Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MyKPl8MZ2HOSZuxDjquUQY1HZEA.roa
File: MyKPl8MZ2HOSZuxDjquUQY1HZEA.roa (raw, json)
Hash identifier: pVtTBZTWSepqho8WMwWzxV46PFCUbbm3/g+bgQysQ2A=
Subject key identifier: 33:22:8F:97:C3:19:D8:73:92:66:EC:43:8E:AB:94:41:8D:47:64:40
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018B8FE5FBF32D68A8049BC544F2BD77DB90
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MyKPl8MZ2HOSZuxDjquUQY1HZEA.roa
Signing time: Thu 02 Nov 2023 11:58:15 +0000
ROA not before: Thu 02 Nov 2023 11:58:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.66.92.0/23 maxlen: 23
45.66.94.0/23 maxlen: 23
37.44.228.0/22 maxlen: 24
192.145.52.0/22 maxlen: 24
192.145.53.0/24 maxlen: 24
192.145.54.0/24 maxlen: 24
192.145.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:e5:fb:f3:2d:68:a8:04:9b:c5:44:f2:bd:77:db:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Nov 2 11:58:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33228f97c319d8739266ec438eab94418d476440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b0:8a:97:99:a1:04:ea:78:6e:8d:a7:45:8b:
9d:40:d9:e7:b5:94:c4:70:a3:13:e0:73:70:56:cb:
1e:73:b2:8c:d4:a6:b8:57:d9:37:9a:62:1f:54:44:
ad:11:2f:4b:b2:5c:92:1d:16:8a:e8:59:e3:c0:90:
77:68:ba:dc:36:aa:a3:6f:ff:92:aa:7c:a9:87:30:
a3:f7:9f:dc:c3:f2:78:d6:83:9e:81:c3:64:3c:68:
b0:a9:3a:34:63:3e:be:98:60:fd:68:64:47:77:51:
98:63:4e:e9:2c:46:e0:1b:41:c5:78:50:40:96:ce:
28:eb:59:16:0c:72:43:5d:75:ca:14:3f:ec:29:de:
de:29:78:9f:87:a7:c6:09:0d:24:f9:22:6e:26:12:
a3:e9:05:9b:b3:1c:30:33:11:9d:e5:1f:41:7a:d4:
bb:d9:05:92:16:91:97:35:5e:d6:8d:20:76:1c:7d:
fc:e7:fc:dd:8a:b8:5b:ca:3c:89:67:84:4a:e1:b4:
3a:5d:f2:98:99:3e:1e:cf:e3:ae:75:9e:23:f5:63:
9a:a3:42:82:c3:72:5c:ed:b0:d8:e6:8b:f0:88:c4:
50:cc:69:8c:43:fe:6f:56:bd:f4:48:66:2e:49:15:
d7:ae:39:d3:a3:32:f7:49:0c:f2:9a:f1:33:3f:a1:
79:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:22:8F:97:C3:19:D8:73:92:66:EC:43:8E:AB:94:41:8D:47:64:40
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MyKPl8MZ2HOSZuxDjquUQY1HZEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/22
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
15:39:6d:3a:39:41:07:da:70:67:28:e9:e9:2c:d8:52:12:60:
fa:18:04:7b:2a:6f:fb:b1:a3:6d:56:08:b5:8d:62:bc:cb:8d:
88:f8:a6:df:af:95:12:5b:f3:49:2b:08:84:90:34:47:44:60:
1d:03:89:37:7b:0c:b0:f0:af:c5:3c:7e:41:41:c4:77:52:82:
91:60:03:ce:e2:d7:a3:b9:8d:b2:e4:0d:7d:3f:25:b9:d7:c4:
df:45:15:b3:13:b1:63:4a:38:87:c5:04:ad:5e:18:0d:87:1a:
ab:2a:17:52:c9:c8:da:52:dd:6a:20:ac:00:cf:c7:8c:af:c0:
72:41:47:c2:2e:d3:16:a3:c6:23:98:04:db:13:62:a9:a8:2b:
32:d8:27:54:40:1a:7d:b9:ff:4c:57:08:ca:91:e5:c3:1a:b6:
94:ea:c8:5b:02:d5:bd:aa:0c:05:34:16:c8:17:9d:86:43:8c:
a9:a6:b0:db:aa:ca:20:46:14:c5:1f:a9:b9:c9:d1:76:c5:7b:
ee:57:2c:59:9d:ad:77:42:ec:21:03:a6:db:26:1c:2e:7e:9e:
5e:31:01:cf:03:73:69:4d:3c:98:bf:36:e2:b6:47:27:d6:d7:
09:ac:3c:b9:63:a7:35:92:c6:1b:a7:95:ea:25:8e:4e:3a:29:
48:17:7b:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuP5fvzLWioBJvFRPK9d9uQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMxMTAyMTE1ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzIyOGY5N2MzMTlkODczOTI2NmVjNDM4ZWFiOTQ0MThkNDc2NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrCKl5mhBOp4bo2nRYudQNnntZTE
cKMT4HNwVssec7KM1Ka4V9k3mmIfVEStES9LslySHRaK6FnjwJB3aLrcNqqjb/+S
qnyphzCj95/cw/J41oOegcNkPGiwqTo0Yz6+mGD9aGRHd1GYY07pLEbgG0HFeFBA
ls4o61kWDHJDXXXKFD/sKd7eKXifh6fGCQ0k+SJuJhKj6QWbsxwwMxGd5R9BetS7
2QWSFpGXNV7WjSB2HH385/zdirhbyjyJZ4RK4bQ6XfKYmT4ez+OudZ4j9WOao0KC
w3Jc7bDY5ovwiMRQzGmMQ/5vVr30SGYuSRXXrjnTozL3SQzymvEzP6F5rQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDMij5fDGdhzkmbsQ46rlEGNR2RAMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvTXlLUGw4TVoySE9TWnV4RGpxdVVRWTFIWkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQC
LUJcAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQAVOW06OUEH2nBnKOnpLNhSEmD6
GAR7Km/7saNtVgi1jWK8y42I+Kbfr5USW/NJKwiEkDRHRGAdA4k3ewyw8K/FPH5B
QcR3UoKRYAPO4tejuY2y5A19PyW518TfRRWzE7FjSjiHxQStXhgNhxqrKhdSycja
Ut1qIKwAz8eMr8ByQUfCLtMWo8YjmATbE2KpqCsy2CdUQBp9uf9MVwjKkeXDGraU
6shbAtW9qgwFNBbIF52GQ4ypprDbqsogRhTFH6m5ydF2xXvuVyxZna13QuwhA6bb
Jhwufp5eMQHPA3NpTTyYvzbitkcn1tcJrDy5Y6c1ksYbp5XqJY5OOilIF3sU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org