Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/mjUzF9R3wesfCHtV-KVMYQ5O44k.roa
File: mjUzF9R3wesfCHtV-KVMYQ5O44k.roa (raw, json)
Hash identifier: gSbHwuII3l1pUoXY5yDNung4X76qvazAGptZMUo/414=
Subject key identifier: 9A:35:33:17:D4:77:C1:EB:1F:08:7B:55:F8:A5:4C:61:0E:4E:E3:89
Certificate issuer: /CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Certificate serial: 0186184DAD80F7BC6A927DD4CD992620FBD0
Authority key identifier: E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/mjUzF9R3wesfCHtV-KVMYQ5O44k.roa
Signing time: Fri 03 Feb 2023 17:23:09 +0000
ROA not before: Fri 03 Feb 2023 17:23:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200222
IP address blocks: 45.129.104.0/24 maxlen: 24
45.129.107.0/24 maxlen: 24
2a0e:47c7:1000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:4d:ad:80:f7:bc:6a:92:7d:d4:cd:99:26:20:fb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Validity
Not Before: Feb 3 17:23:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a353317d477c1eb1f087b55f8a54c610e4ee389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:97:7d:04:2c:d2:21:88:91:8a:e8:ba:14:a7:
04:b7:a2:54:fe:45:89:30:ec:42:a3:8c:e4:b4:eb:
c8:0c:a6:2e:21:ae:8b:35:cc:db:b1:d3:37:ab:9a:
aa:cb:92:e0:cb:af:08:a4:00:e8:12:dd:56:4c:5a:
b8:aa:d6:14:c8:57:f1:cb:0a:91:62:91:a8:ef:2f:
31:b2:5c:ab:3d:d2:a7:a0:a7:7f:77:ee:e9:da:88:
dd:76:59:3a:b5:81:b2:95:11:3b:7e:8a:0c:27:ce:
13:c3:29:e9:81:5e:1a:de:12:d3:07:86:9d:b1:5f:
0d:84:af:29:e4:77:e8:74:18:a1:ef:6e:0a:f5:0c:
64:20:14:34:18:a5:11:73:85:a5:e7:1f:cf:23:d6:
a9:99:1d:0b:da:93:d8:03:2c:e3:26:c1:65:d7:3e:
a2:12:c9:d2:d4:79:38:c0:f8:4b:99:67:45:eb:bd:
80:dd:6b:b5:76:62:e9:58:8c:51:ad:2f:aa:4d:31:
35:70:90:43:3c:d2:c3:ef:d7:ac:bb:1a:99:29:51:
8d:70:67:bc:7e:69:36:48:7b:bd:de:a6:a8:90:81:
fc:a1:1c:48:c4:a7:64:44:a7:b0:ec:f4:76:50:99:
9c:81:b5:85:ef:32:49:65:f4:71:7e:46:81:eb:40:
cf:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:35:33:17:D4:77:C1:EB:1F:08:7B:55:F8:A5:4C:61:0E:4E:E3:89
X509v3 Authority Key Identifier:
keyid:E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/mjUzF9R3wesfCHtV-KVMYQ5O44k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.104.0/24
45.129.107.0/24
IPv6:
2a0e:47c7:1000::/48
Signature Algorithm: sha256WithRSAEncryption
63:e6:33:29:1a:03:0c:89:27:9e:6d:84:45:0e:ef:70:76:0c:
dc:f8:c5:07:cb:92:e2:53:be:b9:5e:94:0d:69:c4:c4:b0:3d:
e9:67:2f:ea:9a:ab:35:99:de:8d:ab:fd:5b:89:9b:69:bb:9d:
0d:fe:3e:37:3f:d4:69:c3:7f:d5:04:10:27:fa:74:ef:60:15:
45:76:ea:19:ab:67:d9:8d:65:12:d7:49:70:6d:a9:29:c3:e2:
30:4f:09:0f:05:ff:b5:0f:d2:8f:c3:3f:f6:c1:ab:7f:67:e5:
ae:c2:f0:1a:2c:35:be:b0:20:a0:ab:f5:95:0e:be:7f:2e:d2:
d2:d3:ea:c9:e8:c5:41:b9:60:b8:66:df:41:09:49:fa:8e:eb:
e2:f9:72:30:48:40:ec:e2:30:51:bc:d2:1e:0f:4d:25:c1:97:
8a:5d:35:b9:64:cd:61:18:4d:e9:20:94:a1:70:f6:1e:4f:f7:
a7:16:70:97:93:2f:ff:39:df:11:ca:3e:6d:25:0d:b7:c0:5e:
0c:54:3c:43:76:e1:5e:49:fa:d7:b5:83:c6:98:cd:8b:dc:39:
86:5e:7a:f5:d6:73:fa:46:63:48:46:b0:d4:c6:30:5a:c3:87:
e2:e8:dc:01:6c:ff:4a:be:97:a9:86:eb:c5:9b:82:d2:3d:ed:
d8:bc:a8:4d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYYYTa2A97xqkn3UzZkmIPvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4OGMwNDc3MWUyYmZhYzhmNjBmMWI0YzljYmQwOTNhYWZl
YTk3NGUwHhcNMjMwMjAzMTcyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTM1MzMxN2Q0NzdjMWViMWYwODdiNTVmOGE1NGM2MTBlNGVlMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZd9BCzSIYiRiui6FKcEt6JU/kWJ
MOxCo4zktOvIDKYuIa6LNczbsdM3q5qqy5Lgy68IpADoEt1WTFq4qtYUyFfxywqR
YpGo7y8xslyrPdKnoKd/d+7p2ojddlk6tYGylRE7fooMJ84TwynpgV4a3hLTB4ad
sV8NhK8p5HfodBih724K9QxkIBQ0GKURc4Wl5x/PI9apmR0L2pPYAyzjJsFl1z6i
EsnS1Hk4wPhLmWdF672A3Wu1dmLpWIxRrS+qTTE1cJBDPNLD79esuxqZKVGNcGe8
fmk2SHu93qaokIH8oRxIxKdkRKew7PR2UJmcgbWF7zJJZfRxfkaB60DP3wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJo1MxfUd8HrHwh7VfilTGEOTuOJMB8GA1UdIwQY
MBaAFOiMBHceK/rI9g8bTJy9CTqv6pdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUt
YmE2NDVmMTk5MTVhLzEvbWpVekY5UjN3ZXNmQ0h0Vi1LVk1ZUTVPNDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUtYmE2NDVmMTk5MTVh
LzEvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALYFoAwQA
LYFrMA8EAgACMAkDBwAqDkfHEAAwDQYJKoZIhvcNAQELBQADggEBAGPmMykaAwyJ
J55thEUO73B2DNz4xQfLkuJTvrlelA1pxMSwPelnL+qaqzWZ3o2r/VuJm2m7nQ3+
Pjc/1GnDf9UEECf6dO9gFUV26hmrZ9mNZRLXSXBtqSnD4jBPCQ8F/7UP0o/DP/bB
q39n5a7C8BosNb6wIKCr9ZUOvn8u0tLT6snoxUG5YLhm30EJSfqO6+L5cjBIQOzi
MFG80h4PTSXBl4pdNblkzWEYTekglKFw9h5P96cWcJeTL/853xHKPm0lDbfAXgxU
PEN24V5J+te1g8aYzYvcOYZeevXWc/pGY0hGsNTGMFrDh+Lo3AFs/0q+l6mG68Wb
gtI97di8qE0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:51 2024 by rpki-client on console-ams.rpki-client.org