Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MlriConpEk77gPuvrLTA6JDmjjo.roa
File: MlriConpEk77gPuvrLTA6JDmjjo.roa (raw, json)
Hash identifier: XhkUTJWAPI4AeyxHgqEyqIGk7ufd3Ce7NwgQPjNVN8A=
Subject key identifier: 32:5A:E2:0A:89:E9:12:4E:FB:80:FB:AF:AC:B4:C0:E8:90:E6:8E:3A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018677BCA90DDF1A3F2012595C3EE5379801
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MlriConpEk77gPuvrLTA6JDmjjo.roa
Signing time: Wed 22 Feb 2023 06:08:17 +0000
ROA not before: Wed 22 Feb 2023 06:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211826
IP address blocks: 45.130.200.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
194.32.123.0/24 maxlen: 24
45.135.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 05:16:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:bc:a9:0d:df:1a:3f:20:12:59:5c:3e:e5:37:98:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 22 06:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=325ae20a89e9124efb80fbafacb4c0e890e68e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6d:4e:ef:09:58:99:2a:83:e8:95:e9:37:0a:
cd:8b:48:9b:6b:b4:82:68:be:ee:da:2d:13:52:0d:
e7:c4:50:c2:68:d7:4b:01:5e:eb:f2:c8:b1:a4:16:
a7:bb:34:c2:fb:02:0b:12:6f:41:2c:da:e9:9a:a6:
ec:31:c3:10:77:bf:d3:97:e3:8e:81:d7:be:1d:03:
0e:e8:46:f1:4b:08:ab:d4:f4:fc:d6:24:53:a7:03:
95:53:a6:43:6b:6d:6e:37:f4:f9:9c:e8:94:46:0c:
3e:f7:37:42:1a:0a:5a:2e:98:4a:2c:68:ee:02:c9:
60:48:b9:55:47:1a:54:76:36:9f:0a:cb:fa:30:72:
5f:d0:49:42:d9:96:2f:e5:64:cd:9e:b6:dd:1a:97:
81:64:5b:47:d3:b2:4d:32:3b:d8:8f:37:c6:6d:72:
b0:0a:65:92:56:c5:a2:1f:bd:db:d4:ba:d8:60:39:
a8:00:4e:df:54:3e:ca:12:9f:1c:c9:7e:6b:83:94:
a5:38:86:72:41:f0:dc:f5:5c:76:5c:b9:08:c4:0a:
31:80:8f:e2:1a:6b:9d:a1:e8:24:87:21:5d:8a:1f:
82:18:a8:d6:5f:e5:9d:10:50:c2:02:53:c3:a0:ea:
7c:9f:e8:f3:1c:99:c5:5f:25:80:9e:05:17:2d:f6:
92:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5A:E2:0A:89:E9:12:4E:FB:80:FB:AF:AC:B4:C0:E8:90:E6:8E:3A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MlriConpEk77gPuvrLTA6JDmjjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.200.0/24
45.135.185.0/24
194.32.123.0/24
217.74.16.0/24
Signature Algorithm: sha256WithRSAEncryption
63:50:05:ba:7e:ce:29:e7:f9:18:bf:36:02:91:d3:37:2d:c0:
69:d8:4f:f6:9e:68:8f:d6:95:54:de:a1:e8:8c:ce:03:5d:72:
3b:1b:20:c9:52:99:48:15:ff:9f:cf:96:83:e6:23:26:86:4a:
c1:a6:b7:96:f8:19:18:31:64:58:71:d6:8a:cb:38:c2:f3:5b:
54:0e:87:ae:97:9e:22:47:8a:76:dd:94:40:ca:7e:0f:e7:8f:
24:bb:29:20:87:15:94:de:79:8f:af:dc:5d:f0:d9:51:c7:a4:
8e:25:c3:97:a6:a3:c7:08:5a:82:47:49:53:56:3e:fa:47:bc:
22:9e:89:8a:72:65:e6:a9:aa:d0:d1:0f:f9:a4:d7:60:76:75:
b8:a3:20:6f:ba:61:cd:cd:f3:a4:ff:5e:5d:20:fb:4c:d8:0f:
be:32:26:4a:3e:6b:f9:b3:04:06:b4:65:c9:5c:23:24:e9:c9:
24:15:d6:e9:1c:6a:81:98:10:dc:c0:ed:da:07:44:91:6b:ea:
47:47:58:36:2f:47:3b:8e:62:7f:ce:32:6c:38:ac:72:33:d0:
ac:50:61:2d:ca:16:9e:ca:d1:ba:5f:4b:1d:e8:ca:e8:34:78:
cf:20:a0:c0:a3:2d:17:c6:6e:30:14:df:a8:12:26:6a:34:f4:
aa:87:3f:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZ3vKkN3xo/IBJZXD7lN5gBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIyMDYwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjVhZTIwYTg5ZTkxMjRlZmI4MGZiYWZhY2I0YzBlODkwZTY4ZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm1O7wlYmSqD6JXpNwrNi0iba7SC
aL7u2i0TUg3nxFDCaNdLAV7r8sixpBanuzTC+wILEm9BLNrpmqbsMcMQd7/Tl+OO
gde+HQMO6EbxSwir1PT81iRTpwOVU6ZDa21uN/T5nOiURgw+9zdCGgpaLphKLGju
AslgSLlVRxpUdjafCsv6MHJf0ElC2ZYv5WTNnrbdGpeBZFtH07JNMjvYjzfGbXKw
CmWSVsWiH73b1LrYYDmoAE7fVD7KEp8cyX5rg5SlOIZyQfDc9Vx2XLkIxAoxgI/i
GmudoegkhyFdih+CGKjWX+WdEFDCAlPDoOp8n+jzHJnFXyWAngUXLfaSFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDJa4gqJ6RJO+4D7r6y0wOiQ5o46MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTWxyaUNvbnBFazc3Z1B1dnJMVEE2SkRtampvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYLIAwQA
LYe5AwQAwiB7AwQA2UoQMA0GCSqGSIb3DQEBCwUAA4IBAQBjUAW6fs4p5/kYvzYC
kdM3LcBp2E/2nmiP1pVU3qHojM4DXXI7GyDJUplIFf+fz5aD5iMmhkrBpreW+BkY
MWRYcdaKyzjC81tUDoeul54iR4p23ZRAyn4P548kuykghxWU3nmPr9xd8NlRx6SO
JcOXpqPHCFqCR0lTVj76R7winomKcmXmqarQ0Q/5pNdgdnW4oyBvumHNzfOk/15d
IPtM2A++MiZKPmv5swQGtGXJXCMk6ckkFdbpHGqBmBDcwO3aB0SRa+pHR1g2L0c7
jmJ/zjJsOKxyM9CsUGEtyhaeytG6X0sd6MroNHjPIKDAoy0Xxm4wFN+oEiZqNPSq
hz8a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org