Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/moxm_32zVLvNHgBEaLEnreWQslM.roa
File: moxm_32zVLvNHgBEaLEnreWQslM.roa (raw, json)
Hash identifier: mLdxb9an7cACF4J5ZqTMS443ZIcDSc48mIT9bBmnV0c=
Subject key identifier: 9A:8C:66:FF:7D:B3:54:BB:CD:1E:00:44:68:B1:27:AD:E5:90:B2:53
Certificate issuer: /CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Certificate serial: 0193641DB97911D2B67F548BDECA1B16C7AD
Authority key identifier: 92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/moxm_32zVLvNHgBEaLEnreWQslM.roa
Signing time: Mon 25 Nov 2024 16:18:09 +0000
ROA not before: Mon 25 Nov 2024 16:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42156
IP address blocks: 45.83.172.0/23 maxlen: 23
45.83.174.0/23 maxlen: 23
45.143.60.0/24 maxlen: 24
45.143.61.0/24 maxlen: 24
45.143.62.0/23 maxlen: 23
69.48.159.0/24 maxlen: 24
185.161.188.0/24 maxlen: 24
185.251.180.0/24 maxlen: 24
2a0e:8480::/29 maxlen: 29
2a0e:e2c0::/29 maxlen: 29
2a0e:e2c1::/32 maxlen: 32
2a0e:e2c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Nov 2024 08:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:64:1d:b9:79:11:d2:b6:7f:54:8b:de:ca:1b:16:c7:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Validity
Not Before: Nov 25 16:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a8c66ff7db354bbcd1e004468b127ade590b253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a3:74:ef:9d:36:14:bb:9b:e4:d6:af:a6:17:
c1:8e:cf:6c:ec:3b:ea:f2:89:03:b7:b2:18:80:50:
8b:fd:37:57:72:01:e5:0b:7a:46:5f:3a:9b:88:b7:
b6:81:4b:a0:32:d8:2d:da:83:f6:33:03:c7:26:f7:
06:96:32:96:f3:33:f0:83:0d:e4:84:46:83:68:04:
76:43:7a:5b:76:8e:86:ab:a6:9d:cf:0a:b5:a8:a1:
dd:1f:aa:55:6d:99:71:fc:e0:75:06:61:e5:17:20:
62:2f:02:39:38:11:80:b4:b8:c6:04:43:73:d8:3d:
d3:7a:3f:84:e8:33:27:b6:7b:71:6a:2f:2d:86:f5:
e7:90:8d:7c:74:70:64:80:72:c9:fa:ec:c8:e0:d9:
bc:71:fc:44:d4:42:da:e5:5d:ae:ab:59:04:b5:30:
f4:b6:3c:7f:55:a2:7b:b7:3f:33:c8:43:ba:99:c8:
0c:5b:d9:84:ec:f9:ae:cb:8b:70:4e:d6:9f:dc:e1:
b0:ec:4b:a0:92:84:e9:6a:5a:ed:05:54:27:5d:ca:
6e:bc:25:46:a2:2e:31:ba:c4:83:43:56:ed:71:c9:
f4:b9:a3:5d:2d:f7:b7:3a:55:a0:86:77:68:61:2d:
00:ac:03:69:99:ee:a8:bc:a3:a0:67:4d:1e:52:ce:
50:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8C:66:FF:7D:B3:54:BB:CD:1E:00:44:68:B1:27:AD:E5:90:B2:53
X509v3 Authority Key Identifier:
keyid:92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/moxm_32zVLvNHgBEaLEnreWQslM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.172.0/22
45.143.60.0/22
69.48.159.0/24
185.161.188.0/24
185.251.180.0/24
IPv6:
2a0e:8480::/29
2a0e:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:90:d8:2d:08:b8:18:e1:6b:c4:52:6f:d9:dc:10:0a:b9:4d:
8c:b9:1c:93:53:90:5e:dd:ba:0d:17:f9:80:82:e4:b7:e7:e8:
f1:63:59:d5:30:f8:ab:5b:59:1d:a7:83:d0:2a:1a:a3:c9:53:
7b:ea:7c:2f:64:d0:56:97:c0:01:50:57:cb:a5:a2:38:36:49:
54:f3:84:11:90:04:b4:62:17:ac:aa:83:00:45:81:da:75:23:
0f:99:23:fe:4e:27:a3:bc:ff:51:e2:f2:08:a4:7a:18:48:15:
28:3f:d6:0c:2d:c5:30:b3:28:1b:28:71:f3:1a:72:5c:ff:b1:
f9:b0:d9:dd:91:d3:b5:b3:39:ef:8f:ae:26:56:7c:aa:6d:f9:
d8:af:3a:a0:79:d5:c1:63:4b:15:2f:c8:4c:cc:f4:8f:35:2a:
aa:f2:ea:f1:32:94:d0:95:ec:60:17:f8:f6:59:16:2d:3d:30:
fe:b9:9c:33:a6:91:50:e0:be:5d:1a:1a:a8:8b:a3:f5:3f:d5:
d2:0f:92:0a:4c:eb:af:b1:22:2c:74:25:cc:ac:6e:ce:21:a3:
40:4c:95:78:64:6f:8a:56:d2:48:f1:ca:ce:fa:4c:17:19:54:
a8:2e:4f:28:0c:92:cf:76:3f:3c:d4:a3:21:d3:92:c8:9e:d8:
62:6d:de:c7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZNkHbl5EdK2f1SL3sobFsetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYWYwM2NhMmRmNjQyM2I3N2QwZWYzNzM3YjBmNDc5MWFh
MDM1YTMwHhcNMjQxMTI1MTYxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThjNjZmZjdkYjM1NGJiY2QxZTAwNDQ2OGIxMjdhZGU1OTBiMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaN07502FLub5NavphfBjs9s7Dvq
8okDt7IYgFCL/TdXcgHlC3pGXzqbiLe2gUugMtgt2oP2MwPHJvcGljKW8zPwgw3k
hEaDaAR2Q3pbdo6Gq6adzwq1qKHdH6pVbZlx/OB1BmHlFyBiLwI5OBGAtLjGBENz
2D3Tej+E6DMntntxai8thvXnkI18dHBkgHLJ+uzI4Nm8cfxE1ELa5V2uq1kEtTD0
tjx/VaJ7tz8zyEO6mcgMW9mE7Pmuy4twTtaf3OGw7EugkoTpalrtBVQnXcpuvCVG
oi4xusSDQ1btccn0uaNdLfe3OlWghndoYS0ArANpme6ovKOgZ00eUs5QKQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJqMZv99s1S7zR4ARGixJ63lkLJTMB8GA1UdIwQY
MBaAFJKvA8ot9kI7d9DvNzew9HkaoDWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEt
NzAzYjZiNzBhN2VjLzEvbW94bV8zMnpWTHZOSGdCRWFMRW5yZVdRc2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEtNzAzYjZiNzBhN2Vj
LzEva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLVOsAwQC
LY88AwQARTCfAwQAuaG8AwQAufu0MBQEAgACMA4DBQMqDoSAAwUDKg7iwDANBgkq
hkiG9w0BAQsFAAOCAQEAb5DYLQi4GOFrxFJv2dwQCrlNjLkck1OQXt26DRf5gILk
t+fo8WNZ1TD4q1tZHaeD0Coao8lTe+p8L2TQVpfAAVBXy6WiODZJVPOEEZAEtGIX
rKqDAEWB2nUjD5kj/k4no7z/UeLyCKR6GEgVKD/WDC3FMLMoGyhx8xpyXP+x+bDZ
3ZHTtbM574+uJlZ8qm352K86oHnVwWNLFS/ITMz0jzUqqvLq8TKU0JXsYBf49lkW
LT0w/rmcM6aRUOC+XRoaqIuj9T/V0g+SCkzrr7EiLHQlzKxuziGjQEyVeGRvilbS
SPHKzvpMFxlUqC5PKAySz3Y/PNSjIdOSyJ7YYm3exw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:32 2025 by rpki-client