Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/mKhU6FKji8ufSyXXRQSMAf-y59Y.roa
File: mKhU6FKji8ufSyXXRQSMAf-y59Y.roa (raw, json)
Hash identifier: Uv7x+xAZHKl9ey2Q5cBYtopidhuz+LFf851EjxXWbWs=
Subject key identifier: 98:A8:54:E8:52:A3:8B:CB:9F:4B:25:D7:45:04:8C:01:FF:B2:E7:D6
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 018CC26D2B376360B8FFDE54A881720EF23D
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/mKhU6FKji8ufSyXXRQSMAf-y59Y.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 45.83.200.0/22 maxlen: 22
185.114.156.0/22 maxlen: 22
185.229.32.0/22 maxlen: 22
2a03:3a60::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 20 Jan 2024 22:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2b:37:63:60:b8:ff:de:54:a8:81:72:0e:f2:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a854e852a38bcb9f4b25d745048c01ffb2e7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:15:f7:94:56:9d:cb:fe:a3:b3:95:f6:e1:c6:
7a:f2:a6:e5:df:b0:35:83:4b:4f:13:14:b3:fb:c6:
ab:85:75:76:c0:0f:2f:4f:ca:2c:58:b9:64:a1:d6:
60:da:fc:2e:a9:79:c4:96:a4:40:c6:f7:a7:7e:50:
8a:08:de:47:1a:b5:69:10:e9:2b:b8:50:5b:0d:6c:
1e:cd:26:75:f8:6f:f4:da:86:28:e4:03:36:eb:af:
7c:71:5a:74:82:67:09:4b:dc:85:84:60:cb:78:87:
7c:c3:cd:24:e0:1c:7d:6b:3f:6c:97:48:64:30:65:
1e:8f:1e:35:a5:f0:1e:04:62:82:4a:0f:aa:98:71:
98:27:f8:fc:48:a6:ea:aa:32:1c:51:56:d8:7a:7b:
30:52:c7:77:c6:01:2c:3e:05:9c:77:61:01:e5:ef:
2c:bf:ff:f8:77:bd:fd:ff:ba:f1:4c:48:43:e9:d9:
dd:86:f0:58:59:c2:bf:21:d2:79:fd:40:37:87:75:
17:19:1e:23:7f:2d:ea:29:ad:84:0c:96:04:83:3f:
84:8b:9b:c4:6d:dc:5e:dc:0b:fc:e7:a6:c3:87:57:
40:69:6a:35:39:f2:3a:1c:82:ad:6e:30:83:eb:29:
cc:1a:05:21:62:15:f3:66:48:a3:e1:80:8b:1e:3b:
70:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A8:54:E8:52:A3:8B:CB:9F:4B:25:D7:45:04:8C:01:FF:B2:E7:D6
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/mKhU6FKji8ufSyXXRQSMAf-y59Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.200.0/22
185.114.156.0/22
185.229.32.0/22
IPv6:
2a03:3a60::/32
Signature Algorithm: sha256WithRSAEncryption
70:49:f7:6b:b8:dd:8e:50:f9:f8:c2:ba:bb:89:5d:2f:38:5f:
05:c6:9f:0c:79:94:db:50:60:1a:b6:ad:75:46:a1:e2:9b:b9:
f4:02:e6:6b:db:e8:d6:e4:c2:a0:a7:0d:90:f9:6f:a2:32:ca:
34:cb:79:26:db:ff:d1:5f:c1:d5:09:4c:66:91:0b:6c:41:f3:
25:36:b2:70:f9:9a:51:b1:83:23:86:c1:11:09:94:d4:b5:4f:
e7:f1:fe:f7:1f:be:fa:d2:e5:1e:71:36:2f:63:7d:ee:70:d9:
18:ee:c2:b6:e5:96:06:26:ea:ab:77:5a:a7:85:b2:aa:71:de:
45:44:06:ed:f9:32:97:6a:7f:15:36:cf:91:06:5f:cb:e2:f9:
0b:f3:3d:c7:42:b3:22:55:e7:29:12:e3:97:56:66:0c:10:50:
92:df:8b:66:15:42:d3:2e:96:c1:62:19:c1:9e:1d:16:ba:11:
ff:ce:ed:04:0f:30:eb:4b:9d:c3:20:a2:20:89:cc:63:e1:5f:
ea:9b:35:44:17:78:37:28:a6:d7:2f:6c:1c:a0:9b:e4:0a:25:
5d:ed:3f:24:2d:5f:a2:7c:65:42:1d:ea:d7:1e:ff:10:93:8b:
69:bc:c8:ab:f6:89:75:f9:e7:0d:06:3f:6c:8d:bd:c5:3b:5b:
97:92:da:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzCbSs3Y2C4/95UqIFyDvI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE4NTRlODUyYTM4YmNiOWY0YjI1ZDc0NTA0OGMwMWZmYjJlN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxX3lFady/6js5X24cZ68qbl37A1
g0tPExSz+8arhXV2wA8vT8osWLlkodZg2vwuqXnElqRAxvenflCKCN5HGrVpEOkr
uFBbDWwezSZ1+G/02oYo5AM26698cVp0gmcJS9yFhGDLeId8w80k4Bx9az9sl0hk
MGUejx41pfAeBGKCSg+qmHGYJ/j8SKbqqjIcUVbYenswUsd3xgEsPgWcd2EB5e8s
v//4d739/7rxTEhD6dndhvBYWcK/IdJ5/UA3h3UXGR4jfy3qKa2EDJYEgz+Ei5vE
bdxe3Av856bDh1dAaWo1OfI6HIKtbjCD6ynMGgUhYhXzZkij4YCLHjtw0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJioVOhSo4vLn0sl10UEjAH/sufWMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvbUtoVTZGS2ppOHVmU3lYWFJRU01BZi15NTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVPIAwQC
uXKcAwQCueUgMA0EAgACMAcDBQAqAzpgMA0GCSqGSIb3DQEBCwUAA4IBAQBwSfdr
uN2OUPn4wrq7iV0vOF8Fxp8MeZTbUGAatq11RqHim7n0AuZr2+jW5MKgpw2Q+W+i
Mso0y3km2//RX8HVCUxmkQtsQfMlNrJw+ZpRsYMjhsERCZTUtU/n8f73H7760uUe
cTYvY33ucNkY7sK25ZYGJuqrd1qnhbKqcd5FRAbt+TKXan8VNs+RBl/L4vkL8z3H
QrMiVecpEuOXVmYMEFCS34tmFULTLpbBYhnBnh0WuhH/zu0EDzDrS53DIKIgicxj
4V/qmzVEF3g3KKbXL2wcoJvkCiVd7T8kLV+ifGVCHerXHv8Qk4tpvMir9ol1+ecN
Bj9sjb3FO1uXktpM
Generated at Sun Jan 21 01:35:45 2024 by rpki-client on console-fra.rpki-client.org