Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/mZhfx-HKRtb5hvNjCyNEZYdLVW4.roa
File: mZhfx-HKRtb5hvNjCyNEZYdLVW4.roa (raw, json)
Hash identifier: sT1FbCkQTJ7fMURQdK4gUfSKYx1ghq9zd2xwXCrouE0=
Subject key identifier: 99:98:5F:C7:E1:CA:46:D6:F9:86:F3:63:0B:23:44:65:87:4B:55:6E
Certificate issuer: /CN=f4ef5dba100a92b2444f3e512d01a592c01951c2
Certificate serial: 018CFE0DB6DD8CE9159AF7CF878DFB5FD5A9
Authority key identifier: F4:EF:5D:BA:10:0A:92:B2:44:4F:3E:51:2D:01:A5:92:C0:19:51:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9O9duhAKkrJETz5RLQGlksAZUcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/mZhfx-HKRtb5hvNjCyNEZYdLVW4.roa
Signing time: Fri 12 Jan 2024 14:22:40 +0000
ROA not before: Fri 12 Jan 2024 14:22:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203089
IP address blocks: 45.148.214.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 05:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:0d:b6:dd:8c:e9:15:9a:f7:cf:87:8d:fb:5f:d5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4ef5dba100a92b2444f3e512d01a592c01951c2
Validity
Not Before: Jan 12 14:22:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99985fc7e1ca46d6f986f3630b234465874b556e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fb:65:90:b7:6a:6f:78:33:2a:53:49:e4:b5:
0c:3f:b2:a9:83:17:15:24:b4:27:a6:3a:04:02:33:
7a:99:c3:2f:8c:b9:a3:cc:02:ca:32:19:f5:bb:c4:
33:6f:9f:41:3a:08:98:79:82:31:89:a1:b6:d1:92:
7d:82:c8:82:05:01:6d:ef:4c:62:93:ea:66:e6:c2:
bc:de:1d:38:ed:c5:98:07:32:c8:e5:a0:5e:95:e3:
50:cf:a1:0f:95:57:21:ad:94:81:bc:52:4d:17:4d:
ee:6f:bd:3d:02:78:35:6b:c3:01:cf:c4:99:ce:88:
71:f6:e6:b3:01:fd:63:ab:48:ae:a1:74:e2:d0:f7:
e1:79:6f:62:f3:f2:58:73:3c:4c:a5:ee:bd:ae:ec:
1f:83:0c:d5:d8:d7:0d:16:d2:b4:d8:bc:ae:0c:ef:
50:11:dc:99:79:88:89:cb:b4:f7:84:eb:02:76:c3:
c7:20:63:fa:f0:5b:89:6e:c1:0f:7d:d5:fb:7b:c5:
ec:67:a1:5e:e7:0d:53:87:2e:9c:96:3d:f4:eb:37:
0a:ec:62:8a:84:06:c4:26:8e:3d:0b:44:58:f0:39:
35:6a:4d:73:a4:33:6a:a8:fd:d4:98:0b:f1:09:0d:
9b:aa:7f:d6:f2:22:1b:2c:bc:0a:33:79:a1:d6:3c:
ce:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:98:5F:C7:E1:CA:46:D6:F9:86:F3:63:0B:23:44:65:87:4B:55:6E
X509v3 Authority Key Identifier:
keyid:F4:EF:5D:BA:10:0A:92:B2:44:4F:3E:51:2D:01:A5:92:C0:19:51:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O9duhAKkrJETz5RLQGlksAZUcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/mZhfx-HKRtb5hvNjCyNEZYdLVW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/9O9duhAKkrJETz5RLQGlksAZUcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.214.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:15:29:d2:ef:24:d2:73:1e:7e:5a:2a:56:ed:1b:a2:7a:25:
09:25:27:34:07:32:ea:06:91:81:e5:6c:79:78:78:32:a6:1d:
7d:21:50:b1:b0:db:47:82:4e:c6:46:7c:05:c1:6a:fa:d1:99:
0b:7b:a2:e5:8a:d0:44:4d:88:db:ea:9b:e2:39:a7:ef:c5:4d:
a4:91:96:14:cf:36:b6:8b:0a:81:a5:96:61:5f:10:a0:ee:29:
84:11:d2:dc:8e:b5:cc:f4:dc:84:94:03:e8:b7:02:bd:ab:70:
be:df:d8:2e:c0:89:b6:ec:e7:f0:9a:94:a5:7c:fa:ff:b9:87:
94:c6:04:82:09:b5:b9:fb:5f:98:ee:94:f5:e0:6c:eb:c4:00:
29:84:7c:2c:87:6a:ad:e5:ed:0c:2f:98:d6:fe:bc:19:9f:ce:
a1:cf:88:b2:db:d9:a3:d1:37:3d:42:ff:fa:c4:e1:2f:6e:bb:
86:40:6f:03:9f:35:47:e1:86:af:58:59:32:2d:4e:e0:6d:35:
21:dd:84:17:b8:a1:8e:08:c9:12:03:c3:00:ef:17:e1:ca:d2:
82:3f:c7:65:e9:b4:00:0d:47:fb:3b:c3:9d:f1:d9:47:31:36:
99:e7:1b:98:6f:a2:6e:ee:44:32:51:ba:ea:15:be:3f:b4:5b:
dd:8e:d3:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz+DbbdjOkVmvfPh437X9WpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWY1ZGJhMTAwYTkyYjI0NDRmM2U1MTJkMDFhNTkyYzAx
OTUxYzIwHhcNMjQwMTEyMTQyMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk4NWZjN2UxY2E0NmQ2Zjk4NmYzNjMwYjIzNDQ2NTg3NGI1NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovtlkLdqb3gzKlNJ5LUMP7KpgxcV
JLQnpjoEAjN6mcMvjLmjzALKMhn1u8Qzb59BOgiYeYIxiaG20ZJ9gsiCBQFt70xi
k+pm5sK83h047cWYBzLI5aBeleNQz6EPlVchrZSBvFJNF03ub709Ang1a8MBz8SZ
zohx9uazAf1jq0iuoXTi0PfheW9i8/JYczxMpe69ruwfgwzV2NcNFtK02LyuDO9Q
EdyZeYiJy7T3hOsCdsPHIGP68FuJbsEPfdX7e8XsZ6Fe5w1Thy6clj306zcK7GKK
hAbEJo49C0RY8Dk1ak1zpDNqqP3UmAvxCQ2bqn/W8iIbLLwKM3mh1jzOdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmYX8fhykbW+YbzYwsjRGWHS1VuMB8GA1UdIwQY
MBaAFPTvXboQCpKyRE8+US0BpZLAGVHCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU85ZHVoQUtrckpFVHo1UkxRR2xrc0FaVWNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iMzViZTEtNjY3My00ODExLWE3MDct
YWQwMjdlOTVjNWM3LzEvbVpoZngtSEtSdGI1aHZOakN5TkVaWWRMVlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iMzViZTEtNjY3My00ODExLWE3MDctYWQwMjdlOTVjNWM3
LzEvOU85ZHVoQUtrckpFVHo1UkxRR2xrc0FaVWNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZTWMA0G
CSqGSIb3DQEBCwUAA4IBAQChFSnS7yTScx5+WipW7RuieiUJJSc0BzLqBpGB5Wx5
eHgyph19IVCxsNtHgk7GRnwFwWr60ZkLe6LlitBETYjb6pviOafvxU2kkZYUzza2
iwqBpZZhXxCg7imEEdLcjrXM9NyElAPotwK9q3C+39guwIm27OfwmpSlfPr/uYeU
xgSCCbW5+1+Y7pT14GzrxAAphHwsh2qt5e0ML5jW/rwZn86hz4iy29mj0Tc9Qv/6
xOEvbruGQG8DnzVH4YavWFkyLU7gbTUh3YQXuKGOCMkSA8MA7xfhytKCP8dl6bQA
DUf7O8Od8dlHMTaZ5xuYb6Ju7kQyUbrqFb4/tFvdjtPT
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:34:04 2024 by rpki-client on console-fra.rpki-client.org