Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Mln_eF_bJSDUevF0RO1SqMyotIQ.roa
File: Mln_eF_bJSDUevF0RO1SqMyotIQ.roa (raw, json)
Hash identifier: o6JXVJCEbDLX2Lg09X8H/Mr6p4eMKqjzrD2AL5OEIEs=
Subject key identifier: 32:59:FF:78:5F:DB:25:20:D4:7A:F1:74:44:ED:52:A8:CC:A8:B4:84
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018C8CB0AEEAEE55D343DFDC9A45AED66835
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Mln_eF_bJSDUevF0RO1SqMyotIQ.roa
Signing time: Thu 21 Dec 2023 14:03:58 +0000
ROA not before: Thu 21 Dec 2023 14:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 45.150.32.0/23 maxlen: 23
45.150.34.0/23 maxlen: 23
104.239.50.0/24 maxlen: 24
104.239.49.0/24 maxlen: 24
104.239.51.0/24 maxlen: 24
104.239.47.0/24 maxlen: 24
104.238.26.0/24 maxlen: 24
104.238.29.0/24 maxlen: 24
45.43.164.0/23 maxlen: 23
104.233.63.0/24 maxlen: 24
104.233.61.0/24 maxlen: 24
104.233.62.0/24 maxlen: 24
104.233.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:b0:ae:ea:ee:55:d3:43:df:dc:9a:45:ae:d6:68:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Dec 21 14:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3259ff785fdb2520d47af17444ed52a8cca8b484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1f:6c:88:a6:43:2e:10:ff:23:f3:91:c9:16:
c9:1a:fb:52:12:58:4f:47:9b:24:0f:cd:56:f5:06:
23:58:54:bd:22:5f:28:6f:da:d6:be:4b:8e:2d:52:
73:ca:94:d4:3b:35:7d:9b:bc:4b:30:06:d9:02:6c:
08:85:05:c0:c2:a1:a6:4e:d4:63:6e:03:2d:d2:9c:
a1:ba:a6:e2:27:a3:2c:63:eb:15:ec:a7:03:c9:5a:
ea:0d:96:4a:be:2d:d7:6e:3f:81:1e:2e:86:56:56:
7b:34:ef:b3:2f:78:a3:56:58:bc:67:7b:e8:7e:8e:
1a:8f:12:e4:fb:0a:ba:a3:91:b8:b9:29:7c:3a:55:
ce:b2:2f:88:b0:49:30:3f:2d:fc:3c:b4:2d:07:41:
d7:34:6f:2f:08:2c:8d:5c:32:b7:27:16:2f:90:eb:
d9:65:35:3c:57:d2:a8:34:a3:48:38:d7:f1:f2:67:
58:04:7f:ce:84:38:35:27:8e:44:39:a3:85:cc:8e:
52:2d:57:09:2e:d5:3c:e7:e8:ab:47:fc:68:ea:a3:
43:c5:63:b5:ab:76:26:3c:b3:72:c4:a7:8c:c4:d2:
62:0d:45:42:05:c2:20:2b:8f:05:34:b3:3c:ac:b4:
13:a3:f8:6e:e8:f0:4f:cf:96:43:ba:24:69:f4:8d:
67:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:59:FF:78:5F:DB:25:20:D4:7A:F1:74:44:ED:52:A8:CC:A8:B4:84
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Mln_eF_bJSDUevF0RO1SqMyotIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.164.0/23
45.150.32.0/22
104.233.60.0/22
104.238.26.0/24
104.238.29.0/24
104.239.47.0/24
104.239.49.0-104.239.51.255
Signature Algorithm: sha256WithRSAEncryption
42:5b:bc:a8:c2:2c:b2:e0:49:78:9d:95:3e:fb:c9:0b:cc:fb:
39:b1:7e:01:52:cf:f7:ca:0b:e8:b9:74:6d:7e:2c:3e:ab:f1:
07:f3:0f:da:a4:6e:94:88:06:fd:42:4d:61:a7:a0:c2:5b:68:
61:c0:cd:87:dd:ac:49:ba:bd:ff:cf:2f:69:98:df:a4:60:f3:
35:1c:2d:22:31:f4:56:7f:24:0e:d2:90:30:6e:8f:fe:8b:eb:
aa:ab:66:d2:2a:77:be:bb:76:cb:07:f5:5c:ba:11:af:d6:78:
44:46:a1:db:12:cd:da:a1:cf:79:82:39:7e:5c:ae:03:04:38:
b0:b4:41:82:ec:f5:c2:59:88:15:e1:3b:93:b6:09:e2:47:e2:
22:8c:0c:30:70:3d:e0:6f:d7:96:bf:e8:ab:44:9e:23:ec:fe:
dc:6f:3b:56:dd:83:64:df:18:57:ed:fe:d0:3d:ae:f8:16:88:
b0:c5:dc:71:6b:01:c4:fe:1a:25:af:13:a1:af:e4:ea:8f:6f:
1f:38:40:d5:ae:01:0b:38:ae:95:63:65:6b:11:4d:20:52:c0:
d7:70:d9:e8:0a:93:93:c7:7d:d9:db:88:d1:7d:44:0b:50:da:
6f:b0:a3:b6:b5:62:4e:33:ac:11:73:c2:2c:29:de:8c:ab:ce:
91:a6:4b:e2
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYyMsK7q7lXTQ9/cmkWu1mg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMxMjIxMTQwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjU5ZmY3ODVmZGIyNTIwZDQ3YWYxNzQ0NGVkNTJhOGNjYThiNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR9siKZDLhD/I/ORyRbJGvtSElhP
R5skD81W9QYjWFS9Il8ob9rWvkuOLVJzypTUOzV9m7xLMAbZAmwIhQXAwqGmTtRj
bgMt0pyhuqbiJ6MsY+sV7KcDyVrqDZZKvi3Xbj+BHi6GVlZ7NO+zL3ijVli8Z3vo
fo4ajxLk+wq6o5G4uSl8OlXOsi+IsEkwPy38PLQtB0HXNG8vCCyNXDK3JxYvkOvZ
ZTU8V9KoNKNIONfx8mdYBH/OhDg1J45EOaOFzI5SLVcJLtU85+irR/xo6qNDxWO1
q3YmPLNyxKeMxNJiDUVCBcIgK48FNLM8rLQTo/hu6PBPz5ZDuiRp9I1nRwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDJZ/3hf2yUg1HrxdETtUqjMqLSEMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTWxuX2VGX2JKU0RVZXZGMFJPMVNxTXlvdElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBLSukAwQC
LZYgAwQCaOk8AwQAaO4aAwQAaO4dAwQAaO8vMAwDBABo7zEDBAJo7zAwDQYJKoZI
hvcNAQELBQADggEBAEJbvKjCLLLgSXidlT77yQvM+zmxfgFSz/fKC+i5dG1+LD6r
8QfzD9qkbpSIBv1CTWGnoMJbaGHAzYfdrEm6vf/PL2mY36Rg8zUcLSIx9FZ/JA7S
kDBuj/6L66qrZtIqd767dssH9Vy6Ea/WeERGodsSzdqhz3mCOX5crgMEOLC0QYLs
9cJZiBXhO5O2CeJH4iKMDDBwPeBv15a/6KtEniPs/txvO1bdg2TfGFft/tA9rvgW
iLDF3HFrAcT+GiWvE6Gv5OqPbx84QNWuAQs4rpVjZWsRTSBSwNdw2egKk5PHfdnb
iNF9RAtQ2m+wo7a1Yk4zrBFzwiwp3oyrzpGmS+I=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:40 2024 by rpki-client on console-fra.rpki-client.org