Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/mZtcgTZwh8WygSEfzIXt-3wFQu8.roa
File: mZtcgTZwh8WygSEfzIXt-3wFQu8.roa (raw, json)
Hash identifier: tWf/bEO+RALcNdJgvB09KDgXHJB3EhIhHi3efHV8ItY=
Subject key identifier: 99:9B:5C:81:36:70:87:C5:B2:81:21:1F:CC:85:ED:FB:7C:05:42:EF
Certificate issuer: /CN=29493731efccc74ad5c273874b9360f7aa689465
Certificate serial: 018570F07BC55C77CF1C8467A353BB07128F
Authority key identifier: 29:49:37:31:EF:CC:C7:4A:D5:C2:73:87:4B:93:60:F7:AA:68:94:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUk3Me_Mx0rVwnOHS5Ng96polGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/mZtcgTZwh8WygSEfzIXt-3wFQu8.roa
Signing time: Mon 02 Jan 2023 05:24:46 +0000
ROA not before: Mon 02 Jan 2023 05:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208376
IP address blocks: 45.141.228.0/24 maxlen: 24
45.141.230.0/24 maxlen: 24
45.141.229.0/24 maxlen: 24
2a0e:d0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:7b:c5:5c:77:cf:1c:84:67:a3:53:bb:07:12:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29493731efccc74ad5c273874b9360f7aa689465
Validity
Not Before: Jan 2 05:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=999b5c81367087c5b281211fcc85edfb7c0542ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f9:10:3c:c8:9e:81:d5:f5:56:71:b3:4d:6c:
73:72:54:6d:58:6f:9f:e5:ee:fb:45:ec:29:4e:13:
0c:72:d1:5d:3b:e9:35:6f:06:f6:9b:fc:8c:9e:8c:
b4:1b:1a:52:ed:5c:6c:43:ce:66:33:61:b8:2f:54:
49:2b:1d:9f:d7:e5:f5:14:4c:86:b5:3c:9b:0c:9a:
84:1f:20:2c:03:55:2e:7e:22:d1:af:52:f8:ba:03:
1f:7a:04:6e:2d:2f:4b:c3:12:95:3a:dd:29:76:0e:
f9:f4:8a:90:9b:7a:c3:dd:b7:50:c8:db:21:15:7c:
85:ce:d8:fc:6d:62:d9:cf:f3:62:9d:a3:e0:eb:9f:
47:9a:70:7c:56:82:ca:07:38:3f:2d:55:a4:94:af:
69:b4:9a:c7:50:f9:f3:cf:65:50:5f:64:57:b0:f1:
2e:5f:28:9d:c2:3b:6f:25:f4:c1:bc:99:d1:ff:3f:
83:a5:30:33:7a:dd:49:85:28:6d:9f:07:23:b0:89:
55:26:18:fd:ef:d5:36:52:ce:1e:9c:2f:04:00:60:
99:1b:f0:ca:6a:a2:59:0b:dd:38:50:db:30:b3:9d:
c8:3d:42:65:2c:6a:f7:86:1f:74:3d:5c:75:06:ff:
7f:ac:9c:e5:41:c2:f9:12:94:23:7e:42:2e:73:eb:
66:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9B:5C:81:36:70:87:C5:B2:81:21:1F:CC:85:ED:FB:7C:05:42:EF
X509v3 Authority Key Identifier:
keyid:29:49:37:31:EF:CC:C7:4A:D5:C2:73:87:4B:93:60:F7:AA:68:94:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUk3Me_Mx0rVwnOHS5Ng96polGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/mZtcgTZwh8WygSEfzIXt-3wFQu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/KUk3Me_Mx0rVwnOHS5Ng96polGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.228.0-45.141.230.255
IPv6:
2a0e:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:96:9a:4a:41:49:d8:03:e1:98:a2:3c:96:81:29:0c:db:e2:
1d:ce:7f:4c:31:42:d1:41:b7:9b:7b:36:a3:54:c1:6a:0e:d2:
8f:f3:2a:68:40:a0:a4:7a:53:b6:13:54:ce:20:af:b5:49:9c:
5f:1f:5e:f9:7b:d4:b3:63:ad:f2:bc:54:80:9e:f5:08:4d:8c:
02:f0:f7:f7:8d:d4:87:8c:87:55:55:eb:4d:fc:b9:5f:aa:27:
8c:7d:6b:5f:bf:a6:9e:d7:b3:a7:04:6f:a0:05:8f:f9:8f:24:
7e:6f:d8:f6:49:51:5f:f3:4b:df:b9:b1:25:ff:83:b3:cc:62:
ac:1e:94:98:73:eb:c3:e2:0e:b8:12:c2:96:76:21:3f:7a:6d:
f1:08:60:7a:eb:fa:62:ca:3f:cb:10:5f:ff:a4:a4:5b:70:2e:
2c:d7:5a:37:b6:2b:83:07:35:65:a7:c5:d4:3c:81:89:d6:e6:
e3:18:32:ca:61:a3:e0:23:e5:6a:28:ad:8b:1a:65:e3:f6:0d:
4b:5e:fa:14:51:b5:c8:c3:df:50:61:1b:35:8e:2e:44:c0:61:
2e:4d:5f:11:73:31:5c:bc:82:a2:cf:d6:ce:40:fe:20:1b:d8:
ad:96:94:1a:99:2f:55:52:8b:0e:a8:71:5f:8e:ad:6f:a3:83:
e5:00:b7:a3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVw8HvFXHfPHIRno1O7BxKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NDkzNzMxZWZjY2M3NGFkNWMyNzM4NzRiOTM2MGY3YWE2
ODk0NjUwHhcNMjMwMTAyMDUyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTliNWM4MTM2NzA4N2M1YjI4MTIxMWZjYzg1ZWRmYjdjMDU0MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvkQPMiegdX1VnGzTWxzclRtWG+f
5e77RewpThMMctFdO+k1bwb2m/yMnoy0GxpS7VxsQ85mM2G4L1RJKx2f1+X1FEyG
tTybDJqEHyAsA1UufiLRr1L4ugMfegRuLS9LwxKVOt0pdg759IqQm3rD3bdQyNsh
FXyFztj8bWLZz/NinaPg659HmnB8VoLKBzg/LVWklK9ptJrHUPnzz2VQX2RXsPEu
XyidwjtvJfTBvJnR/z+DpTAzet1JhShtnwcjsIlVJhj979U2Us4enC8EAGCZG/DK
aqJZC904UNsws53IPUJlLGr3hh90PVx1Bv9/rJzlQcL5EpQjfkIuc+tmMwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJmbXIE2cIfFsoEhH8yF7ft8BULvMB8GA1UdIwQY
MBaAFClJNzHvzMdK1cJzh0uTYPeqaJRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VrM01lX014MHJWd25PSFM1Tmc5NnBvbEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9hZjRjMDktYzhjMi00ODkzLWExMGIt
MGNkOGE2OTcyOWI3LzEvbVp0Y2dUWndoOFd5Z1NFZnpJWHQtM3dGUXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9hZjRjMDktYzhjMi00ODkzLWExMGItMGNkOGE2OTcyOWI3
LzEvS1VrM01lX014MHJWd25PSFM1Tmc5NnBvbEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAItjeQD
BAAtjeYwDQQCAAIwBwMFAyoO0MAwDQYJKoZIhvcNAQELBQADggEBAAqWmkpBSdgD
4ZiiPJaBKQzb4h3Of0wxQtFBt5t7NqNUwWoO0o/zKmhAoKR6U7YTVM4gr7VJnF8f
Xvl71LNjrfK8VICe9QhNjALw9/eN1IeMh1VV6038uV+qJ4x9a1+/pp7Xs6cEb6AF
j/mPJH5v2PZJUV/zS9+5sSX/g7PMYqwelJhz68PiDrgSwpZ2IT96bfEIYHrr+mLK
P8sQX/+kpFtwLizXWje2K4MHNWWnxdQ8gYnW5uMYMspho+Aj5WoorYsaZeP2DUte
+hRRtcjD31BhGzWOLkTAYS5NXxFzMVy8gqLP1s5A/iAb2K2WlBqZL1VSiw6ocV+O
rW+jg+UAt6M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:57 2024 by rpki-client on console-ams.rpki-client.org