Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Mf2AkeRQAnvTUOUQpICSNAt9e1k.roa
File: Mf2AkeRQAnvTUOUQpICSNAt9e1k.roa (raw, json)
Hash identifier: BfvdKk2wmxm69+V1qjgf6rnGQhMB2WubAxDdt84p3aU=
Subject key identifier: 31:FD:80:91:E4:50:02:7B:D3:50:E5:10:A4:80:92:34:0B:7D:7B:59
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01894588AABC3D5309ABA377640AA16D1F28
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Mf2AkeRQAnvTUOUQpICSNAt9e1k.roa
Signing time: Tue 11 Jul 2023 15:18:51 +0000
ROA not before: Tue 11 Jul 2023 15:18:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48108
IP address blocks: 193.43.146.0/24 maxlen: 24
45.93.9.0/24 maxlen: 24
45.93.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:45:88:aa:bc:3d:53:09:ab:a3:77:64:0a:a1:6d:1f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jul 11 15:18:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31fd8091e450027bd350e510a48092340b7d7b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b3:6f:8a:57:45:a5:42:66:af:ac:35:e2:4c:
db:ab:24:74:e2:ca:5d:e3:f0:ec:36:95:2b:89:e1:
9c:04:fd:df:2a:ba:cc:de:22:87:b7:78:2c:0c:43:
9f:5e:42:5b:48:db:1f:fb:ee:bb:8b:3a:37:3d:d4:
1b:25:10:5f:35:e9:93:db:2f:0e:18:55:b7:b0:94:
27:54:3a:03:e6:a5:73:5b:77:f8:39:0f:02:a5:3d:
17:66:30:8a:29:ed:f8:47:c9:8d:df:fc:13:b0:21:
41:42:0f:2c:49:7e:d3:65:1a:aa:11:8f:19:fc:71:
7a:95:6d:95:28:3e:46:6f:25:34:92:a1:0d:2a:22:
29:2e:30:8c:12:c8:95:bf:82:57:1a:3e:d4:45:20:
e0:d3:e5:45:b0:49:0a:14:1b:6f:f5:89:6b:43:e7:
5b:88:f8:13:ee:ef:43:da:55:45:f9:91:36:68:0b:
3d:3d:79:31:22:94:e9:23:32:7c:18:0c:b3:dd:43:
57:a1:b2:df:9d:49:da:df:9c:8a:cc:b7:7b:9c:b3:
10:17:55:b3:eb:09:7b:bb:60:8f:f5:30:a4:86:5b:
6b:0a:20:3b:b9:e3:76:3c:c1:bf:1f:8b:b0:7e:90:
b3:5e:57:c4:bb:c6:c9:8f:1a:c4:6c:f2:74:4f:a5:
34:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FD:80:91:E4:50:02:7B:D3:50:E5:10:A4:80:92:34:0B:7D:7B:59
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Mf2AkeRQAnvTUOUQpICSNAt9e1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.8.0/23
193.43.146.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:3b:9b:f2:3d:c9:fa:da:08:96:68:12:28:30:26:0e:b3:07:
1a:df:0e:d2:ba:c4:87:e7:f2:a8:ba:97:ed:c6:be:d7:77:60:
4c:84:04:69:a7:ad:83:c4:68:2a:ba:f2:9d:84:0f:d6:62:65:
8c:32:8f:d6:1c:95:0a:88:0d:69:57:82:76:d9:86:d5:56:43:
05:18:81:6c:25:53:39:74:a4:88:2a:70:83:66:44:88:84:72:
58:a4:3d:6d:e9:79:9a:66:db:30:4d:f9:c9:24:3f:a2:e5:6a:
21:a9:1f:18:5f:eb:82:a5:e3:af:25:ae:24:5a:2c:df:c3:db:
f5:18:00:94:75:f1:1c:61:28:dc:ed:88:7e:6a:04:d8:75:7a:
25:74:e3:f3:4d:ee:64:28:4f:cf:04:8f:5a:30:ff:39:7c:99:
80:c5:e2:5b:31:4e:93:58:47:04:2d:fb:ef:89:ca:c0:52:5c:
de:c1:6b:28:24:83:fe:31:3b:01:c6:59:d3:16:4c:db:0a:7b:
ba:df:71:ad:dc:00:2f:22:ad:2d:90:a5:dd:b6:42:4b:77:bb:
68:a6:ba:7b:34:05:a0:5d:c6:e1:66:ca:b6:d1:dc:a7:8d:ea:
28:e9:f5:2b:89:d8:a8:57:f3:57:ad:bf:ba:61:16:78:38:e5:
18:11:18:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlFiKq8PVMJq6N3ZAqhbR8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwNzExMTUxODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWZkODA5MWU0NTAwMjdiZDM1MGU1MTBhNDgwOTIzNDBiN2Q3YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLNvildFpUJmr6w14kzbqyR04spd
4/DsNpUrieGcBP3fKrrM3iKHt3gsDEOfXkJbSNsf++67izo3PdQbJRBfNemT2y8O
GFW3sJQnVDoD5qVzW3f4OQ8CpT0XZjCKKe34R8mN3/wTsCFBQg8sSX7TZRqqEY8Z
/HF6lW2VKD5GbyU0kqENKiIpLjCMEsiVv4JXGj7URSDg0+VFsEkKFBtv9YlrQ+db
iPgT7u9D2lVF+ZE2aAs9PXkxIpTpIzJ8GAyz3UNXobLfnUna35yKzLd7nLMQF1Wz
6wl7u2CP9TCkhltrCiA7ueN2PMG/H4uwfpCzXlfEu8bJjxrEbPJ0T6U0AwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDH9gJHkUAJ701DlEKSAkjQLfXtZMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvTWYyQWtlUlFBbnZUVU9VUXBJQ1NOQXQ5ZTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLV0IAwQA
wSuSMA0GCSqGSIb3DQEBCwUAA4IBAQDHO5vyPcn62giWaBIoMCYOswca3w7SusSH
5/Koupftxr7Xd2BMhARpp62DxGgquvKdhA/WYmWMMo/WHJUKiA1pV4J22YbVVkMF
GIFsJVM5dKSIKnCDZkSIhHJYpD1t6XmaZtswTfnJJD+i5WohqR8YX+uCpeOvJa4k
Wizfw9v1GACUdfEcYSjc7Yh+agTYdXoldOPzTe5kKE/PBI9aMP85fJmAxeJbMU6T
WEcELfvvicrAUlzewWsoJIP+MTsBxlnTFkzbCnu633Gt3AAvIq0tkKXdtkJLd7to
prp7NAWgXcbhZsq20dynjeoo6fUridioV/NXrb+6YRZ4OOUYERgl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:18 2024 by rpki-client on console-ams.rpki-client.org