Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/1MCgfb8lsFKiKazr5axtTPbaaa0.roa
File: 1MCgfb8lsFKiKazr5axtTPbaaa0.roa (raw, json)
Hash identifier: QMx0yPnJCZ6HF8Ux0gx76voxoLYajChDWSBKhIARzNY=
Subject key identifier: D4:C0:A0:7D:BF:25:B0:52:A2:29:AC:EB:E5:AC:6D:4C:F6:DA:69:AD
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018CCFCB7B18A7F29806E2B7126B5E26357A
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/1MCgfb8lsFKiKazr5axtTPbaaa0.roa
Signing time: Wed 03 Jan 2024 14:47:48 +0000
ROA not before: Wed 03 Jan 2024 14:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215938
IP address blocks: 45.134.144.0/24 maxlen: 24
194.145.237.0/24 maxlen: 24
185.245.1.0/24 maxlen: 24
185.245.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 09:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:cb:7b:18:a7:f2:98:06:e2:b7:12:6b:5e:26:35:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 3 14:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4c0a07dbf25b052a229acebe5ac6d4cf6da69ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d6:2d:ee:ab:c9:80:19:a9:d2:80:b7:85:4f:
09:2f:7e:ab:25:fc:d1:a7:a6:2f:f3:9e:ed:46:01:
3c:4b:9e:21:39:49:34:e0:9d:71:a5:22:1f:52:49:
45:2e:39:d4:30:d6:b4:9f:a7:94:88:92:96:e3:08:
df:57:ee:04:09:34:48:9f:37:f3:ab:83:76:98:07:
42:91:08:c0:95:f5:e2:96:de:82:8c:34:ed:ef:31:
83:0d:bb:04:9b:6f:8b:58:2e:80:f5:1a:12:a1:33:
d3:d2:07:8b:7a:75:24:62:53:61:25:13:24:40:f0:
d6:84:67:bf:6b:1a:7e:4b:79:20:7e:98:e0:6b:96:
5e:e0:f9:4d:29:4e:8a:77:cf:28:a1:43:56:0e:71:
b7:cc:d8:5a:bf:13:6f:9f:94:c6:24:1b:a8:a2:43:
94:ff:e5:5d:fc:7e:f9:7f:b9:a5:41:4e:f9:f3:94:
85:c3:cd:48:ae:1b:de:e4:99:f6:95:d1:d0:4c:bd:
cd:58:c0:e6:f5:cf:6d:89:0e:60:ef:5a:6e:26:8f:
f3:69:d0:1f:82:de:6a:6a:8a:f7:da:e9:aa:97:34:
93:f0:5b:c3:1d:24:3e:ab:da:9d:85:d7:f8:94:02:
40:a0:26:86:65:62:c8:b8:07:0f:66:0c:68:fb:c2:
eb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C0:A0:7D:BF:25:B0:52:A2:29:AC:EB:E5:AC:6D:4C:F6:DA:69:AD
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/1MCgfb8lsFKiKazr5axtTPbaaa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.144.0/24
185.245.1.0-185.245.2.255
194.145.237.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c0:13:3d:ec:8d:86:c9:d2:ab:5e:cf:86:53:4a:43:22:88:
87:b6:04:fd:86:88:5f:4d:e0:14:7c:42:8d:51:d6:69:14:9d:
65:c7:76:0d:40:24:05:2b:27:0a:71:17:0b:99:1b:6b:5c:a5:
b0:b1:57:a8:0f:1b:33:49:76:a7:c0:83:9f:70:c4:0b:b4:6b:
9f:73:4e:9e:08:85:be:a7:0d:3b:cd:8f:dd:7f:37:b7:8a:43:
66:60:06:c4:b2:fa:09:e4:fb:46:91:3c:2d:9c:9a:d0:e1:34:
6d:56:09:20:03:c8:92:94:a2:48:24:42:1a:36:0b:1a:a4:88:
59:8d:c8:4b:14:06:9f:c8:ef:f0:8d:48:ed:50:c5:3d:df:a8:
c9:49:d3:ec:16:6d:7d:32:8e:ce:cd:5f:c7:5b:8a:15:83:b2:
96:fd:70:e8:d7:99:3c:df:e9:d9:64:33:e0:ad:b9:af:79:bc:
c1:5f:9d:eb:b2:4a:c6:21:07:78:ac:99:5e:ba:e1:a7:af:b8:
97:44:eb:7f:92:a6:fb:02:36:a1:e3:c9:79:65:f9:d1:30:e2:
57:b7:cc:89:c4:14:00:c0:4e:57:ca:f7:de:64:5b:7e:11:8b:
d5:bd:cc:a9:57:f1:3b:a7:de:fe:39:49:1f:f4:c3:42:31:64:
89:b3:cf:88
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzPy3sYp/KYBuK3EmteJjV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTAzMTQ0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGMwYTA3ZGJmMjViMDUyYTIyOWFjZWJlNWFjNmQ0Y2Y2ZGE2OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9Yt7qvJgBmp0oC3hU8JL36rJfzR
p6Yv857tRgE8S54hOUk04J1xpSIfUklFLjnUMNa0n6eUiJKW4wjfV+4ECTRInzfz
q4N2mAdCkQjAlfXilt6CjDTt7zGDDbsEm2+LWC6A9RoSoTPT0geLenUkYlNhJRMk
QPDWhGe/axp+S3kgfpjga5Ze4PlNKU6Kd88ooUNWDnG3zNhavxNvn5TGJBuookOU
/+Vd/H75f7mlQU7585SFw81Irhve5Jn2ldHQTL3NWMDm9c9tiQ5g71puJo/zadAf
gt5qaor32umqlzST8FvDHSQ+q9qdhdf4lAJAoCaGZWLIuAcPZgxo+8LrcwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNTAoH2/JbBSoims6+WsbUz22mmtMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvMU1DZ2ZiOGxzRktpS2F6cjVheHRUUGJhYWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALYaQMAwD
BAC59QEDBAC59QIDBADCke0wDQYJKoZIhvcNAQELBQADggEBAF3AEz3sjYbJ0qte
z4ZTSkMiiIe2BP2GiF9N4BR8Qo1R1mkUnWXHdg1AJAUrJwpxFwuZG2tcpbCxV6gP
GzNJdqfAg59wxAu0a59zTp4Ihb6nDTvNj91/N7eKQ2ZgBsSy+gnk+0aRPC2cmtDh
NG1WCSADyJKUokgkQho2CxqkiFmNyEsUBp/I7/CNSO1QxT3fqMlJ0+wWbX0yjs7N
X8dbihWDspb9cOjXmTzf6dlkM+Ctua95vMFfneuySsYhB3ismV664aevuJdE63+S
pvsCNqHjyXll+dEw4le3zInEFADATlfK995kW34Ri9W9zKlX8Tun3v45SR/0w0Ix
ZImzz4g=
-----END CERTIFICATE-----
Generated at Thu Jan 18 12:37:41 2024 by rpki-client on console-ams.rpki-client.org