Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/M2iNfEZXHM9tFkDQ8sWV4YLVW3g.roa
File: M2iNfEZXHM9tFkDQ8sWV4YLVW3g.roa (raw, json)
Hash identifier: SeQzt5rzCKGnrtfSNV0/vTEw4Mt13kiOCKoTyfQcLkE=
Subject key identifier: 33:68:8D:7C:46:57:1C:CF:6D:16:40:D0:F2:C5:95:E1:82:D5:5B:78
Certificate issuer: /CN=84c17102b6e92e292ec8acaf659e3c290a8d0b68
Certificate serial: 018C242F7EB6914E948F9DE43C0447026F38
Authority key identifier: 84:C1:71:02:B6:E9:2E:29:2E:C8:AC:AF:65:9E:3C:29:0A:8D:0B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hMFxArbpLikuyKyvZZ48KQqNC2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/M2iNfEZXHM9tFkDQ8sWV4YLVW3g.roa
Signing time: Fri 01 Dec 2023 07:02:21 +0000
ROA not before: Fri 01 Dec 2023 07:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212752
IP address blocks: 45.90.83.0/24 maxlen: 24
45.90.82.0/24 maxlen: 24
91.240.165.0/24 maxlen: 24
2a10:b480::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 05 Dec 2023 10:03:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:2f:7e:b6:91:4e:94:8f:9d:e4:3c:04:47:02:6f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84c17102b6e92e292ec8acaf659e3c290a8d0b68
Validity
Not Before: Dec 1 07:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33688d7c46571ccf6d1640d0f2c595e182d55b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a2:9a:d5:df:2c:6d:bb:57:4b:9a:54:be:b3:
73:34:52:c8:d6:23:7f:9c:82:f5:64:69:3d:ea:ee:
9c:54:c1:ae:0d:bd:af:eb:0f:bc:6c:56:1e:13:c3:
bb:5b:e8:a6:2a:47:1d:b2:b9:c5:a9:4b:7a:de:f0:
1a:81:3f:ee:a5:32:f1:82:cb:3b:8d:f8:87:b5:b6:
98:2f:98:eb:6a:ae:76:1f:36:ad:ee:74:10:74:b6:
b1:53:2b:34:30:f6:9a:f2:01:eb:e5:cd:53:4f:1d:
8d:3c:58:c9:ab:29:da:7d:01:bc:83:31:51:ea:bb:
16:65:77:da:9d:2c:13:52:a3:1d:23:58:5b:db:ef:
cf:6a:e7:f7:9c:5f:a6:c7:04:ca:91:90:85:ce:35:
19:ed:69:d0:c2:13:61:9a:e6:af:63:7e:f0:55:87:
4e:d7:a9:79:bb:9d:34:ec:17:7b:76:da:5d:69:8a:
2f:87:16:3e:13:25:01:67:b5:63:35:08:88:1c:c2:
a6:5f:30:9e:91:00:e6:fc:a7:cb:48:f6:a3:fd:7d:
95:b1:8c:9f:68:5f:a1:6f:bb:9b:34:52:78:5b:fd:
36:7b:66:fa:61:0b:23:b3:0a:e5:f7:62:5a:1a:a0:
4c:ae:23:95:ce:44:23:1e:9b:25:29:8a:d2:1d:a4:
37:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:68:8D:7C:46:57:1C:CF:6D:16:40:D0:F2:C5:95:E1:82:D5:5B:78
X509v3 Authority Key Identifier:
keyid:84:C1:71:02:B6:E9:2E:29:2E:C8:AC:AF:65:9E:3C:29:0A:8D:0B:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hMFxArbpLikuyKyvZZ48KQqNC2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/M2iNfEZXHM9tFkDQ8sWV4YLVW3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/hMFxArbpLikuyKyvZZ48KQqNC2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.82.0/23
91.240.165.0/24
IPv6:
2a10:b480::/29
Signature Algorithm: sha256WithRSAEncryption
9b:b0:57:9d:78:c6:79:37:c8:4a:3f:5a:4c:cb:13:ac:10:ef:
0f:fb:51:6a:0b:d1:cf:da:50:f7:e9:b4:ea:b2:a3:9c:90:28:
43:1d:36:96:2e:92:c4:c9:1a:05:98:d1:c2:8d:53:d1:af:04:
e9:61:fa:a1:2b:0e:76:60:74:5a:b0:70:0f:ff:b1:b3:8f:a3:
2e:79:e4:38:dd:b9:5f:fd:22:c9:32:a4:f7:62:d3:56:5c:dd:
d1:d5:99:c2:48:cb:e4:c9:9a:c3:33:c9:7c:bd:ba:2d:b3:f8:
7c:17:cf:d7:41:fe:a0:8a:1d:c9:50:3e:18:f1:cd:c0:ce:08:
18:74:12:03:e4:16:ba:af:6d:03:dc:a7:88:83:50:03:d1:bb:
3e:f8:c7:2f:eb:64:bf:5c:49:77:a7:43:db:0a:08:87:c7:f3:
63:b0:90:0f:1f:9a:e0:94:0e:dc:df:76:41:7a:3d:85:c7:48:
cc:9b:52:60:12:f1:cd:0c:83:d5:22:9c:4c:b9:16:ae:ee:07:
7b:6d:c0:f9:a7:78:f9:62:4a:8d:da:7d:de:64:39:46:36:e0:
fe:e0:63:0b:98:0a:17:f3:21:d8:ca:e1:c9:83:4b:86:64:37:
11:a1:1b:4a:7e:05:9c:2d:e6:9c:3c:d6:f6:83:37:06:53:73:
d5:54:be:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYwkL362kU6Uj53kPARHAm84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YzE3MTAyYjZlOTJlMjkyZWM4YWNhZjY1OWUzYzI5MGE4
ZDBiNjgwHhcNMjMxMjAxMDcwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzY4OGQ3YzQ2NTcxY2NmNmQxNjQwZDBmMmM1OTVlMTgyZDU1Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqKa1d8sbbtXS5pUvrNzNFLI1iN/
nIL1ZGk96u6cVMGuDb2v6w+8bFYeE8O7W+imKkcdsrnFqUt63vAagT/upTLxgss7
jfiHtbaYL5jraq52Hzat7nQQdLaxUys0MPaa8gHr5c1TTx2NPFjJqynafQG8gzFR
6rsWZXfanSwTUqMdI1hb2+/Pauf3nF+mxwTKkZCFzjUZ7WnQwhNhmuavY37wVYdO
16l5u5007Bd7dtpdaYovhxY+EyUBZ7VjNQiIHMKmXzCekQDm/KfLSPaj/X2VsYyf
aF+hb7ubNFJ4W/02e2b6YQsjswrl92JaGqBMriOVzkQjHpslKYrSHaQ3iQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDNojXxGVxzPbRZA0PLFleGC1Vt4MB8GA1UdIwQY
MBaAFITBcQK26S4pLsisr2WePCkKjQtoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE1GeEFyYnBMaWt1eUt5dlpaNDhLUXFOQzJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82ZDU2OWQtYzQ0Yi00YzM0LWExNTkt
ZDU4M2Y5YTY2ZTNiLzEvTTJpTmZFWlhITTl0RmtEUThzV1Y0WUxWVzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82ZDU2OWQtYzQ0Yi00YzM0LWExNTktZDU4M2Y5YTY2ZTNi
LzEvaE1GeEFyYnBMaWt1eUt5dlpaNDhLUXFOQzJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLVpSAwQA
W/ClMA0EAgACMAcDBQMqELSAMA0GCSqGSIb3DQEBCwUAA4IBAQCbsFedeMZ5N8hK
P1pMyxOsEO8P+1FqC9HP2lD36bTqsqOckChDHTaWLpLEyRoFmNHCjVPRrwTpYfqh
Kw52YHRasHAP/7Gzj6MueeQ43blf/SLJMqT3YtNWXN3R1ZnCSMvkyZrDM8l8vbot
s/h8F8/XQf6gih3JUD4Y8c3AzggYdBID5Ba6r20D3KeIg1AD0bs++Mcv62S/XEl3
p0PbCgiHx/NjsJAPH5rglA7c33ZBej2Fx0jMm1JgEvHNDIPVIpxMuRau7gd7bcD5
p3j5YkqN2n3eZDlGNuD+4GMLmAoX8yHYyuHJg0uGZDcRoRtKfgWcLeacPNb2gzcG
U3PVVL5/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:55 2024 by rpki-client on console-ams.rpki-client.org