Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MnSHweJpVWgW5Gk3m0iw1YZ6D0I.roa
File: MnSHweJpVWgW5Gk3m0iw1YZ6D0I.roa (raw, json)
Hash identifier: wamvy/x17pzLTtS/axX8e98kls9zn6IBDV5W0O0xD2g=
Subject key identifier: 32:74:87:C1:E2:69:55:68:16:E4:69:37:9B:48:B0:D5:86:7A:0F:42
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01856F54B95E2410C51639954D3E62476682
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MnSHweJpVWgW5Gk3m0iw1YZ6D0I.roa
Signing time: Sun 01 Jan 2023 21:55:01 +0000
ROA not before: Sun 01 Jan 2023 21:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
81.29.149.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 25 Jan 2023 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:b9:5e:24:10:c5:16:39:95:4d:3e:62:47:66:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=327487c1e269556816e469379b48b0d5867a0f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ee:46:1c:1d:dd:c0:e5:3b:02:65:ff:25:bf:
56:ef:41:86:2e:65:95:d2:24:cd:5d:28:9f:60:3f:
44:a4:19:01:5a:f0:19:8b:7a:3e:24:a8:b4:48:8e:
fb:51:17:e0:94:83:d8:ac:ab:fe:cb:4f:8a:d6:72:
4c:f6:73:a0:64:a9:42:4f:75:63:8b:d5:b2:6a:6e:
97:1d:40:fb:e0:3d:cf:73:6e:a4:c7:4c:ae:7d:6e:
f1:bc:46:20:c9:22:6c:2b:aa:92:8a:53:89:37:eb:
01:b1:5d:9d:ed:83:9c:bd:9c:54:3d:69:0c:e7:31:
e3:94:b5:4e:3f:b6:c8:87:32:7a:9b:8d:02:0c:24:
49:9d:31:de:27:10:09:7b:74:8c:b8:8e:d6:03:fd:
46:96:bc:f6:0d:5e:53:4d:8d:f3:1c:32:87:1f:13:
11:6b:c4:26:4d:59:3e:67:1e:f2:d8:87:ee:ef:eb:
18:f2:cf:b1:b0:2c:98:d3:a0:24:d8:cf:59:d1:ed:
8a:16:e9:24:d1:7d:0e:33:86:db:e4:87:3f:33:bc:
a6:df:81:e2:05:7f:53:36:87:4b:b1:51:32:f5:01:
79:fe:2a:e2:80:a9:26:06:9d:4d:15:9f:3c:1a:2c:
72:6f:03:8c:c0:fd:24:0e:a3:18:ce:17:3d:a4:47:
8c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:74:87:C1:E2:69:55:68:16:E4:69:37:9B:48:B0:D5:86:7A:0F:42
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MnSHweJpVWgW5Gk3m0iw1YZ6D0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
81.29.149.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
5b:42:b1:1c:6c:e4:b9:0e:3f:5c:7d:67:97:d5:c6:b3:a0:15:
89:2d:36:74:cc:6c:a1:f7:1e:e7:14:cc:c9:d7:14:e9:70:bc:
5e:56:ba:97:96:42:a4:84:85:16:5a:03:f5:23:d1:a9:8c:49:
eb:84:63:f7:ae:d3:84:0a:8a:28:93:8d:42:0a:f0:b8:d3:1b:
19:22:8d:b4:31:47:c0:bb:db:51:b3:94:11:1b:63:a3:f8:55:
67:49:d0:8b:02:ad:a5:09:dc:a8:97:ce:d3:e4:56:35:6f:d1:
08:6f:d8:62:19:c7:87:f4:7c:b5:18:bc:87:b7:80:92:c8:92:
b6:aa:9e:d7:e0:97:0d:85:2a:78:06:ef:58:07:35:49:bf:5d:
bb:1d:45:cb:1d:70:2f:f4:4b:5b:43:4c:62:83:c8:69:c1:9b:
d5:9b:78:ea:e8:46:73:d4:0f:c7:8a:81:f2:d2:57:21:92:db:
e8:a9:01:a6:9c:37:78:f2:54:79:c0:9d:76:01:7c:ca:f8:cc:
fa:d2:0a:e4:de:bc:f4:9c:72:ae:06:44:7b:d3:56:ba:d3:02:
1a:e9:b6:75:b2:29:ea:b2:b3:a5:b4:49:da:d4:1a:8d:5a:61:
1b:63:cc:77:ab:ad:36:e1:60:e1:3e:82:88:97:3c:a6:9a:a1:
93:dc:0f:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvVLleJBDFFjmVTT5iR2aCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTAxMjE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc0ODdjMWUyNjk1NTY4MTZlNDY5Mzc5YjQ4YjBkNTg2N2EwZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou5GHB3dwOU7AmX/Jb9W70GGLmWV
0iTNXSifYD9EpBkBWvAZi3o+JKi0SI77URfglIPYrKv+y0+K1nJM9nOgZKlCT3Vj
i9Wyam6XHUD74D3Pc26kx0yufW7xvEYgySJsK6qSilOJN+sBsV2d7YOcvZxUPWkM
5zHjlLVOP7bIhzJ6m40CDCRJnTHeJxAJe3SMuI7WA/1Glrz2DV5TTY3zHDKHHxMR
a8QmTVk+Zx7y2Ifu7+sY8s+xsCyY06Ak2M9Z0e2KFukk0X0OM4bb5Ic/M7ym34Hi
BX9TNodLsVEy9QF5/irigKkmBp1NFZ88GixybwOMwP0kDqMYzhc9pEeMDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDJ0h8HiaVVoFuRpN5tIsNWGeg9CMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvTW5TSHdlSnBWV2dXNUdrM20waXcxWVo2RDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULgAwQA
UR2VMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQBbQrEcbOS5Dj9c
fWeX1cazoBWJLTZ0zGyh9x7nFMzJ1xTpcLxeVrqXlkKkhIUWWgP1I9GpjEnrhGP3
rtOECoook41CCvC40xsZIo20MUfAu9tRs5QRG2Oj+FVnSdCLAq2lCdyol87T5FY1
b9EIb9hiGceH9Hy1GLyHt4CSyJK2qp7X4JcNhSp4Bu9YBzVJv127HUXLHXAv9Etb
Q0xig8hpwZvVm3jq6EZz1A/HioHy0lchktvoqQGmnDd48lR5wJ12AXzK+Mz60grk
3rz0nHKuBkR701a60wIa6bZ1sinqsrOltEna1BqNWmEbY8x3q6024WDhPoKIlzym
mqGT3A/C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org