Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/MoKlcSYgjReuwy81Bl7F6JcT-lg.roa
File: MoKlcSYgjReuwy81Bl7F6JcT-lg.roa (raw, json)
Hash identifier: BXQBNrGMG760ZMvKK59Jhh46bNxriD+MgG+ElOCu9r0=
Subject key identifier: 32:82:A5:71:26:20:8D:17:AE:C3:2F:35:06:5E:C5:E8:97:13:FA:58
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 018CCA2BB9B2DB9D25655D5F0F7FC1617E27
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/MoKlcSYgjReuwy81Bl7F6JcT-lg.roa
Signing time: Tue 02 Jan 2024 12:35:12 +0000
ROA not before: Tue 02 Jan 2024 12:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206198
IP address blocks: 84.245.88.0/23 maxlen: 23
85.248.24.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b9:b2:db:9d:25:65:5d:5f:0f:7f:c1:61:7e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 2 12:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3282a57126208d17aec32f35065ec5e89713fa58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b6:51:d0:3b:41:5e:80:9f:88:e2:f6:f2:37:
c2:09:e6:56:02:4b:44:ec:13:b1:57:b3:80:b0:cb:
b8:e9:ba:71:e8:15:ea:35:b5:2b:7d:17:84:92:14:
7e:c6:37:49:8e:df:ea:e1:80:f5:40:47:e2:1d:c9:
7a:b3:bd:e9:4d:95:e9:11:44:ef:33:85:a3:ff:96:
82:76:53:2c:f8:1e:8d:d6:07:d8:0d:8e:81:c3:82:
80:23:d6:7a:d8:6a:28:4f:ff:71:e9:b6:32:db:f2:
65:9e:df:09:e9:3c:4a:83:8d:85:72:10:da:ec:a8:
92:7f:0a:b2:7d:92:47:27:aa:8b:b6:e4:7e:dc:5a:
a8:90:4c:47:2d:ce:65:e4:3d:a7:9c:aa:ca:10:03:
8c:bd:30:c7:47:40:6c:b7:1b:13:55:8f:b7:27:43:
c7:b6:a1:79:2a:65:b8:64:e6:6b:95:ba:d0:7b:f5:
ea:bb:ce:6e:9a:2d:db:c6:87:6c:35:00:3c:90:64:
c2:e5:73:fc:6d:91:e9:b6:ee:40:31:14:0b:04:cb:
20:a6:48:0b:02:c1:e0:39:f2:3f:19:11:d5:91:65:
64:dd:16:b4:2f:50:53:1d:08:d7:3a:67:7e:9d:95:
2d:68:3e:53:19:68:f8:1b:c1:d4:f5:a4:f5:b7:92:
2a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:82:A5:71:26:20:8D:17:AE:C3:2F:35:06:5E:C5:E8:97:13:FA:58
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/MoKlcSYgjReuwy81Bl7F6JcT-lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.245.88.0/23
85.248.24.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:55:62:e3:2d:c5:6f:1e:59:b3:76:9f:56:4c:8d:6f:12:ff:
4c:28:32:14:77:dd:ac:de:e6:97:60:df:71:e5:eb:57:62:41:
21:6d:09:cb:2a:de:7b:33:e5:4b:42:c8:42:e5:60:d9:6f:7f:
8f:82:59:da:4c:ed:c7:6f:7b:d4:a4:b4:da:c9:97:4d:bf:7b:
5e:b3:12:98:13:cb:31:d0:db:03:bf:31:88:a9:60:2f:17:43:
26:c5:18:cf:25:aa:4f:e1:c0:84:86:5b:41:b8:80:cc:9e:8c:
14:ed:38:9d:81:33:2d:fa:9b:6e:9e:22:72:d3:14:87:d5:1d:
c9:7d:56:36:48:da:b3:f9:ca:7f:ed:7f:f1:a6:cb:83:96:c8:
37:9c:c8:06:b8:aa:8b:5f:0e:f9:17:f2:df:b0:57:3a:78:fa:
20:69:92:09:d2:58:5d:a5:6c:a5:e8:20:f8:57:32:c1:42:7f:
4b:77:7f:33:00:58:3c:3d:d2:80:a5:bc:dc:22:bb:ef:19:16:
dd:bc:14:cf:c3:5e:91:b6:44:d9:9c:6d:f2:9d:90:39:90:c4:
7e:50:15:05:36:42:36:21:57:cd:75:d6:6f:0c:1d:35:64:8b:
15:31:77:1a:21:a1:8e:01:a3:8f:e9:38:62:e9:05:66:24:6b:
a8:1f:0e:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK7my250lZV1fD3/BYX4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjQwMTAyMTIzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjgyYTU3MTI2MjA4ZDE3YWVjMzJmMzUwNjVlYzVlODk3MTNmYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7ZR0DtBXoCfiOL28jfCCeZWAktE
7BOxV7OAsMu46bpx6BXqNbUrfReEkhR+xjdJjt/q4YD1QEfiHcl6s73pTZXpEUTv
M4Wj/5aCdlMs+B6N1gfYDY6Bw4KAI9Z62GooT/9x6bYy2/Jlnt8J6TxKg42FchDa
7KiSfwqyfZJHJ6qLtuR+3FqokExHLc5l5D2nnKrKEAOMvTDHR0BstxsTVY+3J0PH
tqF5KmW4ZOZrlbrQe/Xqu85umi3bxodsNQA8kGTC5XP8bZHptu5AMRQLBMsgpkgL
AsHgOfI/GRHVkWVk3Ra0L1BTHQjXOmd+nZUtaD5TGWj4G8HU9aT1t5Iq5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDKCpXEmII0XrsMvNQZexeiXE/pYMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvTW9LbGNTWWdqUmV1d3k4MUJsN0Y2SmNULWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVPVYAwQC
VfgYMA0GCSqGSIb3DQEBCwUAA4IBAQB7VWLjLcVvHlmzdp9WTI1vEv9MKDIUd92s
3uaXYN9x5etXYkEhbQnLKt57M+VLQshC5WDZb3+PglnaTO3Hb3vUpLTayZdNv3te
sxKYE8sx0NsDvzGIqWAvF0MmxRjPJapP4cCEhltBuIDMnowU7TidgTMt+ptuniJy
0xSH1R3JfVY2SNqz+cp/7X/xpsuDlsg3nMgGuKqLXw75F/LfsFc6ePogaZIJ0lhd
pWyl6CD4VzLBQn9Ld38zAFg8PdKApbzcIrvvGRbdvBTPw16RtkTZnG3ynZA5kMR+
UBUFNkI2IVfNddZvDB01ZIsVMXcaIaGOAaOP6Thi6QVmJGuoHw6C
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:27 2025 by rpki-client