Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/MhvaolDZ2Kh_70-3vvXtN3NuoOk.roa
File: MhvaolDZ2Kh_70-3vvXtN3NuoOk.roa (raw, json)
Hash identifier: lJ7jOJ0ggWWf0eK3N1PbhFAlh6lt2ln6n2v4LgmihB8=
Subject key identifier: 32:1B:DA:A2:50:D9:D8:A8:7F:EF:4F:B7:BE:F5:ED:37:73:6E:A0:E9
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018F2986FAA508048FC749CE35100B845945
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/MhvaolDZ2Kh_70-3vvXtN3NuoOk.roa
Signing time: Mon 29 Apr 2024 11:04:22 +0000
ROA not before: Mon 29 Apr 2024 11:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.133.141.0/24 maxlen: 24
45.133.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 14:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:86:fa:a5:08:04:8f:c7:49:ce:35:10:0b:84:59:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Apr 29 11:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=321bdaa250d9d8a87fef4fb7bef5ed37736ea0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:40:c1:ef:7d:04:77:49:60:69:a3:87:ff:50:
bd:ab:2c:22:12:f2:7a:af:bb:66:17:65:ef:17:cd:
de:45:4f:80:e5:9b:55:b6:ad:7c:a6:50:5b:4e:12:
61:a3:67:be:fc:25:b7:2c:e4:18:6a:95:70:91:6b:
26:50:f5:f9:f0:32:4c:52:99:7a:ad:c5:e8:d9:36:
99:c8:8a:a4:6b:9d:19:6a:71:28:f2:33:78:fc:64:
bd:27:a1:76:3c:16:d3:be:ba:43:5c:34:3c:49:5f:
9f:6e:e1:ff:b9:bf:05:e8:33:53:fb:6a:71:23:2c:
ae:85:7f:c1:d7:9a:f8:77:b8:f2:61:84:c8:3f:a8:
c5:76:66:3b:42:ab:21:27:83:ad:91:69:c9:32:fb:
56:bc:bf:d0:74:c3:8e:52:65:32:5f:b0:fc:1e:c9:
2a:be:f6:14:f1:ab:da:64:03:f9:64:4b:78:11:2a:
13:80:bf:83:ef:08:3b:c3:9d:c5:38:76:c3:20:3d:
49:0d:3d:b8:87:52:2d:62:fa:15:e4:0b:f7:64:b2:
98:22:b7:61:15:c5:8a:82:f9:fd:52:7c:92:64:b1:
3a:15:f9:bf:60:f2:1e:aa:4b:6c:60:62:49:51:f3:
72:6d:71:b0:f4:36:ab:fe:da:2e:ff:86:b8:45:23:
f8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1B:DA:A2:50:D9:D8:A8:7F:EF:4F:B7:BE:F5:ED:37:73:6E:A0:E9
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/MhvaolDZ2Kh_70-3vvXtN3NuoOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.141.0/24
45.133.143.0/24
Signature Algorithm: sha256WithRSAEncryption
14:69:f2:de:41:fd:e6:ef:f7:cf:a2:3c:00:49:b8:8e:a1:20:
57:80:89:ea:a3:74:f3:ba:9c:07:58:9c:d8:89:ed:ac:9c:a8:
03:d4:1d:bc:95:1a:b1:2f:0d:76:00:46:55:2e:90:aa:b3:19:
73:59:54:35:8c:e8:25:a3:db:c7:96:cf:6c:09:96:b8:4a:6a:
85:3f:60:4c:02:73:bd:30:c0:fc:4f:3e:a2:5c:5b:10:ea:01:
5f:75:25:e2:c8:c8:36:13:0d:54:67:19:16:b4:e4:b9:e3:f3:
9d:bb:da:3d:a6:29:b9:aa:b2:e2:2e:66:19:70:36:08:83:13:
02:ef:ba:7c:bb:f0:f6:f3:7d:34:07:4d:dc:0f:8a:14:4f:3b:
3e:d3:f9:69:a6:a6:fd:fd:48:9c:3d:fa:d0:87:fc:24:e3:e9:
17:b8:96:8b:3f:be:d9:f4:74:d0:be:65:5a:9e:69:09:5c:9f:
84:ec:ff:8b:ba:8c:f3:75:6f:7f:35:86:ce:82:40:b6:55:ad:
c4:e2:30:ac:67:23:d6:7a:1f:fb:0d:94:1e:77:56:88:b8:bb:
00:f7:8a:7f:fe:40:fb:4b:57:31:46:4b:b4:bc:0b:e8:75:7f:
a9:21:7e:97:d7:1c:0d:01:8f:5d:a1:90:a0:28:88:a2:42:b8:
6d:6e:57:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8phvqlCASPx0nONRALhFlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwNDI5MTEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjFiZGFhMjUwZDlkOGE4N2ZlZjRmYjdiZWY1ZWQzNzczNmVhMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0DB730Ed0lgaaOH/1C9qywiEvJ6
r7tmF2XvF83eRU+A5ZtVtq18plBbThJho2e+/CW3LOQYapVwkWsmUPX58DJMUpl6
rcXo2TaZyIqka50ZanEo8jN4/GS9J6F2PBbTvrpDXDQ8SV+fbuH/ub8F6DNT+2px
IyyuhX/B15r4d7jyYYTIP6jFdmY7QqshJ4OtkWnJMvtWvL/QdMOOUmUyX7D8Hskq
vvYU8avaZAP5ZEt4ESoTgL+D7wg7w53FOHbDID1JDT24h1ItYvoV5Av3ZLKYIrdh
FcWKgvn9UnySZLE6Ffm/YPIeqktsYGJJUfNybXGw9Dar/tou/4a4RSP4xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDIb2qJQ2diof+9Pt7717TdzbqDpMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvTWh2YW9sRFoyS2hfNzAtM3Z2WHROM051b09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYWNAwQA
LYWPMA0GCSqGSIb3DQEBCwUAA4IBAQAUafLeQf3m7/fPojwASbiOoSBXgInqo3Tz
upwHWJzYie2snKgD1B28lRqxLw12AEZVLpCqsxlzWVQ1jOglo9vHls9sCZa4SmqF
P2BMAnO9MMD8Tz6iXFsQ6gFfdSXiyMg2Ew1UZxkWtOS54/Odu9o9pim5qrLiLmYZ
cDYIgxMC77p8u/D28300B03cD4oUTzs+0/lppqb9/UicPfrQh/wk4+kXuJaLP77Z
9HTQvmVanmkJXJ+E7P+LuozzdW9/NYbOgkC2Va3E4jCsZyPWeh/7DZQed1aIuLsA
94p//kD7S1cxRku0vAvodX+pIX6X1xwNAY9doZCgKIiiQrhtbleq
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:58 2025 by rpki-client