Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MfPoQrvnAg233Z-lLMU_25MQMNQ.roa
File: MfPoQrvnAg233Z-lLMU_25MQMNQ.roa (raw, json)
Hash identifier: 1Qw52mGLrQdU/30l2rkQm7Z9ar0Afa7stjOSJLaNCkI=
Subject key identifier: 31:F3:E8:42:BB:E7:02:0D:B7:DD:9F:A5:2C:C5:3F:DB:93:10:30:D4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185780D67B9694A3F04CE89D0C2E9EEBE43
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MfPoQrvnAg233Z-lLMU_25MQMNQ.roa
Signing time: Tue 03 Jan 2023 14:33:42 +0000
ROA not before: Tue 03 Jan 2023 14:33:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:0d:67:b9:69:4a:3f:04:ce:89:d0:c2:e9:ee:be:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 3 14:33:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31f3e842bbe7020db7dd9fa52cc53fdb931030d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3c:85:f8:af:5b:e1:66:8c:0a:24:0b:93:e6:
91:2f:c0:24:2f:b1:3a:fb:6b:d9:62:83:62:88:3b:
fb:32:e7:2f:2b:03:87:51:82:e1:0c:25:01:5f:f9:
0d:90:93:6b:b0:ff:de:19:71:0b:55:fb:fe:40:f2:
25:49:2d:16:63:36:db:70:8d:47:b1:e8:86:f4:db:
66:a4:ec:62:98:ec:82:87:5c:77:cc:95:3f:23:a4:
2d:64:99:04:ed:a4:44:dd:64:ef:4c:8f:c3:67:f8:
c3:8e:b9:ba:ae:c3:a0:d6:cb:c2:dc:4d:f0:67:be:
88:f3:0e:17:7d:54:af:51:cd:e1:79:1f:16:0b:1f:
fc:1d:66:21:f6:57:ab:06:dc:78:1c:cf:2b:88:82:
f7:01:a5:bf:b6:72:f5:2a:57:e6:3d:97:ff:0c:78:
90:ee:92:3f:76:7b:b8:57:cf:be:ae:e9:3b:21:fb:
fe:b6:91:45:47:0d:e0:f8:9c:20:8c:5f:74:eb:e3:
0e:ad:4b:1f:cd:bf:fc:ce:51:6b:79:2c:d8:b7:58:
01:d6:5c:1f:2f:05:19:28:15:74:df:a0:d0:a1:09:
8d:6a:9d:99:70:b3:f5:c3:5e:b7:f2:6b:41:a1:2f:
0b:cd:57:20:13:87:9f:03:23:61:9f:8f:89:d8:4e:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F3:E8:42:BB:E7:02:0D:B7:DD:9F:A5:2C:C5:3F:DB:93:10:30:D4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MfPoQrvnAg233Z-lLMU_25MQMNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/24
45.148.119.0/24
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
2d:c3:ba:b0:49:5e:45:32:8e:dc:01:49:47:9f:7d:89:f4:77:
56:38:98:4e:76:e7:bb:9b:94:60:fb:e1:c3:d6:0e:41:97:98:
84:c8:d3:7d:12:71:42:95:54:7c:0a:89:44:bf:52:91:78:85:
23:eb:71:57:24:35:8a:0f:bd:be:6e:7a:0a:8a:b0:ff:5a:be:
01:dc:15:7e:04:85:87:0e:72:07:86:c1:16:58:1e:8c:a3:56:
d7:6a:6f:56:93:e0:ed:8f:d8:6e:74:1f:c0:8f:cd:b5:d8:55:
00:ed:2e:c5:4b:4b:31:6f:40:3e:66:af:4a:e8:25:2c:a8:60:
25:2a:2a:03:04:62:ab:f4:79:08:b6:e9:91:1b:16:1a:4c:0b:
c9:34:9b:12:bb:ff:7e:b2:a2:ad:77:c1:0d:5b:4b:15:2c:aa:
98:cc:3a:ed:bd:33:01:cc:3d:a9:73:c7:4d:fe:ce:71:29:47:
76:6f:83:a9:18:43:e8:78:ba:c2:13:27:f6:24:4f:dc:e7:bf:
d4:7d:42:ec:27:77:7d:44:d4:1d:52:3e:90:2e:a4:76:be:8a:
76:7d:56:c2:80:d6:72:7a:6e:db:97:6d:2e:1b:9e:3f:8e:b7:
0d:a8:90:9d:b8:7c:6a:47:15:4d:69:19:c8:50:23:76:39:cd:
8d:7f:0b:3b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYV4DWe5aUo/BM6J0MLp7r5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAzMTQzMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWYzZTg0MmJiZTcwMjBkYjdkZDlmYTUyY2M1M2ZkYjkzMTAzMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTyF+K9b4WaMCiQLk+aRL8AkL7E6
+2vZYoNiiDv7MucvKwOHUYLhDCUBX/kNkJNrsP/eGXELVfv+QPIlSS0WYzbbcI1H
seiG9NtmpOximOyCh1x3zJU/I6QtZJkE7aRE3WTvTI/DZ/jDjrm6rsOg1svC3E3w
Z76I8w4XfVSvUc3heR8WCx/8HWYh9lerBtx4HM8riIL3AaW/tnL1KlfmPZf/DHiQ
7pI/dnu4V8++ruk7Ifv+tpFFRw3g+JwgjF906+MOrUsfzb/8zlFreSzYt1gB1lwf
LwUZKBV036DQoQmNap2ZcLP1w1638mtBoS8LzVcgE4efAyNhn4+J2E4USwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDHz6EK75wINt92fpSzFP9uTEDDUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTWZQb1Fydm5BZzIzM1otbExNVV8yNU1RTU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZR0AwQA
LZR3AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQAtw7qwSV5FMo7cAUlHn32J
9HdWOJhOdue7m5Rg++HD1g5Bl5iEyNN9EnFClVR8ColEv1KReIUj63FXJDWKD72+
bnoKirD/Wr4B3BV+BIWHDnIHhsEWWB6Mo1bXam9Wk+Dtj9hudB/Aj8212FUA7S7F
S0sxb0A+Zq9K6CUsqGAlKioDBGKr9HkItumRGxYaTAvJNJsSu/9+sqKtd8ENW0sV
LKqYzDrtvTMBzD2pc8dN/s5xKUd2b4OpGEPoeLrCEyf2JE/c57/UfULsJ3d9RNQd
Uj6QLqR2vop2fVbCgNZyem7bl20uG54/jrcNqJCduHxqRxVNaRnIUCN2Oc2Nfws7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org