Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ml-lezmtDyOy9hOB5-3kuJ9XmaQ.roa
File: Ml-lezmtDyOy9hOB5-3kuJ9XmaQ.roa (raw, json)
Hash identifier: k2L51zHAEJa4EXKPH5Z6mriW3jse7ZPSSdyvGqCmG5Y=
Subject key identifier: 32:5F:A5:7B:39:AD:0F:23:B2:F6:13:81:E7:ED:E4:B8:9F:57:99:A4
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C540931BCFB0BDA48B0E223B8173829
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ml-lezmtDyOy9hOB5-3kuJ9XmaQ.roa
Signing time: Sun 01 Jan 2023 07:55:24 +0000
ROA not before: Sun 01 Jan 2023 07:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197216
IP address blocks: 185.133.72.0/24 maxlen: 32
45.67.19.0/24 maxlen: 24
185.166.238.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Oct 2023 12:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:09:31:bc:fb:0b:da:48:b0:e2:23:b8:17:38:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=325fa57b39ad0f23b2f61381e7ede4b89f5799a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:51:3c:8c:35:9b:4d:4c:80:da:ff:30:4d:80:
c5:29:d0:d7:f5:ad:9e:b8:cf:d4:dd:63:76:94:4b:
bd:8e:06:10:0d:1a:1b:f0:8d:d2:e9:d6:06:a2:3a:
ec:b5:9a:60:8e:0e:2f:73:91:96:0c:99:05:ad:c2:
f6:3b:bf:78:13:72:a6:0f:e5:33:e7:18:8d:cd:55:
12:83:f4:e2:75:86:88:c1:56:de:e2:2a:82:48:80:
e4:f2:5e:bc:66:df:02:07:16:72:9a:be:a9:ee:b0:
36:bf:2c:f2:eb:18:dc:51:8b:3b:64:98:15:3b:8d:
12:00:38:2f:6b:21:62:18:fe:45:cf:1f:9c:8b:f7:
53:3a:db:ac:b2:76:4d:43:d7:16:79:64:e1:c3:da:
90:db:4f:e4:08:c9:48:35:96:b1:68:a0:4c:47:e5:
80:20:a9:44:12:a3:2d:ac:99:c7:0b:08:b1:f9:95:
f4:d3:14:fa:f0:be:ae:45:96:a5:51:3a:e1:a9:17:
46:6b:74:46:4d:01:cd:59:38:6d:59:69:1c:20:d4:
22:d6:f5:46:87:3c:35:c3:07:9e:68:9c:e7:63:b1:
15:76:13:3b:cb:18:4e:34:63:b1:b0:90:a1:b6:5e:
b4:55:3f:42:85:14:1d:15:90:e1:85:6d:61:53:51:
f2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5F:A5:7B:39:AD:0F:23:B2:F6:13:81:E7:ED:E4:B8:9F:57:99:A4
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ml-lezmtDyOy9hOB5-3kuJ9XmaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.19.0/24
185.133.72.0/24
185.166.238.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:c7:39:0a:12:16:4d:2b:5d:36:4b:cd:9e:a2:7b:a9:e3:d8:
c4:d4:bc:72:59:4a:57:76:1a:8b:5a:9e:f0:6c:4a:21:9c:47:
d8:a9:21:4e:e6:be:84:db:55:0e:2a:f0:fe:75:ab:68:80:f5:
1e:78:82:f5:67:f8:3d:a6:6d:f4:ac:de:d7:2a:99:ac:00:85:
14:36:90:c7:9a:06:9e:b6:fd:03:43:cd:fc:92:87:85:d3:d1:
5b:3d:f2:01:6d:05:e0:66:9c:06:37:c4:72:e2:68:0f:72:d5:
36:de:75:77:1c:50:d3:dd:87:34:0c:7e:05:48:f8:76:a7:45:
2b:cb:55:d9:6f:a3:e6:64:79:8c:8b:93:a0:4d:00:dd:77:74:
25:04:f1:d1:8e:3d:60:02:af:30:6b:8d:5b:d7:50:19:74:07:
5d:c8:c8:48:46:0e:f7:e2:be:d3:42:63:21:c5:47:b9:15:f6:
de:22:64:9d:f2:c0:2c:b9:c2:3a:9c:2e:29:ab:ac:a1:bd:53:
8f:3c:b8:cf:18:53:b1:49:97:10:ef:25:bc:3d:0a:c3:48:8b:
26:9b:9b:49:08:c0:e6:db:60:75:4d:28:e9:62:7f:35:c7:96:
5e:67:72:55:8f:82:02:df:19:7f:78:71:e6:34:42:b2:bb:03:
ff:85:65:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsVAkxvPsL2kiw4iO4FzgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjVmYTU3YjM5YWQwZjIzYjJmNjEzODFlN2VkZTRiODlmNTc5OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1E8jDWbTUyA2v8wTYDFKdDX9a2e
uM/U3WN2lEu9jgYQDRob8I3S6dYGojrstZpgjg4vc5GWDJkFrcL2O794E3KmD+Uz
5xiNzVUSg/TidYaIwVbe4iqCSIDk8l68Zt8CBxZymr6p7rA2vyzy6xjcUYs7ZJgV
O40SADgvayFiGP5Fzx+ci/dTOtussnZNQ9cWeWThw9qQ20/kCMlINZaxaKBMR+WA
IKlEEqMtrJnHCwix+ZX00xT68L6uRZalUTrhqRdGa3RGTQHNWThtWWkcINQi1vVG
hzw1wweeaJznY7EVdhM7yxhONGOxsJChtl60VT9ChRQdFZDhhW1hU1HytwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDJfpXs5rQ8jsvYTgeft5LifV5mkMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvTWwtbGV6bXREeU95OWhPQjUtM2t1SjlYbWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUMTAwQA
uYVIAwQAuabuMA0GCSqGSIb3DQEBCwUAA4IBAQDJxzkKEhZNK102S82eonup49jE
1LxyWUpXdhqLWp7wbEohnEfYqSFO5r6E21UOKvD+datogPUeeIL1Z/g9pm30rN7X
KpmsAIUUNpDHmgaetv0DQ838koeF09FbPfIBbQXgZpwGN8Ry4mgPctU23nV3HFDT
3Yc0DH4FSPh2p0Ury1XZb6PmZHmMi5OgTQDdd3QlBPHRjj1gAq8wa41b11AZdAdd
yMhIRg734r7TQmMhxUe5FfbeImSd8sAsucI6nC4pq6yhvVOPPLjPGFOxSZcQ7yW8
PQrDSIsmm5tJCMDm22B1TSjpYn81x5ZeZ3JVj4IC3xl/eHHmNEKyuwP/hWUy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org