Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/MxAqUAI6G-0vy6TnJbZn5CK1KUk.roa
File: MxAqUAI6G-0vy6TnJbZn5CK1KUk.roa (raw, json)
Hash identifier: dMrlxiBiwD/KthYrGtjFlUXNBt9n32960xr+Nlf/MpQ=
Subject key identifier: 33:10:2A:50:02:3A:1B:ED:2F:CB:A4:E7:25:B6:67:E4:22:B5:29:49
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0191E03E0DD437873263B5A692504448FA12
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/MxAqUAI6G-0vy6TnJbZn5CK1KUk.roa
Signing time: Wed 11 Sep 2024 08:40:48 +0000
ROA not before: Wed 11 Sep 2024 08:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199760
IP address blocks: 45.141.234.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 07:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e0:3e:0d:d4:37:87:32:63:b5:a6:92:50:44:48:fa:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 11 08:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33102a50023a1bed2fcba4e725b667e422b52949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ae:ee:a5:7f:5d:bd:ac:0f:e4:b9:b6:5d:2d:
6b:00:35:99:61:3c:3e:b2:54:fc:76:87:40:fb:c8:
53:39:25:9a:7d:51:47:af:72:01:32:76:73:9c:ea:
e8:34:a7:10:5a:be:fd:1d:42:a0:25:a3:f8:d5:7c:
38:8c:c6:44:fd:8d:62:72:8a:dc:26:a4:29:0e:34:
22:32:0b:1f:e5:46:aa:f7:b9:f1:9a:e6:b6:5a:4c:
2a:29:0c:94:9a:90:29:6d:9b:95:6d:0f:c8:1c:76:
f4:27:eb:59:e5:de:a9:1e:3c:1c:b4:a1:e0:c9:1d:
0f:2b:42:7d:84:12:4a:7b:ec:78:a4:ff:cd:b9:7b:
ef:5e:0f:2e:a8:11:af:4c:36:91:a4:61:ce:a7:9a:
a3:56:6d:6f:70:39:9c:4c:b1:54:2d:bf:a1:42:65:
ae:58:02:24:f1:9f:29:4d:7e:26:2f:a5:8f:ff:fa:
2c:6a:ab:91:c0:d6:c3:7b:01:8b:55:41:67:39:b5:
0d:f3:a6:69:27:bc:79:be:9d:8c:f5:43:91:f8:88:
82:de:92:71:2f:e2:12:4f:60:be:c2:25:89:53:60:
ee:4f:7c:8e:8b:0d:8f:8e:cb:82:e2:f8:1e:98:31:
90:63:7c:e1:49:14:c3:c0:e4:31:6d:f6:13:7c:67:
6a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:10:2A:50:02:3A:1B:ED:2F:CB:A4:E7:25:B6:67:E4:22:B5:29:49
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/MxAqUAI6G-0vy6TnJbZn5CK1KUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
91.92.40.0/24
91.92.42.0/23
Signature Algorithm: sha256WithRSAEncryption
67:2d:59:83:c0:d8:5c:2b:6a:14:05:73:58:7d:de:3d:ae:ee:
c5:00:f7:e5:6d:a9:19:83:73:56:e7:49:87:6c:ef:fe:ca:94:
ba:fd:70:35:3f:d2:8e:92:1c:3a:91:55:f5:a3:45:2f:ea:c4:
7f:61:6f:3d:c0:01:df:fb:e6:75:c8:aa:e9:11:d7:99:9e:7d:
c3:ec:0f:63:74:8f:02:33:bb:e9:b3:2f:80:38:44:2a:65:ce:
c7:db:a2:5c:52:9a:79:1c:54:00:6f:d7:e5:c6:88:39:5a:d2:
ae:3a:be:ba:7f:e7:ab:2d:c2:f4:62:1b:99:86:74:2f:c1:c7:
96:56:98:40:2c:29:a5:d3:58:13:a9:1a:ba:98:df:fb:1c:89:
d9:88:c4:58:4b:20:b5:35:03:02:14:68:8e:6b:b4:86:2b:e0:
12:de:ee:30:bb:b0:b1:43:b1:3b:86:bc:cb:b6:c6:68:6f:b4:
d4:6a:b0:b5:88:1d:25:07:bb:8f:88:39:18:24:0e:d2:51:f2:
c0:78:3f:e2:e9:4f:f1:a1:a6:c6:1a:ce:8c:05:5a:8f:27:32:
12:5e:6d:73:eb:c1:69:97:d4:02:6b:f5:d2:0a:89:ba:dd:be:
5b:26:e8:58:33:ec:ac:87:f3:76:1a:cb:65:1d:64:48:a2:ca:
70:64:8d:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHgPg3UN4cyY7WmklBESPoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwOTExMDg0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzEwMmE1MDAyM2ExYmVkMmZjYmE0ZTcyNWI2NjdlNDIyYjUyOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua7upX9dvawP5Lm2XS1rADWZYTw+
slT8dodA+8hTOSWafVFHr3IBMnZznOroNKcQWr79HUKgJaP41Xw4jMZE/Y1icorc
JqQpDjQiMgsf5Uaq97nxmua2WkwqKQyUmpApbZuVbQ/IHHb0J+tZ5d6pHjwctKHg
yR0PK0J9hBJKe+x4pP/NuXvvXg8uqBGvTDaRpGHOp5qjVm1vcDmcTLFULb+hQmWu
WAIk8Z8pTX4mL6WP//osaquRwNbDewGLVUFnObUN86ZpJ7x5vp2M9UOR+IiC3pJx
L+IST2C+wiWJU2DuT3yOiw2PjsuC4vgemDGQY3zhSRTDwOQxbfYTfGdqrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDMQKlACOhvtL8uk5yW2Z+QitSlJMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvTXhBcVVBSTZHLTB2eTZUbkpiWm41Q0sxS1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY3qAwQA
W1woAwQBW1wqMA0GCSqGSIb3DQEBCwUAA4IBAQBnLVmDwNhcK2oUBXNYfd49ru7F
APflbakZg3NW50mHbO/+ypS6/XA1P9KOkhw6kVX1o0Uv6sR/YW89wAHf++Z1yKrp
EdeZnn3D7A9jdI8CM7vpsy+AOEQqZc7H26JcUpp5HFQAb9flxog5WtKuOr66f+er
LcL0YhuZhnQvwceWVphALCml01gTqRq6mN/7HInZiMRYSyC1NQMCFGiOa7SGK+AS
3u4wu7CxQ7E7hrzLtsZob7TUarC1iB0lB7uPiDkYJA7SUfLAeD/i6U/xoabGGs6M
BVqPJzISXm1z68Fpl9QCa/XSCom63b5bJuhYM+ysh/N2GstlHWRIospwZI0y
-----END CERTIFICATE-----
Generated at Thu Sep 12 09:32:12 2024 by rpki-client on console-ams.rpki-client.org