Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/0cd4be-247f-4de2-938c-f0cd8bb552e0/1/MxpHTROacUpEAuK7NLKr-0rh-tE.roa
File: MxpHTROacUpEAuK7NLKr-0rh-tE.roa (raw, json)
Hash identifier: Oyf8N35vaLvp3IbHNC+ao8mD7rZkXpw7K2i3AezyYAc=
Subject key identifier: 33:1A:47:4D:13:9A:71:4A:44:02:E2:BB:34:B2:AB:FB:4A:E1:FA:D1
Certificate issuer: /CN=89acb8893e94180747eec1975ed5604c4ddbe0c5
Certificate serial: 01856BEEDEA0ABDBD89ACEE0A27556E0D994
Authority key identifier: 89:AC:B8:89:3E:94:18:07:47:EE:C1:97:5E:D5:60:4C:4D:DB:E0:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iay4iT6UGAdH7sGXXtVgTE3b4MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/0cd4be-247f-4de2-938c-f0cd8bb552e0/1/MxpHTROacUpEAuK7NLKr-0rh-tE.roa
Signing time: Sun 01 Jan 2023 06:04:54 +0000
ROA not before: Sun 01 Jan 2023 06:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60917
IP address blocks: 45.158.0.0/24 maxlen: 24
45.158.3.0/24 maxlen: 24
45.158.0.0/22 maxlen: 22
45.158.2.0/24 maxlen: 24
45.158.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:de:a0:ab:db:d8:9a:ce:e0:a2:75:56:e0:d9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89acb8893e94180747eec1975ed5604c4ddbe0c5
Validity
Not Before: Jan 1 06:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=331a474d139a714a4402e2bb34b2abfb4ae1fad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:e7:61:6e:8f:4c:42:e6:bd:0f:c3:4e:2c:
7b:2a:e6:86:56:48:3e:4d:d7:a8:5c:a5:1e:6e:37:
fe:c3:ca:56:08:82:e7:1b:ee:90:fe:69:55:40:48:
67:e7:07:e0:14:df:e7:40:3a:24:f5:66:7a:49:9e:
d6:7c:16:08:7b:8c:47:95:79:8d:89:aa:c5:fb:02:
96:d4:b1:94:9a:8d:8c:35:e8:5c:9c:e8:3f:d5:cd:
25:09:1a:cd:ed:64:dc:10:94:fd:a1:e8:c0:08:27:
18:b0:de:1b:96:7a:d7:69:2b:a8:be:d5:d8:ff:b9:
8d:a8:24:7a:a7:75:40:a8:72:25:56:a2:33:fe:f7:
9d:00:a3:df:ff:6d:b2:d5:41:59:6f:5d:cc:23:30:
73:51:f8:92:ea:53:11:7c:3c:45:aa:1d:d7:16:b3:
93:98:1b:20:11:44:bf:17:80:6f:31:2a:2e:1c:f5:
33:b1:a4:0d:f7:e5:f5:9d:bf:e4:b2:3c:0c:a5:94:
5e:9a:fc:9b:bc:e5:56:19:84:c3:d5:0e:ec:d3:28:
58:97:7a:3c:2a:03:d4:d8:e9:2c:f8:6e:80:c1:47:
4c:9d:4f:be:52:2e:71:26:ba:58:ad:96:0e:e0:9d:
67:79:a5:29:0f:30:63:d3:3f:f5:e0:76:55:bc:9a:
99:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1A:47:4D:13:9A:71:4A:44:02:E2:BB:34:B2:AB:FB:4A:E1:FA:D1
X509v3 Authority Key Identifier:
keyid:89:AC:B8:89:3E:94:18:07:47:EE:C1:97:5E:D5:60:4C:4D:DB:E0:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iay4iT6UGAdH7sGXXtVgTE3b4MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0cd4be-247f-4de2-938c-f0cd8bb552e0/1/MxpHTROacUpEAuK7NLKr-0rh-tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0cd4be-247f-4de2-938c-f0cd8bb552e0/1/iay4iT6UGAdH7sGXXtVgTE3b4MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.0.0/22
Signature Algorithm: sha256WithRSAEncryption
15:0e:48:0d:61:e0:af:7b:47:b2:cd:75:d8:3d:fb:36:2c:1c:
25:de:3c:69:86:f7:30:6f:3c:f1:d1:69:0c:14:61:14:01:62:
d4:22:96:77:bf:5a:ad:eb:a6:f5:be:99:80:1e:b2:48:64:af:
b6:74:6c:19:88:53:7f:4a:73:46:74:4e:84:6c:70:d7:c4:35:
0c:57:f5:53:4d:f7:cf:2f:cc:7b:e1:06:c5:87:3e:5a:1e:a9:
2f:9b:cf:04:a0:c8:95:8e:29:0d:39:d8:2d:97:9c:8e:8d:a7:
9d:66:a1:0a:a7:ad:80:14:07:85:d1:76:27:6d:54:2b:da:06:
f6:4e:ff:82:83:a9:f2:fa:d5:27:9b:f3:fd:ca:b5:39:5c:e7:
6b:93:cf:e1:c6:05:ef:a1:19:80:24:a5:0e:3c:0b:52:59:e0:
41:df:42:63:d4:33:56:25:03:5b:29:5c:08:71:d8:24:22:6b:
e0:ce:03:34:7f:96:4f:09:fe:01:05:b5:c4:2a:81:a9:be:db:
08:73:94:a7:ce:04:f7:d7:bb:2c:57:ec:5a:64:b5:d9:2e:13:
d9:b9:d9:cf:2a:26:38:63:e5:6c:c6:b6:08:bd:26:13:4a:bd:
a9:d6:af:c4:f3:ea:6a:41:7d:8b:21:5d:04:4c:54:ad:96:07:
90:47:1a:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7t6gq9vYms7gonVW4NmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWNiODg5M2U5NDE4MDc0N2VlYzE5NzVlZDU2MDRjNGRk
YmUwYzUwHhcNMjMwMTAxMDYwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFhNDc0ZDEzOWE3MTRhNDQwMmUyYmIzNGIyYWJmYjRhZTFmYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6vnYW6PTELmvQ/DTix7KuaGVkg+
TdeoXKUebjf+w8pWCILnG+6Q/mlVQEhn5wfgFN/nQDok9WZ6SZ7WfBYIe4xHlXmN
iarF+wKW1LGUmo2MNehcnOg/1c0lCRrN7WTcEJT9oejACCcYsN4blnrXaSuovtXY
/7mNqCR6p3VAqHIlVqIz/vedAKPf/22y1UFZb13MIzBzUfiS6lMRfDxFqh3XFrOT
mBsgEUS/F4BvMSouHPUzsaQN9+X1nb/ksjwMpZRemvybvOVWGYTD1Q7s0yhYl3o8
KgPU2Oks+G6AwUdMnU++Ui5xJrpYrZYO4J1neaUpDzBj0z/14HZVvJqZowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMaR00TmnFKRALiuzSyq/tK4frRMB8GA1UdIwQY
MBaAFImsuIk+lBgHR+7Bl17VYExN2+DFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF5NGlUNlVHQWRIN3NHWFh0VmdURTNiNE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wY2Q0YmUtMjQ3Zi00ZGUyLTkzOGMt
ZjBjZDhiYjU1MmUwLzEvTXhwSFRST2FjVXBFQXVLN05MS3ItMHJoLXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wY2Q0YmUtMjQ3Zi00ZGUyLTkzOGMtZjBjZDhiYjU1MmUw
LzEvaWF5NGlUNlVHQWRIN3NHWFh0VmdURTNiNE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ4AMA0G
CSqGSIb3DQEBCwUAA4IBAQAVDkgNYeCve0eyzXXYPfs2LBwl3jxphvcwbzzx0WkM
FGEUAWLUIpZ3v1qt66b1vpmAHrJIZK+2dGwZiFN/SnNGdE6EbHDXxDUMV/VTTffP
L8x74QbFhz5aHqkvm88EoMiVjikNOdgtl5yOjaedZqEKp62AFAeF0XYnbVQr2gb2
Tv+Cg6ny+tUnm/P9yrU5XOdrk8/hxgXvoRmAJKUOPAtSWeBB30Jj1DNWJQNbKVwI
cdgkImvgzgM0f5ZPCf4BBbXEKoGpvtsIc5SnzgT317ssV+xaZLXZLhPZudnPKiY4
Y+VsxrYIvSYTSr2p1q/E8+pqQX2LIV0ETFStlgeQRxoo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:14 2024 by rpki-client on console-ams.rpki-client.org