Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/75xB9ha53iLn0iySwxz328MLSUM.roa
File: 75xB9ha53iLn0iySwxz328MLSUM.roa (raw, json)
Hash identifier: puls1mZoRZZnYbnysL7RbH36XJbVi+l0tUy3CLx/Uco=
Subject key identifier: EF:9C:41:F6:16:B9:DE:22:E7:D2:2C:92:C3:1C:F7:DB:C3:0B:49:43
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 018CC64AFE8DC04EEBB83A2BBB9A197721C5
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/75xB9ha53iLn0iySwxz328MLSUM.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206296
IP address blocks: 91.92.18.0/23 maxlen: 23
80.240.184.0/22 maxlen: 22
185.189.20.0/22 maxlen: 24
45.65.104.0/21 maxlen: 22
Validation: Failed, certificate revoked on Fri 01 Mar 2024 15:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fe:8d:c0:4e:eb:b8:3a:2b:bb:9a:19:77:21:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef9c41f616b9de22e7d22c92c31cf7dbc30b4943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1b:fb:6a:c7:ac:93:52:b7:3b:95:f4:74:a9:
19:08:80:6c:4e:ad:50:24:a1:a1:a5:d2:71:cd:bf:
95:b0:68:65:cc:4a:84:4b:8b:7d:0a:d8:66:d4:e1:
75:65:85:11:6d:c8:59:5b:84:cd:97:23:54:51:69:
e6:69:59:a4:65:e5:06:bf:be:4d:fe:7d:76:0b:19:
b1:2d:25:6c:4d:a5:e1:0b:99:7b:4b:ff:f6:10:90:
7b:3e:89:a2:27:e6:06:d3:55:4f:c7:4c:a0:54:51:
52:81:91:51:df:4d:dd:84:e6:b9:4a:c6:99:1c:f4:
cb:33:6b:1b:a0:6a:61:1f:50:cd:24:2a:6d:d6:fd:
d0:fb:1d:11:0d:87:1f:1e:0f:7f:6a:29:e1:75:82:
20:17:fa:af:d5:3a:d2:53:75:1d:02:f6:15:6f:57:
af:22:45:86:f3:56:ae:e5:b4:2d:49:50:b8:4a:eb:
8e:a1:f0:76:f2:cb:98:0a:46:88:e7:fa:4b:67:ac:
7f:b3:30:68:3e:db:64:bd:0b:14:6d:b2:61:5a:9e:
25:20:c1:d9:ac:6a:73:d6:8e:2b:45:64:b1:43:af:
3f:a1:80:3f:e6:63:23:bf:22:59:bd:d9:e1:d7:a9:
8a:09:27:c3:ae:e9:2e:3d:30:99:a0:85:eb:78:1f:
8c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9C:41:F6:16:B9:DE:22:E7:D2:2C:92:C3:1C:F7:DB:C3:0B:49:43
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/75xB9ha53iLn0iySwxz328MLSUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.104.0/21
80.240.184.0/22
91.92.18.0/23
185.189.20.0/22
Signature Algorithm: sha256WithRSAEncryption
89:23:73:08:12:17:69:3e:8e:c8:aa:07:e7:1c:88:70:f3:4b:
7d:44:4c:a0:62:c6:32:68:a3:7d:65:91:ad:9d:ee:a3:01:97:
7e:f4:60:ea:26:a5:ce:cc:e1:bb:18:a7:e2:88:a9:7e:3e:05:
8a:51:b8:0b:ca:d4:36:02:a4:f1:9d:cd:0e:09:31:82:2a:a0:
86:2b:95:81:82:35:c2:e0:90:b8:ce:1a:90:5e:31:9a:9b:e0:
54:de:c4:5d:55:56:ff:88:0e:8f:ba:a0:8d:6d:f3:dc:1d:75:
c1:14:0c:2e:63:a3:9d:25:52:97:d5:e3:6f:83:7e:5c:9f:bd:
20:5d:8e:2a:15:2a:ee:d7:b5:02:44:b2:16:fa:c1:97:77:ea:
bb:ee:21:50:3a:e6:60:d9:8f:9c:6e:88:48:18:fb:1e:70:86:
e2:1f:27:ea:d1:a5:ad:4c:e3:49:30:3e:13:ae:43:e2:82:ef:
ff:6d:3b:4d:28:f1:07:01:4d:58:6a:95:67:bc:41:37:25:f6:
68:b2:5a:15:6a:a8:9e:5c:1e:19:20:96:33:a2:f8:42:a9:99:
20:46:c5:c5:12:b0:97:93:bb:0f:75:b7:2c:04:fc:93:3d:8d:
2c:50:83:04:95:51:e4:ca:23:d7:08:43:d7:bf:dc:91:fb:6a:
54:0c:d0:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSv6NwE7ruDoru5oZdyHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjljNDFmNjE2YjlkZTIyZTdkMjJjOTJjMzFjZjdkYmMzMGI0OTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBv7asesk1K3O5X0dKkZCIBsTq1Q
JKGhpdJxzb+VsGhlzEqES4t9Cthm1OF1ZYURbchZW4TNlyNUUWnmaVmkZeUGv75N
/n12CxmxLSVsTaXhC5l7S//2EJB7PomiJ+YG01VPx0ygVFFSgZFR303dhOa5SsaZ
HPTLM2sboGphH1DNJCpt1v3Q+x0RDYcfHg9/ainhdYIgF/qv1TrSU3UdAvYVb1ev
IkWG81au5bQtSVC4SuuOofB28suYCkaI5/pLZ6x/szBoPttkvQsUbbJhWp4lIMHZ
rGpz1o4rRWSxQ68/oYA/5mMjvyJZvdnh16mKCSfDrukuPTCZoIXreB+MBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO+cQfYWud4i59IsksMc99vDC0lDMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvNzV4QjloYTUzaUxuMGl5U3d4ejMyOE1MU1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLUFoAwQC
UPC4AwQBW1wSAwQCub0UMA0GCSqGSIb3DQEBCwUAA4IBAQCJI3MIEhdpPo7Iqgfn
HIhw80t9REygYsYyaKN9ZZGtne6jAZd+9GDqJqXOzOG7GKfiiKl+PgWKUbgLytQ2
AqTxnc0OCTGCKqCGK5WBgjXC4JC4zhqQXjGam+BU3sRdVVb/iA6PuqCNbfPcHXXB
FAwuY6OdJVKX1eNvg35cn70gXY4qFSru17UCRLIW+sGXd+q77iFQOuZg2Y+cbohI
GPsecIbiHyfq0aWtTONJMD4TrkPigu//bTtNKPEHAU1YapVnvEE3JfZosloVaqie
XB4ZIJYzovhCqZkgRsXFErCXk7sPdbcsBPyTPY0sUIMElVHkyiPXCEPXv9yR+2pU
DNDH
-----END CERTIFICATE-----
Generated at Fri Mar 1 18:42:07 2024 by rpki-client on console-fra.rpki-client.org