Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/MLfuOKfM98u-rRIVkCiim-S0pKA.roa
File: MLfuOKfM98u-rRIVkCiim-S0pKA.roa (raw, json)
Hash identifier: wdbv+sf8Np2reHU2z1q9IM3HFMfnlUkr40ve+ZhzrCM=
Subject key identifier: 30:B7:EE:38:A7:CC:F7:CB:BE:AD:12:15:90:28:A2:9B:E4:B4:A4:A0
Certificate issuer: /CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Certificate serial: 0192FE75BBCCD640EB4C42AACF70B6B85B56
Authority key identifier: 98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/MLfuOKfM98u-rRIVkCiim-S0pKA.roa
Signing time: Tue 05 Nov 2024 22:33:01 +0000
ROA not before: Tue 05 Nov 2024 22:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201342
IP address blocks: 46.45.123.0/24 maxlen: 24
2a03:24c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fe:75:bb:cc:d6:40:eb:4c:42:aa:cf:70:b6:b8:5b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Validity
Not Before: Nov 5 22:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30b7ee38a7ccf7cbbead12159028a29be4b4a4a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:39:ee:ff:3c:7b:aa:9d:07:05:58:2d:d1:
e6:59:91:4d:df:a3:cd:e3:5e:b5:e8:3d:64:8a:5c:
0f:fa:de:94:b3:67:35:d4:37:1a:2c:7a:e5:5a:b2:
21:c6:8d:2e:f1:32:6f:38:fc:05:68:e2:5b:b0:13:
ba:c6:4d:b9:11:6c:91:c0:43:21:62:af:18:ad:fb:
cf:18:76:a6:61:16:db:09:63:f6:f7:10:2c:f0:67:
c4:d6:c5:dd:a5:7a:8f:d5:31:e7:de:15:ea:34:4f:
77:64:19:0f:08:51:63:51:f8:cc:c9:90:90:5d:d4:
1e:17:87:ea:ac:b4:5b:31:ba:02:f7:3a:a3:de:7b:
b8:d7:7e:9d:e4:7e:40:64:e0:36:27:c8:14:16:f6:
a2:4b:2a:12:29:05:65:f2:04:c4:dd:3e:18:b4:ed:
3d:2c:d1:a6:99:bf:14:fb:0c:da:b8:bf:48:97:5c:
02:ab:0b:98:7e:e9:e1:1c:d6:c2:1a:9f:df:bb:84:
db:6d:0e:9c:11:4e:32:fd:b4:a4:0b:f6:24:9e:da:
4a:53:53:e2:60:19:4e:b5:61:f9:76:eb:d4:35:a3:
33:b1:c0:19:23:43:45:bc:f7:28:4e:db:39:29:ed:
8f:38:ae:6a:2f:fe:61:68:75:7c:4e:73:d3:15:0b:
29:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B7:EE:38:A7:CC:F7:CB:BE:AD:12:15:90:28:A2:9B:E4:B4:A4:A0
X509v3 Authority Key Identifier:
keyid:98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/MLfuOKfM98u-rRIVkCiim-S0pKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/mBPi9jUdO00eYapAFvGyz6YtfN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.123.0/24
IPv6:
2a03:24c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
04:2b:30:76:54:32:7c:f4:8d:93:f9:4d:d2:ce:83:43:f0:8c:
88:54:10:6c:5c:b9:c5:f7:36:3d:36:5e:c3:dd:45:53:26:07:
23:d0:f5:27:66:e5:09:b3:53:d7:a8:89:b6:e5:51:b3:6b:35:
dc:a6:35:66:4d:07:c7:22:ef:4a:9c:b3:a0:b8:6e:49:0b:1d:
9f:5e:a2:91:33:fb:82:bc:ae:79:7f:94:88:3f:2c:76:15:09:
8c:5f:23:43:c2:b8:7b:b2:1e:9f:aa:7d:dc:09:3f:59:b7:e2:
bf:c1:52:0f:1e:34:c6:8a:b4:0c:b4:2e:a5:da:a5:98:06:d2:
89:b3:64:45:e9:85:0f:de:9b:6b:ce:69:69:22:be:da:bc:a9:
f3:84:c0:8a:15:f7:d7:f0:84:aa:21:12:af:85:80:86:c7:ab:
8d:97:53:54:1c:3d:f4:1d:6d:34:29:96:df:25:33:b5:0a:43:
a6:35:68:39:34:f1:52:9f:96:db:ee:3c:cf:86:9c:1c:f6:e1:
7a:b8:94:4a:f2:46:15:e3:9c:e7:52:e5:0f:ef:4c:4c:db:82:
20:c8:21:df:b9:49:ea:e4:36:82:e1:0b:5b:00:fa:aa:4c:f9:
60:be:57:bf:a9:76:a1:a3:fa:65:8e:f8:66:7f:23:c0:0b:2b:
e9:e7:c7:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZL+dbvM1kDrTEKqz3C2uFtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTNlMmY2MzUxZDNiNGQxZTYxYWE0MDE2ZjFiMmNmYTYy
ZDdjZGYwHhcNMjQxMTA1MjIzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGI3ZWUzOGE3Y2NmN2NiYmVhZDEyMTU5MDI4YTI5YmU0YjRhNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL857v88e6qdBwVYLdHmWZFN36PN
41616D1kilwP+t6Us2c11DcaLHrlWrIhxo0u8TJvOPwFaOJbsBO6xk25EWyRwEMh
Yq8YrfvPGHamYRbbCWP29xAs8GfE1sXdpXqP1THn3hXqNE93ZBkPCFFjUfjMyZCQ
XdQeF4fqrLRbMboC9zqj3nu4136d5H5AZOA2J8gUFvaiSyoSKQVl8gTE3T4YtO09
LNGmmb8U+wzauL9Il1wCqwuYfunhHNbCGp/fu4TbbQ6cEU4y/bSkC/YkntpKU1Pi
YBlOtWH5duvUNaMzscAZI0NFvPcoTts5Ke2POK5qL/5haHV8TnPTFQsp8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDC37jinzPfLvq0SFZAoopvktKSgMB8GA1UdIwQY
MBaAFJgT4vY1HTtNHmGqQBbxss+mLXzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzIt
Mzk1MTM3OGFhNzY2LzEvTUxmdU9LZk05OHUtclJJVmtDaWltLVMwcEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzItMzk1MTM3OGFhNzY2
LzEvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALi17MA8E
AgACMAkDBwAqAyTA//8wDQYJKoZIhvcNAQELBQADggEBAAQrMHZUMnz0jZP5TdLO
g0PwjIhUEGxcucX3Nj02XsPdRVMmByPQ9Sdm5QmzU9eoibblUbNrNdymNWZNB8ci
70qcs6C4bkkLHZ9eopEz+4K8rnl/lIg/LHYVCYxfI0PCuHuyHp+qfdwJP1m34r/B
Ug8eNMaKtAy0LqXapZgG0omzZEXphQ/em2vOaWkivtq8qfOEwIoV99fwhKohEq+F
gIbHq42XU1QcPfQdbTQplt8lM7UKQ6Y1aDk08VKfltvuPM+GnBz24Xq4lEryRhXj
nOdS5Q/vTEzbgiDIId+5SerkNoLhC1sA+qpM+WC+V7+pdqGj+mWO+GZ/I8ALK+nn
x9U=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:15 2025 by rpki-client