Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/MSm5ciStG2uaESDSO7hK4OFU9xo.roa
File: MSm5ciStG2uaESDSO7hK4OFU9xo.roa (raw, json)
Hash identifier: 7pm7glzVgDhtPBVHSLTTRwBF1MGV8h4mqs7nFtYJ+u0=
Subject key identifier: 31:29:B9:72:24:AD:1B:6B:9A:11:20:D2:3B:B8:4A:E0:E1:54:F7:1A
Certificate issuer: /CN=b7785a30d8512d0d8ab637812b79fa4529a1ef1b
Certificate serial: 018572B411C46E4FFCF32AFE7D1FB6472ACE
Authority key identifier: B7:78:5A:30:D8:51:2D:0D:8A:B6:37:81:2B:79:FA:45:29:A1:EF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3haMNhRLQ2KtjeBK3n6RSmh7xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/MSm5ciStG2uaESDSO7hK4OFU9xo.roa
Signing time: Mon 02 Jan 2023 13:38:01 +0000
ROA not before: Mon 02 Jan 2023 13:38:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208006
IP address blocks: 45.82.138.0/24 maxlen: 24
45.82.137.0/24 maxlen: 24
45.82.139.0/24 maxlen: 24
45.82.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:11:c4:6e:4f:fc:f3:2a:fe:7d:1f:b6:47:2a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7785a30d8512d0d8ab637812b79fa4529a1ef1b
Validity
Not Before: Jan 2 13:38:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3129b97224ad1b6b9a1120d23bb84ae0e154f71a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dd:d9:19:f2:6b:ed:39:9b:75:d2:27:7a:36:
76:b6:09:18:0b:b1:09:cb:2c:5e:23:e5:4c:bd:17:
2e:a4:1d:a8:af:16:c3:60:cd:c0:af:aa:41:88:81:
b9:1e:f5:79:7e:ed:17:09:7d:95:3b:21:d0:1c:0b:
e1:fe:49:f8:b4:e5:6d:8b:c8:40:af:13:e3:21:eb:
14:74:8b:b1:eb:9d:57:ee:d7:8b:fb:5d:7f:0b:9c:
2d:ed:c4:f9:d8:97:d0:60:2c:ae:17:aa:b0:ce:2b:
b0:9a:90:8d:54:a3:a8:dd:7a:ea:cc:09:e0:66:1e:
54:15:c3:19:70:9b:a0:45:9b:15:4d:c9:4d:9e:9b:
8a:2a:49:42:ef:18:64:1d:69:92:4c:d3:84:fb:a1:
2a:c8:77:55:8a:ff:c7:25:62:11:de:9d:33:03:77:
ba:e0:45:8c:ca:2f:e8:40:c5:0f:f0:a5:85:de:c7:
be:4e:c6:69:43:3e:91:31:c8:c4:c2:a1:0b:55:c2:
4f:43:6a:d0:06:a5:5d:07:fb:fc:f1:e3:d5:65:81:
c2:db:cc:ce:d9:a2:a3:c8:31:21:6f:17:3e:cb:c7:
97:d6:5f:cc:ea:1a:87:50:70:20:f8:c3:a2:ed:54:
1c:c3:ff:0d:23:92:18:55:00:4e:f5:a2:7a:9d:fb:
30:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:29:B9:72:24:AD:1B:6B:9A:11:20:D2:3B:B8:4A:E0:E1:54:F7:1A
X509v3 Authority Key Identifier:
keyid:B7:78:5A:30:D8:51:2D:0D:8A:B6:37:81:2B:79:FA:45:29:A1:EF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3haMNhRLQ2KtjeBK3n6RSmh7xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/MSm5ciStG2uaESDSO7hK4OFU9xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/t3haMNhRLQ2KtjeBK3n6RSmh7xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.136.0/22
Signature Algorithm: sha256WithRSAEncryption
84:42:0c:1e:45:38:7b:9f:30:12:0f:30:14:72:b3:29:01:e2:
f7:5b:6c:ca:ff:c1:27:ab:98:c1:33:c6:42:f1:15:dd:53:70:
52:e7:b3:11:ee:50:f7:39:31:69:16:b3:e4:13:f9:8b:ee:03:
5f:b7:18:1d:19:6c:e8:b1:a3:1f:93:92:be:b7:71:c9:7a:ae:
f6:f6:77:9c:b6:4f:e0:cf:f0:b9:db:d2:f3:e5:81:aa:12:7c:
91:92:17:9d:e8:8a:b3:0f:c3:bf:63:3e:4d:55:99:fb:dd:62:
8e:ac:28:ca:a2:4e:23:cf:0b:d7:79:37:d5:f9:fb:75:4d:7d:
da:cb:09:44:5c:47:be:60:c3:ba:a6:21:e1:04:60:41:f0:1b:
cb:27:59:2d:9b:94:00:5a:3f:29:d7:a1:c5:4f:83:be:c7:fc:
33:0f:29:6c:86:b5:70:6e:83:27:75:53:9b:7e:44:73:dd:d1:
ee:32:5f:20:4d:13:2f:23:5c:25:3c:18:6d:73:52:6b:0b:5a:
f0:25:dc:ef:60:40:4b:57:bd:6c:b9:17:0b:c3:d2:22:7a:45:
88:7c:2b:02:8c:79:8b:bc:bb:31:9b:89:73:0f:96:2a:38:66:
27:15:36:98:44:ac:3f:ef:96:85:7f:33:9b:7f:d2:fa:f6:2c:
e0:26:d6:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytBHEbk/88yr+fR+2RyrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Nzg1YTMwZDg1MTJkMGQ4YWI2Mzc4MTJiNzlmYTQ1Mjlh
MWVmMWIwHhcNMjMwMTAyMTMzODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTI5Yjk3MjI0YWQxYjZiOWExMTIwZDIzYmI4NGFlMGUxNTRmNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht3ZGfJr7TmbddInejZ2tgkYC7EJ
yyxeI+VMvRcupB2orxbDYM3Ar6pBiIG5HvV5fu0XCX2VOyHQHAvh/kn4tOVti8hA
rxPjIesUdIux651X7teL+11/C5wt7cT52JfQYCyuF6qwziuwmpCNVKOo3XrqzAng
Zh5UFcMZcJugRZsVTclNnpuKKklC7xhkHWmSTNOE+6EqyHdViv/HJWIR3p0zA3e6
4EWMyi/oQMUP8KWF3se+TsZpQz6RMcjEwqELVcJPQ2rQBqVdB/v88ePVZYHC28zO
2aKjyDEhbxc+y8eX1l/M6hqHUHAg+MOi7VQcw/8NI5IYVQBO9aJ6nfswSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEpuXIkrRtrmhEg0ju4SuDhVPcaMB8GA1UdIwQY
MBaAFLd4WjDYUS0NirY3gSt5+kUpoe8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNoYU1OaFJMUTJLdGplQkszbjZSU21oN3hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy81NDMxN2QtMDk0ZS00ODIwLTk2NTEt
NjIxOWIzMjEyMmQwLzEvTVNtNWNpU3RHMnVhRVNEU083aEs0T0ZVOXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy81NDMxN2QtMDk0ZS00ODIwLTk2NTEtNjIxOWIzMjEyMmQw
LzEvdDNoYU1OaFJMUTJLdGplQkszbjZSU21oN3hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVKIMA0G
CSqGSIb3DQEBCwUAA4IBAQCEQgweRTh7nzASDzAUcrMpAeL3W2zK/8Enq5jBM8ZC
8RXdU3BS57MR7lD3OTFpFrPkE/mL7gNftxgdGWzosaMfk5K+t3HJeq729nectk/g
z/C529Lz5YGqEnyRkhed6IqzD8O/Yz5NVZn73WKOrCjKok4jzwvXeTfV+ft1TX3a
ywlEXEe+YMO6piHhBGBB8BvLJ1ktm5QAWj8p16HFT4O+x/wzDylshrVwboMndVOb
fkRz3dHuMl8gTRMvI1wlPBhtc1JrC1rwJdzvYEBLV71suRcLw9IiekWIfCsCjHmL
vLsxm4lzD5YqOGYnFTaYRKw/75aFfzObf9L69izgJtap
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:49 2024 by rpki-client on console-fra.rpki-client.org