Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mlLm8CipBCtv6_pgmvp6MxZCRIE.roa
File: mlLm8CipBCtv6_pgmvp6MxZCRIE.roa (raw, json)
Hash identifier: /0dAtwBgnJbQ9OnrHxdMsMAejLzj7/h6X99udg3vmyA=
Subject key identifier: 9A:52:E6:F0:28:A9:04:2B:6F:EB:FA:60:9A:FA:7A:33:16:42:44:81
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018D8E5D9AFF320F2060C6AF7246753CE176
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mlLm8CipBCtv6_pgmvp6MxZCRIE.roa
Signing time: Fri 09 Feb 2024 14:55:15 +0000
ROA not before: Fri 09 Feb 2024 14:55:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212669
IP address blocks: 45.81.114.0/24 maxlen: 24
45.138.181.0/24 maxlen: 24
45.151.0.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 11:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:5d:9a:ff:32:0f:20:60:c6:af:72:46:75:3c:e1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 9 14:55:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a52e6f028a9042b6febfa609afa7a3316424481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:14:95:35:15:a3:bb:0c:4c:fe:1a:83:54:94:
ef:77:7d:48:22:e5:60:6d:17:f2:b8:47:b6:aa:ef:
6d:b9:dd:4e:b7:89:83:91:b3:89:16:e4:07:c5:0c:
f0:bb:85:9d:04:f0:ce:55:d3:89:f0:f3:9e:15:27:
62:f9:7d:15:63:cd:93:d3:69:ca:1e:ec:8e:fa:67:
3a:81:b1:88:54:0d:f0:b8:ef:c5:52:e1:f5:6b:f0:
1b:bd:6e:c6:65:10:26:84:e1:fb:1f:8a:56:79:66:
4b:8a:7c:8c:19:81:df:0f:d6:c6:e4:34:97:2e:20:
12:86:b6:22:25:74:22:75:11:60:6c:a4:06:45:49:
26:21:55:56:6f:3d:8c:dd:78:ab:e7:32:2b:43:a5:
7e:b6:9f:fe:a3:14:f0:20:8a:e8:b5:f9:6a:9b:62:
bc:0d:5b:a9:58:07:f6:aa:a7:9c:b2:5e:28:48:65:
95:ae:f6:62:f8:ff:50:51:a1:b6:4c:e8:4a:30:b0:
dd:76:cc:a6:31:1c:76:19:4c:ba:74:f5:57:99:a3:
2a:7a:2f:1e:24:35:ef:6e:0e:61:cb:66:67:05:73:
19:2a:0a:f2:54:71:22:bd:94:1b:a3:52:25:d3:6b:
36:ac:8e:45:88:5f:64:d0:a4:6d:50:cc:8d:be:1d:
d0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:52:E6:F0:28:A9:04:2B:6F:EB:FA:60:9A:FA:7A:33:16:42:44:81
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mlLm8CipBCtv6_pgmvp6MxZCRIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.114.0/24
45.138.181.0/24
45.151.0.0/24
85.209.121.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:59:c5:41:9e:9d:65:e7:44:6a:f8:c9:97:1f:6e:d3:dc:6e:
da:cc:5a:09:4f:c7:61:cb:bd:67:c2:f5:8d:72:17:53:97:a9:
0d:2a:af:db:1c:76:44:31:b2:ee:ff:98:6a:e0:5a:0d:ab:a0:
ed:6e:a4:06:c9:05:4b:b2:54:fe:45:e5:21:dd:20:41:e0:3c:
12:bc:dc:03:cb:a2:8d:75:f2:93:92:93:8a:27:ae:e3:ec:ce:
70:6e:cf:7f:15:04:a1:d7:8d:a7:a4:ec:eb:47:6e:fb:4b:99:
8f:36:f4:5d:8d:16:94:85:9e:aa:d7:47:05:d9:47:9d:fb:8a:
93:51:dc:a3:f5:92:cd:90:34:ec:06:7b:c1:b3:5f:8c:36:4a:
b1:e0:a5:51:ab:1d:34:70:e1:89:e2:17:2c:61:1b:07:1f:61:
0e:41:cc:62:62:7f:c1:7b:b7:37:86:dd:b7:c9:8d:99:39:13:
4e:1c:72:6c:e3:11:b9:4e:28:5a:b8:b0:70:94:ef:3a:ea:4b:
be:eb:77:ee:82:d9:e1:15:ef:6b:14:c2:4e:77:fb:ea:5e:e7:
37:5f:62:6c:48:2d:c1:8a:96:75:96:34:9f:9b:8b:f2:c3:91:
8f:b8:b2:62:cb:0c:f9:74:97:1c:1c:5d:1b:89:5b:2d:b4:d3:
62:f3:f2:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2OXZr/Mg8gYMavckZ1POF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjA5MTQ1NTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTUyZTZmMDI4YTkwNDJiNmZlYmZhNjA5YWZhN2EzMzE2NDI0NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRSVNRWjuwxM/hqDVJTvd31IIuVg
bRfyuEe2qu9tud1Ot4mDkbOJFuQHxQzwu4WdBPDOVdOJ8POeFSdi+X0VY82T02nK
HuyO+mc6gbGIVA3wuO/FUuH1a/AbvW7GZRAmhOH7H4pWeWZLinyMGYHfD9bG5DSX
LiAShrYiJXQidRFgbKQGRUkmIVVWbz2M3Xir5zIrQ6V+tp/+oxTwIIrotflqm2K8
DVupWAf2qqecsl4oSGWVrvZi+P9QUaG2TOhKMLDddsymMRx2GUy6dPVXmaMqei8e
JDXvbg5hy2ZnBXMZKgryVHEivZQbo1Il02s2rI5FiF9k0KRtUMyNvh3Q5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJpS5vAoqQQrb+v6YJr6ejMWQkSBMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbWxMbThDaXBCQ3R2Nl9wZ212cDZNeFpDUklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVFyAwQA
LYq1AwQALZcAAwQAVdF5MA0GCSqGSIb3DQEBCwUAA4IBAQChWcVBnp1l50Rq+MmX
H27T3G7azFoJT8dhy71nwvWNchdTl6kNKq/bHHZEMbLu/5hq4FoNq6DtbqQGyQVL
slT+ReUh3SBB4DwSvNwDy6KNdfKTkpOKJ67j7M5wbs9/FQSh142npOzrR277S5mP
NvRdjRaUhZ6q10cF2Ued+4qTUdyj9ZLNkDTsBnvBs1+MNkqx4KVRqx00cOGJ4hcs
YRsHH2EOQcxiYn/Be7c3ht23yY2ZORNOHHJs4xG5TihauLBwlO866ku+63fugtnh
Fe9rFMJOd/vqXuc3X2JsSC3BipZ1ljSfm4vyw5GPuLJiywz5dJccHF0biVsttNNi
8/Jy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org