Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c5f2a4-adca-4fc4-87b2-bf4b75e200a7/1/m2fcOiCL7I8zjBTdBMsjmbVxSPM.roa
File: m2fcOiCL7I8zjBTdBMsjmbVxSPM.roa (raw, json)
Hash identifier: qfK6g8FMT5U1JT3doQFXbfVZuu6X7kLoj9eGPNDXj6M=
Subject key identifier: 9B:67:DC:3A:20:8B:EC:8F:33:8C:14:DD:04:CB:23:99:B5:71:48:F3
Certificate issuer: /CN=1609c24dae3eeffcbefa37a688664ac93300ef58
Certificate serial: 018F196EF49CC9761BB8C1D6E745FCD832BC
Authority key identifier: 16:09:C2:4D:AE:3E:EF:FC:BE:FA:37:A6:88:66:4A:C9:33:00:EF:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgnCTa4-7_y--jemiGZKyTMA71g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c5f2a4-adca-4fc4-87b2-bf4b75e200a7/1/m2fcOiCL7I8zjBTdBMsjmbVxSPM.roa
Signing time: Fri 26 Apr 2024 08:04:13 +0000
ROA not before: Fri 26 Apr 2024 08:04:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207233
IP address blocks: 45.84.124.0/22 maxlen: 24
185.162.60.0/22 maxlen: 24
2a0a:4000::/29 maxlen: 56
Validation: Failed, certificate revoked on Fri 26 Apr 2024 13:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:6e:f4:9c:c9:76:1b:b8:c1:d6:e7:45:fc:d8:32:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1609c24dae3eeffcbefa37a688664ac93300ef58
Validity
Not Before: Apr 26 08:04:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b67dc3a208bec8f338c14dd04cb2399b57148f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c2:96:4d:96:6d:27:a0:bb:8a:5f:22:d9:1a:
ba:f9:f3:ef:43:5f:eb:27:f6:f7:43:ed:fc:ed:c6:
67:12:40:4f:87:4c:e1:76:2a:db:5e:99:f4:df:2b:
eb:23:80:88:fc:a6:b7:5f:a1:6b:ff:0d:f1:09:b2:
32:a8:9f:42:0b:1f:d4:ef:44:bd:bf:c1:3a:7d:6a:
a1:ce:e5:74:7c:2c:b4:2d:df:89:4b:7e:2f:a5:ed:
c3:d7:26:3a:03:ff:d3:f1:80:83:bf:0f:c4:d3:cf:
2b:61:f7:73:bf:c8:84:1b:22:2d:eb:46:43:32:38:
ff:a6:81:4f:28:68:6b:5b:52:cf:31:cf:ec:53:a4:
50:bf:04:2a:db:d5:24:d3:1f:8d:ee:d1:1f:b7:9a:
10:bb:8a:72:0e:96:5f:1f:7f:f8:3b:44:85:12:f1:
ff:9e:3f:40:5e:78:b4:1b:de:be:78:ff:61:8a:39:
f2:c6:bf:98:48:50:9a:35:62:59:a8:4c:5c:10:a3:
77:ad:a0:a7:c6:20:ae:ff:da:0c:10:5f:79:a2:e8:
bf:12:87:4f:7b:80:79:ab:c6:be:f3:80:6b:70:dc:
b8:3a:c5:79:f9:73:03:3b:77:e3:57:b6:f4:cb:7c:
42:fa:ff:25:b7:6c:08:2a:d7:82:b7:1f:47:86:ba:
e5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:67:DC:3A:20:8B:EC:8F:33:8C:14:DD:04:CB:23:99:B5:71:48:F3
X509v3 Authority Key Identifier:
keyid:16:09:C2:4D:AE:3E:EF:FC:BE:FA:37:A6:88:66:4A:C9:33:00:EF:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgnCTa4-7_y--jemiGZKyTMA71g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c5f2a4-adca-4fc4-87b2-bf4b75e200a7/1/m2fcOiCL7I8zjBTdBMsjmbVxSPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c5f2a4-adca-4fc4-87b2-bf4b75e200a7/1/FgnCTa4-7_y--jemiGZKyTMA71g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.124.0/22
185.162.60.0/22
IPv6:
2a0a:4000::/29
Signature Algorithm: sha256WithRSAEncryption
68:17:75:93:c9:6a:9d:da:00:36:b0:0d:a2:84:a4:98:82:18:
3f:01:38:36:f5:e7:ae:a1:4a:87:af:b7:8a:5a:b4:82:ea:4f:
62:98:07:69:17:6c:ee:0d:76:72:99:f4:22:d3:8f:4c:09:9c:
99:73:31:7c:0c:ef:ea:af:0e:4a:34:ce:d7:9c:a9:a2:6e:b0:
99:b0:a4:9f:d9:84:35:e1:86:d9:19:9c:a6:e5:47:f0:a8:15:
f9:27:c9:9d:c3:60:45:f6:c4:af:98:44:9f:83:0a:4e:7c:e7:
1d:ef:e2:87:85:32:5a:a2:81:f8:b8:c2:fa:88:cf:ad:4e:0a:
a8:0d:26:47:1d:8d:1c:8d:71:3f:0e:1f:e0:0e:8e:2e:2b:09:
69:83:0a:99:88:61:f9:da:5d:bb:33:a6:55:1b:35:e2:b5:b0:
7e:9c:bb:2d:05:e9:d0:77:fe:20:23:d0:3e:3a:bb:b1:4e:3c:
c3:c6:36:c0:9f:85:0c:77:c1:db:f6:3f:66:3c:77:d6:82:23:
fb:a3:c6:bf:cc:6c:41:a0:42:01:9d:09:76:65:73:d5:62:42:
54:0f:bd:4a:2e:28:2f:a2:3d:20:22:86:92:dd:0d:a1:0c:e9:
d1:87:1f:31:c2:a0:0a:30:27:f3:6e:26:3d:24:44:62:17:f2:
5a:4b:d3:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8ZbvScyXYbuMHW50X82DK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDljMjRkYWUzZWVmZmNiZWZhMzdhNjg4NjY0YWM5MzMw
MGVmNTgwHhcNMjQwNDI2MDgwNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjY3ZGMzYTIwOGJlYzhmMzM4YzE0ZGQwNGNiMjM5OWI1NzE0OGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8KWTZZtJ6C7il8i2Rq6+fPvQ1/r
J/b3Q+387cZnEkBPh0zhdirbXpn03yvrI4CI/Ka3X6Fr/w3xCbIyqJ9CCx/U70S9
v8E6fWqhzuV0fCy0Ld+JS34vpe3D1yY6A//T8YCDvw/E088rYfdzv8iEGyIt60ZD
Mjj/poFPKGhrW1LPMc/sU6RQvwQq29Uk0x+N7tEft5oQu4pyDpZfH3/4O0SFEvH/
nj9AXni0G96+eP9hijnyxr+YSFCaNWJZqExcEKN3raCnxiCu/9oMEF95oui/EodP
e4B5q8a+84BrcNy4OsV5+XMDO3fjV7b0y3xC+v8lt2wIKteCtx9HhrrlYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJtn3Dogi+yPM4wU3QTLI5m1cUjzMB8GA1UdIwQY
MBaAFBYJwk2uPu/8vvo3pohmSskzAO9YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmduQ1RhNC03X3ktLWplbWlHWkt5VE1BNzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNWYyYTQtYWRjYS00ZmM0LTg3YjIt
YmY0Yjc1ZTIwMGE3LzEvbTJmY09pQ0w3STh6akJUZEJNc2ptYlZ4U1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNWYyYTQtYWRjYS00ZmM0LTg3YjItYmY0Yjc1ZTIwMGE3
LzEvRmduQ1RhNC03X3ktLWplbWlHWkt5VE1BNzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVR8AwQC
uaI8MA0EAgACMAcDBQMqCkAAMA0GCSqGSIb3DQEBCwUAA4IBAQBoF3WTyWqd2gA2
sA2ihKSYghg/ATg29eeuoUqHr7eKWrSC6k9imAdpF2zuDXZymfQi049MCZyZczF8
DO/qrw5KNM7XnKmibrCZsKSf2YQ14YbZGZym5UfwqBX5J8mdw2BF9sSvmESfgwpO
fOcd7+KHhTJaooH4uML6iM+tTgqoDSZHHY0cjXE/Dh/gDo4uKwlpgwqZiGH52l27
M6ZVGzXitbB+nLstBenQd/4gI9A+OruxTjzDxjbAn4UMd8Hb9j9mPHfWgiP7o8a/
zGxBoEIBnQl2ZXPVYkJUD71KLigvoj0gIoaS3Q2hDOnRhx8xwqAKMCfzbiY9JERi
F/JaS9Oy
-----END CERTIFICATE-----
Generated at Fri Apr 26 18:27:26 2024 by rpki-client on console.sobornost.net