Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/MxcX7lCz-42ZKF4L3nkc0K0OjpY.roa
File: MxcX7lCz-42ZKF4L3nkc0K0OjpY.roa (raw, json)
Hash identifier: hKMowyxMLHvmbsHf2AGZyj0P+DmdfnVCXGcdCawTLTY=
Subject key identifier: 33:17:17:EE:50:B3:FB:8D:99:28:5E:0B:DE:79:1C:D0:AD:0E:8E:96
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 018CC4934A1C824AA98D65E1209EFA06A51B
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/MxcX7lCz-42ZKF4L3nkc0K0OjpY.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211680
IP address blocks: 45.156.129.0/24 maxlen: 24
45.156.128.0/24 maxlen: 24
185.180.140.0/24 maxlen: 24
185.180.143.0/24 maxlen: 24
2a10:3c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 May 2024 13:57:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4a:1c:82:4a:a9:8d:65:e1:20:9e:fa:06:a5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=331717ee50b3fb8d99285e0bde791cd0ad0e8e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:ed:cf:98:19:f6:ea:e2:e7:61:df:1c:63:
91:66:dd:da:e2:22:7a:3a:4c:f7:c4:e5:58:c0:39:
7f:a6:14:af:3c:42:01:3f:5a:d2:7c:59:4c:0b:8c:
e0:ee:af:e8:f0:b1:8b:2d:29:3b:1e:63:6e:8b:3c:
13:b5:81:ab:21:08:74:4f:1a:e8:67:f5:7a:cb:9a:
89:50:43:8d:1f:54:65:f2:b8:f7:7e:81:33:f2:63:
b3:3b:a2:cd:af:29:72:01:0b:3f:bd:ce:4d:0c:4f:
2b:c8:a4:69:0f:79:d4:d1:7f:d2:c1:b8:7e:ae:24:
65:ec:c1:e9:a6:11:20:ca:57:3f:9b:ee:a1:79:87:
9b:18:26:d4:2a:95:3e:73:ec:d5:bc:e9:3f:23:ee:
9c:10:6d:7a:40:ca:a6:75:5a:b4:f8:7a:d3:15:de:
4f:46:88:6f:53:25:ea:29:d9:55:25:68:e9:96:f1:
6c:d0:c3:fd:b3:ba:45:f3:ab:69:54:70:7e:cd:7b:
e6:e7:ff:76:a6:f7:15:93:12:c8:05:d5:20:ed:13:
c1:f5:0b:79:f4:71:54:3a:b2:23:8c:e0:8f:a3:34:
16:fb:62:6c:33:80:01:cd:6a:38:08:fe:02:3f:4f:
83:d1:97:8e:50:71:fc:c1:c8:bf:d9:c9:21:73:f8:
e9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:17:17:EE:50:B3:FB:8D:99:28:5E:0B:DE:79:1C:D0:AD:0E:8E:96
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/MxcX7lCz-42ZKF4L3nkc0K0OjpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.128.0/23
185.180.140.0/24
185.180.143.0/24
IPv6:
2a10:3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
9a:b3:c4:96:d5:be:de:34:ac:44:9e:8a:a8:fe:9e:b9:c7:1a:
f2:0d:18:ae:c4:6a:80:fb:81:fc:3a:23:21:5a:8b:f5:15:2f:
d3:a1:40:d4:04:14:72:63:4f:5f:05:ce:12:27:1d:d8:6d:e4:
8e:5d:de:90:c4:9d:94:dc:14:f5:79:5c:77:81:00:d6:ee:24:
a5:c0:f6:09:40:53:15:1c:e2:4e:e9:c7:4f:cd:ff:a3:8d:ba:
b9:63:46:ea:87:90:29:28:09:a3:1a:ef:39:5e:ea:db:0f:46:
86:19:9d:6a:fc:25:7a:0f:d6:40:7c:4d:98:c7:50:d9:ea:c3:
49:81:1b:d3:df:f4:2e:fb:3d:86:f6:55:eb:93:68:8a:16:49:
e9:c2:bb:b4:e9:23:9e:63:4d:bb:55:60:e5:32:bc:55:04:6f:
a3:d9:b9:33:37:eb:30:ee:fd:fc:e1:c1:45:8f:da:75:37:32:
30:1a:b7:c7:8c:1f:a4:84:3c:33:0e:10:ea:a7:58:51:17:75:
a1:a9:d1:66:a1:35:91:30:bf:cc:21:c0:6a:1e:a7:b2:59:35:
23:33:04:88:c7:87:e0:d6:09:6b:22:d1:90:5f:40:78:0c:f7:
64:70:e5:68:91:96:e1:06:11:05:68:e3:dd:0b:da:74:ab:71:
81:c2:4c:e4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEk0ocgkqpjWXhIJ76BqUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzE3MTdlZTUwYjNmYjhkOTkyODVlMGJkZTc5MWNkMGFkMGU4ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xztz5gZ9uri52HfHGORZt3a4iJ6
Okz3xOVYwDl/phSvPEIBP1rSfFlMC4zg7q/o8LGLLSk7HmNuizwTtYGrIQh0Txro
Z/V6y5qJUEONH1Rl8rj3foEz8mOzO6LNrylyAQs/vc5NDE8ryKRpD3nU0X/Swbh+
riRl7MHpphEgylc/m+6heYebGCbUKpU+c+zVvOk/I+6cEG16QMqmdVq0+HrTFd5P
RohvUyXqKdlVJWjplvFs0MP9s7pF86tpVHB+zXvm5/92pvcVkxLIBdUg7RPB9Qt5
9HFUOrIjjOCPozQW+2JsM4ABzWo4CP4CP0+D0ZeOUHH8wci/2ckhc/jpWwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDMXF+5Qs/uNmSheC955HNCtDo6WMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvTXhjWDdsQ3otNDJaS0Y0TDNua2MwSzBPanBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBLZyAAwQA
ubSMAwQAubSPMA8EAgACMAkDBwAqEAPAAAEwDQYJKoZIhvcNAQELBQADggEBAJqz
xJbVvt40rESeiqj+nrnHGvINGK7EaoD7gfw6IyFai/UVL9OhQNQEFHJjT18FzhIn
Hdht5I5d3pDEnZTcFPV5XHeBANbuJKXA9glAUxUc4k7px0/N/6ONurljRuqHkCko
CaMa7zle6tsPRoYZnWr8JXoP1kB8TZjHUNnqw0mBG9Pf9C77PYb2VeuTaIoWSenC
u7TpI55jTbtVYOUyvFUEb6PZuTM36zDu/fzhwUWP2nU3MjAat8eMH6SEPDMOEOqn
WFEXdaGp0WahNZEwv8whwGoep7JZNSMzBIjHh+DWCWsi0ZBfQHgM92Rw5WiRluEG
EQVo490L2nSrcYHCTOQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:02 2025 by rpki-client