Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/MPhtUQHLqt1SQu6-kXYthhviqtA.roa
File: MPhtUQHLqt1SQu6-kXYthhviqtA.roa (raw, json)
Hash identifier: 6ducYfGHr4XzB7pyM0vUrv/olQm6YIWUYGqkYyVaAO4=
Subject key identifier: 30:F8:6D:51:01:CB:AA:DD:52:42:EE:BE:91:76:2D:86:1B:E2:AA:D0
Certificate issuer: /CN=4cf80802c6579a4d4a10608dcf92e9ace9905b16
Certificate serial: 019103A6BCE4CFA745981DCD353F95B47806
Authority key identifier: 4C:F8:08:02:C6:57:9A:4D:4A:10:60:8D:CF:92:E9:AC:E9:90:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/MPhtUQHLqt1SQu6-kXYthhviqtA.roa
Signing time: Tue 30 Jul 2024 12:39:04 +0000
ROA not before: Tue 30 Jul 2024 12:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203038
IP address blocks: 45.84.104.0/22 maxlen: 24
2a0d:bbc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 Aug 2024 11:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:a6:bc:e4:cf:a7:45:98:1d:cd:35:3f:95:b4:78:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf80802c6579a4d4a10608dcf92e9ace9905b16
Validity
Not Before: Jul 30 12:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30f86d5101cbaadd5242eebe91762d861be2aad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:13:db:56:ac:c6:20:81:01:20:df:60:db:47:
4b:85:61:43:d0:c0:14:bb:d3:2e:3a:65:4f:77:0e:
ae:d2:8c:e2:62:5b:de:ed:c8:28:8e:77:a7:d0:46:
ea:8e:93:8a:e5:2f:a0:9b:1c:38:72:6d:62:8d:8c:
40:44:fa:96:a5:87:8b:fe:3d:13:da:f9:ac:24:42:
4f:f5:a3:1b:e1:30:83:ad:0d:39:93:35:cf:f7:90:
7f:7f:ea:06:ae:c2:d0:e0:86:73:86:7f:8d:d0:e8:
b8:0c:e7:05:87:08:27:1c:6c:f5:87:4b:a6:88:26:
21:ee:b6:37:a0:79:7a:81:88:99:b5:66:ef:37:d9:
b2:41:2a:e9:1e:a2:26:00:8d:ac:93:42:b4:9a:5e:
15:2b:6d:53:f2:3d:5b:21:c7:64:51:a7:f6:37:81:
ee:8e:46:18:3b:52:13:1a:b9:f9:06:53:81:b0:67:
2a:f9:a5:27:60:f7:69:cd:df:68:58:cb:5d:3c:d8:
02:b6:ee:fe:16:05:2a:25:69:65:df:aa:12:22:cb:
bb:88:3f:7f:4b:0c:bf:73:61:4f:e1:a0:04:a6:24:
73:80:73:40:1f:10:96:b2:d4:d1:51:3b:0f:3a:c2:
e0:cc:ab:20:60:fe:6b:fa:49:fc:6c:8b:b5:1a:82:
2c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F8:6D:51:01:CB:AA:DD:52:42:EE:BE:91:76:2D:86:1B:E2:AA:D0
X509v3 Authority Key Identifier:
keyid:4C:F8:08:02:C6:57:9A:4D:4A:10:60:8D:CF:92:E9:AC:E9:90:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/MPhtUQHLqt1SQu6-kXYthhviqtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/TPgIAsZXmk1KEGCNz5LprOmQWxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.104.0/22
IPv6:
2a0d:bbc0::/29
Signature Algorithm: sha256WithRSAEncryption
0f:ef:ad:43:50:1e:ef:e8:d4:f4:a4:6b:61:f9:a5:d3:c2:6b:
12:ea:30:e5:4a:b5:45:77:4f:bc:1b:30:e8:d7:ac:aa:5c:e7:
39:88:9b:0f:8b:b4:68:a9:a3:32:a3:67:8d:9a:de:0e:8a:36:
dd:b8:83:80:31:1b:5d:df:76:f1:84:d8:a6:97:7d:9a:52:b4:
f5:0b:7f:fc:93:f8:9f:af:73:b7:a5:ba:6a:30:3b:38:82:55:
8a:2d:4c:c6:f3:45:4a:3d:81:d1:dc:f1:7d:c0:79:ed:bb:c9:
b4:5f:e5:d0:aa:4d:e6:e7:a7:20:05:57:f1:43:c3:01:d6:60:
b3:76:81:82:76:6b:9d:98:8f:e8:f1:b4:51:6b:49:fb:24:1c:
57:b5:2c:5a:75:36:73:ee:36:46:2e:b1:af:36:c5:cb:2d:91:
54:0a:33:b1:8c:81:af:60:a2:39:39:87:dc:6f:e7:ef:c6:6d:
84:64:bd:c7:96:2e:35:85:b3:7c:f4:ca:a9:09:0d:54:94:81:
1e:58:05:f9:fd:57:67:39:f7:0f:5d:50:22:88:a5:54:ef:7f:
2f:b2:4a:25:f1:81:c0:7c:e1:f7:7e:81:06:1f:bb:c0:e3:60:
77:1b:5f:aa:36:b2:d3:52:e8:02:66:8f:dd:39:c5:17:a6:7f:
eb:25:6a:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZEDprzkz6dFmB3NNT+VtHgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjgwODAyYzY1NzlhNGQ0YTEwNjA4ZGNmOTJlOWFjZTk5
MDViMTYwHhcNMjQwNzMwMTIzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY4NmQ1MTAxY2JhYWRkNTI0MmVlYmU5MTc2MmQ4NjFiZTJhYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhPbVqzGIIEBIN9g20dLhWFD0MAU
u9MuOmVPdw6u0oziYlve7cgojnen0EbqjpOK5S+gmxw4cm1ijYxARPqWpYeL/j0T
2vmsJEJP9aMb4TCDrQ05kzXP95B/f+oGrsLQ4IZzhn+N0Oi4DOcFhwgnHGz1h0um
iCYh7rY3oHl6gYiZtWbvN9myQSrpHqImAI2sk0K0ml4VK21T8j1bIcdkUaf2N4Hu
jkYYO1ITGrn5BlOBsGcq+aUnYPdpzd9oWMtdPNgCtu7+FgUqJWll36oSIsu7iD9/
Swy/c2FP4aAEpiRzgHNAHxCWstTRUTsPOsLgzKsgYP5r+kn8bIu1GoIsSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDD4bVEBy6rdUkLuvpF2LYYb4qrQMB8GA1UdIwQY
MBaAFEz4CALGV5pNShBgjc+S6azpkFsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBnSUFzWlhtazFLRUdDTno1THByT21RV3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zOThiYmItMTg0Zi00ODUxLWIyYTAt
OTFmNDlkOGQxMTVkLzEvTVBodFVRSExxdDFTUXU2LWtYWXRoaHZpcXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zOThiYmItMTg0Zi00ODUxLWIyYTAtOTFmNDlkOGQxMTVk
LzEvVFBnSUFzWlhtazFLRUdDTno1THByT21RV3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVRoMA0E
AgACMAcDBQMqDbvAMA0GCSqGSIb3DQEBCwUAA4IBAQAP761DUB7v6NT0pGth+aXT
wmsS6jDlSrVFd0+8GzDo16yqXOc5iJsPi7RoqaMyo2eNmt4OijbduIOAMRtd33bx
hNiml32aUrT1C3/8k/ifr3O3pbpqMDs4glWKLUzG80VKPYHR3PF9wHntu8m0X+XQ
qk3m56cgBVfxQ8MB1mCzdoGCdmudmI/o8bRRa0n7JBxXtSxadTZz7jZGLrGvNsXL
LZFUCjOxjIGvYKI5OYfcb+fvxm2EZL3Hli41hbN89MqpCQ1UlIEeWAX5/VdnOfcP
XVAiiKVU738vskol8YHAfOH3foEGH7vA42B3G1+qNrLTUugCZo/dOcUXpn/rJWog
-----END CERTIFICATE-----
Generated at Thu Aug 8 13:04:24 2024 by rpki-client on console-fra.rpki-client.org