Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/MAqn_XEJfQ3RJw7hTjZda4iwahA.roa
File: MAqn_XEJfQ3RJw7hTjZda4iwahA.roa (raw, json)
Hash identifier: LuHK7RbrB6ZsMykgfS3hP4GlwfPMw1guaYkasRzjkXo=
Subject key identifier: 30:0A:A7:FD:71:09:7D:0D:D1:27:0E:E1:4E:36:5D:6B:88:B0:6A:10
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 0192189C997A7B4CC9110D57A30DD6828705
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/MAqn_XEJfQ3RJw7hTjZda4iwahA.roa
Signing time: Sun 22 Sep 2024 07:22:48 +0000
ROA not before: Sun 22 Sep 2024 07:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214171
IP address blocks: 45.144.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:18:9c:99:7a:7b:4c:c9:11:0d:57:a3:0d:d6:82:87:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Sep 22 07:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=300aa7fd71097d0dd1270ee14e365d6b88b06a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:76:d4:85:31:e5:0f:52:16:1e:2c:0e:95:54:
6d:c7:9b:31:a8:5e:da:ce:89:04:70:64:29:4b:14:
bd:c1:0c:61:1d:43:ae:46:da:ea:78:f2:dc:bf:39:
5b:59:63:e6:d9:fc:9b:62:29:db:c7:5c:2d:53:db:
69:1c:2b:1b:78:10:99:e0:cc:0b:e4:2a:35:89:eb:
00:70:da:e4:6a:5f:81:b7:0b:f8:71:48:27:d1:f1:
5b:80:b4:60:82:55:82:25:7c:6c:41:3c:23:52:ab:
94:f3:95:0d:40:5f:2f:18:30:a7:f9:6b:2b:fd:89:
9f:22:c0:9b:68:11:67:f4:36:2e:78:71:02:b5:c4:
4d:ca:a2:b1:7b:0f:18:53:da:04:61:fb:73:62:3b:
ea:bf:43:00:19:b9:e1:db:47:02:88:3f:e7:07:d0:
a5:88:d6:15:46:3b:d4:ce:d4:87:8a:3a:05:5b:c6:
78:c4:92:63:c1:ea:6c:70:09:62:13:32:3c:54:a5:
00:13:4f:56:47:ff:e6:0a:d9:28:06:e3:56:e8:1e:
91:28:f1:d4:29:d8:76:17:41:3f:f8:d9:b5:c4:c9:
e2:f7:ee:bc:39:bb:d1:1e:bb:90:74:fd:40:b6:e4:
22:c7:7c:1f:59:2c:bf:aa:13:dd:9d:e2:43:a2:cc:
55:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0A:A7:FD:71:09:7D:0D:D1:27:0E:E1:4E:36:5D:6B:88:B0:6A:10
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/MAqn_XEJfQ3RJw7hTjZda4iwahA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.19.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:0e:9c:38:80:31:a8:5f:4f:7c:a3:f9:d6:77:67:6a:25:3f:
32:96:a3:e6:92:38:45:65:d3:1b:ba:45:22:47:90:62:65:ed:
99:b2:41:e2:21:23:61:be:6c:82:65:3f:5b:6f:4f:be:34:f6:
4f:b3:46:ec:5b:e4:31:61:43:42:59:d0:9b:fe:02:f1:fa:44:
23:e8:68:df:e6:a2:72:41:f1:20:03:77:67:57:53:7e:80:f9:
e3:ee:eb:30:0a:93:a4:60:25:c0:7b:0b:34:a5:39:c9:15:3a:
aa:4b:3e:b8:8d:ad:56:a4:dc:18:9e:50:33:87:12:f2:59:b6:
fd:a1:e4:87:8b:70:ac:b4:6a:ff:09:38:55:2f:d2:00:c0:71:
80:13:eb:14:17:17:95:5a:cd:c0:d3:d6:11:38:67:90:e6:7c:
29:9f:99:2b:e8:4b:6e:81:83:1e:d3:f3:50:4d:be:ad:d5:46:
c3:31:9d:72:4e:59:51:08:f0:99:49:22:63:2b:21:c8:c6:64:
b4:65:62:ca:7d:9e:e9:be:12:95:df:f4:15:d7:d1:60:e4:9d:
54:a6:04:c3:17:47:61:8a:d3:4c:1e:62:d6:b5:71:35:61:dc:
29:1c:06:02:b5:44:05:cb:40:2d:00:cf:1e:95:90:7c:b4:99:
8b:c4:77:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIYnJl6e0zJEQ1Xow3WgocFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjQwOTIyMDcyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBhYTdmZDcxMDk3ZDBkZDEyNzBlZTE0ZTM2NWQ2Yjg4YjA2YTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXbUhTHlD1IWHiwOlVRtx5sxqF7a
zokEcGQpSxS9wQxhHUOuRtrqePLcvzlbWWPm2fybYinbx1wtU9tpHCsbeBCZ4MwL
5Co1iesAcNrkal+Btwv4cUgn0fFbgLRgglWCJXxsQTwjUquU85UNQF8vGDCn+Wsr
/YmfIsCbaBFn9DYueHECtcRNyqKxew8YU9oEYftzYjvqv0MAGbnh20cCiD/nB9Cl
iNYVRjvUztSHijoFW8Z4xJJjwepscAliEzI8VKUAE09WR//mCtkoBuNW6B6RKPHU
Kdh2F0E/+Nm1xMni9+68ObvRHruQdP1AtuQix3wfWSy/qhPdneJDosxVdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAKp/1xCX0N0ScO4U42XWuIsGoQMB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvTUFxbl9YRUpmUTNSSnc3aFRqWmRhNGl3YWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZATMA0G
CSqGSIb3DQEBCwUAA4IBAQAaDpw4gDGoX098o/nWd2dqJT8ylqPmkjhFZdMbukUi
R5BiZe2ZskHiISNhvmyCZT9bb0++NPZPs0bsW+QxYUNCWdCb/gLx+kQj6Gjf5qJy
QfEgA3dnV1N+gPnj7uswCpOkYCXAews0pTnJFTqqSz64ja1WpNwYnlAzhxLyWbb9
oeSHi3CstGr/CThVL9IAwHGAE+sUFxeVWs3A09YROGeQ5nwpn5kr6EtugYMe0/NQ
Tb6t1UbDMZ1yTllRCPCZSSJjKyHIxmS0ZWLKfZ7pvhKV3/QV19Fg5J1UpgTDF0dh
itNMHmLWtXE1YdwpHAYCtUQFy0AtAM8elZB8tJmLxHcg
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:46 2025 by rpki-client