikugtKSakCUPFOYU1JwTyTXH8SLQ8YdVQjjwELqVsPZJJ
/nd48LYoLzboPEsRwX1RaZCTQlvS8j4tm8ZnNl50saGIyScbMHmzq2eL3RK05trF
NNaUzV/MutwEBdPhwDvrbIH8S8Q/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org