Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/MLDNsjssqz38Mj7iSCj4Wu5FXVk.roa
File: MLDNsjssqz38Mj7iSCj4Wu5FXVk.roa (raw, json)
Hash identifier: 4A/Hn6lRmk0ztw1eRI8+9HNrP+CwEg3sps6rhebe3jM=
Subject key identifier: 30:B0:CD:B2:3B:2C:AB:3D:FC:32:3E:E2:48:28:F8:5A:EE:45:5D:59
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 018F2A0BBB7BEF9677808137D0A46B68FFA1
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/MLDNsjssqz38Mj7iSCj4Wu5FXVk.roa
Signing time: Mon 29 Apr 2024 13:29:22 +0000
ROA not before: Mon 29 Apr 2024 13:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.157.137.0/24 maxlen: 24
185.217.192.0/23 maxlen: 24
185.217.194.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 13:42:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:0b:bb:7b:ef:96:77:80:81:37:d0:a4:6b:68:ff:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Apr 29 13:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30b0cdb23b2cab3dfc323ee24828f85aee455d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b9:40:80:87:5d:3f:39:18:b9:76:88:83:7c:
b2:c7:86:d0:2f:00:62:59:a1:12:69:af:3d:4b:43:
0e:39:b6:6e:2f:bb:1a:c9:4f:6e:dd:99:31:27:99:
2a:05:bc:ae:79:16:79:e8:e1:11:f0:55:14:c2:db:
5c:99:ae:66:e6:b3:2b:58:a8:a3:e6:ae:4a:49:ad:
7d:28:34:4b:11:7a:05:f8:c6:4a:0f:47:58:e8:4f:
c7:5d:02:08:09:fd:31:24:9c:f6:66:e7:23:c9:d1:
68:b5:1c:b1:d6:e8:0a:35:07:d6:1d:27:8b:2e:94:
23:70:8b:ea:e2:45:d2:f6:44:0f:c9:9e:e4:4b:61:
1d:06:b4:d3:a3:02:a5:a8:e6:12:76:da:42:2d:f8:
a1:dd:ec:5d:49:f0:b7:01:5a:32:14:ed:64:8f:a6:
1d:ac:8e:7b:1c:00:f2:ae:bb:11:e4:dd:d4:94:7e:
38:f6:15:9d:88:8d:07:59:ab:70:38:66:f9:aa:da:
ff:1d:93:19:2d:25:72:61:58:a4:9a:9f:b6:92:22:
c8:51:9f:2e:c1:cc:d1:f3:0c:44:0f:61:fe:de:84:
30:09:cb:e4:5c:3e:69:b5:33:79:55:4f:c8:f7:7b:
42:d3:ce:27:a1:2f:40:c1:1b:d7:cb:5b:96:50:de:
49:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B0:CD:B2:3B:2C:AB:3D:FC:32:3E:E2:48:28:F8:5A:EE:45:5D:59
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/MLDNsjssqz38Mj7iSCj4Wu5FXVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.137.0/24
185.217.192.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:27:bc:d1:e8:2c:33:e2:f0:94:ce:2f:ed:3e:26:67:f7:21:
5f:b0:61:c7:cd:8d:12:b0:fc:06:40:ac:6c:d8:c0:b1:21:b5:
05:1e:80:cc:5b:12:09:06:55:61:82:8d:bb:b2:0a:9b:01:32:
a0:a3:ba:0c:27:dc:d0:0f:be:e8:b2:34:d8:50:25:d2:90:ff:
00:ff:2c:3c:15:b7:8c:52:1a:43:7b:d6:d1:68:88:2b:54:5f:
8b:84:3c:5c:05:3f:5a:8b:8a:e8:69:b1:d9:05:1f:3d:a0:ca:
b5:cb:ea:a8:e0:0f:a9:b3:7f:f2:33:47:6e:2a:e7:a4:20:5e:
e5:2e:c9:b4:1a:8c:01:cd:cd:92:26:92:5b:b6:61:1d:17:3e:
a9:af:3b:cf:cd:32:c1:11:a7:79:4f:c5:1e:b4:a9:3f:6e:e6:
72:5b:2f:cb:2b:de:cd:b8:2a:4a:31:a8:02:f8:07:0d:d9:52:
e1:4d:02:15:4d:1b:2b:ae:1e:b1:d2:01:bb:00:1f:92:35:73:
1d:b6:04:47:56:1e:71:3f:ea:49:a8:ae:ed:e2:be:6a:7c:44:
8d:73:9c:38:b4:08:7d:3f:12:b7:9b:fa:15:b9:e3:c3:1e:17:
1a:91:a3:81:14:c0:f6:e9:f9:b5:75:47:dd:ca:30:c0:c4:44:
63:06:29:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8qC7t775Z3gIE30KRraP+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjQwNDI5MTMyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGIwY2RiMjNiMmNhYjNkZmMzMjNlZTI0ODI4Zjg1YWVlNDU1ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjblAgIddPzkYuXaIg3yyx4bQLwBi
WaESaa89S0MOObZuL7sayU9u3ZkxJ5kqBbyueRZ56OER8FUUwttcma5m5rMrWKij
5q5KSa19KDRLEXoF+MZKD0dY6E/HXQIICf0xJJz2ZucjydFotRyx1ugKNQfWHSeL
LpQjcIvq4kXS9kQPyZ7kS2EdBrTTowKlqOYSdtpCLfih3exdSfC3AVoyFO1kj6Yd
rI57HADyrrsR5N3UlH449hWdiI0HWatwOGb5qtr/HZMZLSVyYVikmp+2kiLIUZ8u
wczR8wxED2H+3oQwCcvkXD5ptTN5VU/I93tC084noS9AwRvXy1uWUN5J3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDCwzbI7LKs9/DI+4kgo+FruRV1ZMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvTUxETnNqc3NxejM4TWo3aVNDajRXdTVGWFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ2JAwQC
udnAMA0GCSqGSIb3DQEBCwUAA4IBAQANJ7zR6Cwz4vCUzi/tPiZn9yFfsGHHzY0S
sPwGQKxs2MCxIbUFHoDMWxIJBlVhgo27sgqbATKgo7oMJ9zQD77osjTYUCXSkP8A
/yw8FbeMUhpDe9bRaIgrVF+LhDxcBT9ai4roabHZBR89oMq1y+qo4A+ps3/yM0du
KuekIF7lLsm0GowBzc2SJpJbtmEdFz6przvPzTLBEad5T8UetKk/buZyWy/LK97N
uCpKMagC+AcN2VLhTQIVTRsrrh6x0gG7AB+SNXMdtgRHVh5xP+pJqK7t4r5qfESN
c5w4tAh9PxK3m/oVuePDHhcakaOBFMD26fm1dUfdyjDAxERjBil1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:56 2025 by rpki-client