Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mlCK_DUaV62Vi5TuMQ3fIlQBJBo.roa
File: mlCK_DUaV62Vi5TuMQ3fIlQBJBo.roa (raw, json)
Hash identifier: a9kxHve0pIMnvADhbGQj9b7wZ8pkT693u31OyaIj/t4=
Subject key identifier: 9A:50:8A:FC:35:1A:57:AD:95:8B:94:EE:31:0D:DF:22:54:01:24:1A
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0188A19EB2B382F56A53604459981F1EE6FD
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mlCK_DUaV62Vi5TuMQ3fIlQBJBo.roa
Signing time: Fri 09 Jun 2023 19:25:12 +0000
ROA not before: Fri 09 Jun 2023 19:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 394844
IP address blocks: 185.52.139.0/24 maxlen: 24
94.154.180.0/23 maxlen: 23
45.67.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 16:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a1:9e:b2:b3:82:f5:6a:53:60:44:59:98:1f:1e:e6:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jun 9 19:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a508afc351a57ad958b94ee310ddf225401241a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:49:5e:fd:87:b8:67:af:4b:b9:8d:89:bd:ca:
93:a3:a1:32:8b:46:fb:d7:ad:1e:e1:9f:14:c4:ed:
37:b5:e1:3d:7e:db:f9:78:eb:8b:8b:12:00:44:c0:
9f:d2:94:e7:0c:30:b5:84:86:e5:92:d7:c3:cc:31:
09:d8:24:45:4b:c0:9f:39:02:f6:c5:9b:ea:60:b6:
f4:e6:02:84:6e:63:8b:c7:79:c5:e3:3e:5b:8a:16:
c2:7d:e9:bf:a1:8d:e5:63:51:ce:c7:86:8a:dc:3e:
fa:a4:ca:43:5f:b6:56:8f:2e:91:5c:0c:1f:e7:b4:
32:6c:a5:2a:2c:c9:bb:04:93:dd:22:13:0b:88:ca:
f5:df:d2:aa:75:5a:76:33:27:11:c6:f5:a9:a2:9f:
91:a3:ad:4b:1f:c4:9c:c8:ce:37:c3:bf:a2:48:5d:
14:66:63:73:8a:4f:c7:9e:b1:0f:5c:88:77:a6:71:
17:e3:87:55:21:f6:1e:8e:af:49:ff:b6:86:0d:16:
be:6e:86:d1:3b:98:90:d4:6d:c3:4a:3b:eb:dd:b0:
90:64:87:8f:4e:59:d4:6a:52:44:e4:e1:19:45:59:
95:e3:4c:d2:14:f8:6b:31:ad:6c:41:d7:6d:b7:79:
7d:ab:a2:f8:19:06:a3:e2:38:c8:4c:10:9a:31:02:
02:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:50:8A:FC:35:1A:57:AD:95:8B:94:EE:31:0D:DF:22:54:01:24:1A
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mlCK_DUaV62Vi5TuMQ3fIlQBJBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.140.0/24
94.154.180.0/23
185.52.139.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:a5:0e:e5:a6:42:71:c0:66:12:1b:f2:b7:d0:ed:35:aa:ec:
17:2e:a6:65:81:40:38:fd:f6:26:f8:f5:64:e1:7f:4a:ac:69:
49:ae:c1:a4:86:ea:07:dc:d2:0c:20:ab:db:dc:fd:16:7c:17:
60:a1:43:e4:36:42:99:b5:74:f9:ed:5f:6a:9a:dc:06:24:60:
96:02:df:6a:a1:4b:c1:28:22:b9:d1:2d:5e:34:29:ad:22:0e:
ca:19:a3:10:91:7c:05:b7:c9:1a:4b:3d:b9:2e:7d:b6:82:15:
0e:06:a1:75:d7:90:2d:d5:4a:71:83:a6:8d:67:d6:58:13:30:
09:96:0f:5f:cf:a8:db:35:63:65:57:ea:73:bc:8e:97:7f:90:
17:cc:aa:35:62:d4:48:15:91:f5:3c:bc:7a:aa:53:ef:b4:85:
65:08:ca:92:92:66:a8:79:4e:9d:78:11:72:b2:fd:53:92:cf:
28:17:9d:fd:5a:b3:63:0d:ef:54:89:5d:fe:d9:50:78:5f:33:
34:26:82:d6:90:fe:7f:7a:a9:96:91:b7:ab:35:08:8f:a5:f6:
a8:a4:59:25:53:2f:8c:21:96:3f:df:e2:30:ce:62:c8:e6:e0:
3b:12:43:3f:2e:5f:2e:86:15:f3:d2:f7:e2:ee:6d:d8:ab:a1:
15:9b:e7:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYihnrKzgvVqU2BEWZgfHub9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwNjA5MTkyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTUwOGFmYzM1MWE1N2FkOTU4Yjk0ZWUzMTBkZGYyMjU0MDEyNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEle/Ye4Z69LuY2JvcqTo6Eyi0b7
160e4Z8UxO03teE9ftv5eOuLixIARMCf0pTnDDC1hIblktfDzDEJ2CRFS8CfOQL2
xZvqYLb05gKEbmOLx3nF4z5bihbCfem/oY3lY1HOx4aK3D76pMpDX7ZWjy6RXAwf
57QybKUqLMm7BJPdIhMLiMr139KqdVp2MycRxvWpop+Ro61LH8ScyM43w7+iSF0U
ZmNzik/HnrEPXIh3pnEX44dVIfYejq9J/7aGDRa+bobRO5iQ1G3DSjvr3bCQZIeP
TlnUalJE5OEZRVmV40zSFPhrMa1sQddtt3l9q6L4GQaj4jjITBCaMQICWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJpQivw1GletlYuU7jEN3yJUASQaMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvbWxDS19EVWFWNjJWaTVUdU1RM2ZJbFFCSkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUOMAwQB
Xpq0AwQAuTSLMA0GCSqGSIb3DQEBCwUAA4IBAQCepQ7lpkJxwGYSG/K30O01quwX
LqZlgUA4/fYm+PVk4X9KrGlJrsGkhuoH3NIMIKvb3P0WfBdgoUPkNkKZtXT57V9q
mtwGJGCWAt9qoUvBKCK50S1eNCmtIg7KGaMQkXwFt8kaSz25Ln22ghUOBqF115At
1Upxg6aNZ9ZYEzAJlg9fz6jbNWNlV+pzvI6Xf5AXzKo1YtRIFZH1PLx6qlPvtIVl
CMqSkmaoeU6deBFysv1Tks8oF539WrNjDe9UiV3+2VB4XzM0JoLWkP5/eqmWkber
NQiPpfaopFklUy+MIZY/3+IwzmLI5uA7EkM/Ll8uhhXz0vfi7m3Yq6EVm+fT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org