Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/M7ydotl782U-oEX6fUMnCPRiE5U.roa
File: M7ydotl782U-oEX6fUMnCPRiE5U.roa (raw, json)
Hash identifier: yHOMkNHovdoGph4bdqScvHS7sqiWk9QVvBKlb6OnHJ4=
Subject key identifier: 33:BC:9D:A2:D9:7B:F3:65:3E:A0:45:FA:7D:43:27:08:F4:62:13:95
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 018CC9BC91AA04E5D4A79D090E3C77308E2F
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/M7ydotl782U-oEX6fUMnCPRiE5U.roa
Signing time: Tue 02 Jan 2024 10:33:47 +0000
ROA not before: Tue 02 Jan 2024 10:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48851
IP address blocks: 213.198.80.0/29 maxlen: 29
82.112.107.136/29 maxlen: 29
62.73.169.40/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 22:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:91:aa:04:e5:d4:a7:9d:09:0e:3c:77:30:8e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Jan 2 10:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33bc9da2d97bf3653ea045fa7d432708f4621395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6f:dd:bb:51:64:13:c4:28:38:03:79:f0:ea:
69:bb:3c:b0:51:36:ad:50:49:55:78:4b:4e:c5:49:
07:3c:d7:51:03:bb:d4:53:45:26:31:ed:53:13:d4:
33:59:a8:c1:b0:24:28:5e:b4:e9:67:47:59:40:54:
40:26:75:91:a5:b8:f4:1b:a2:3d:ab:d3:e8:59:14:
94:02:7a:75:ad:77:35:7a:e6:9e:f9:0c:d5:57:d1:
69:d7:12:40:94:4d:c6:68:95:ac:18:55:e0:02:1b:
50:dd:11:e4:e5:95:6e:c9:8c:8d:e0:68:15:fc:f8:
50:7e:1e:f2:ad:a2:a9:14:0b:9f:4f:66:dd:05:02:
29:71:03:89:4b:8b:1e:2c:53:cd:d1:7a:af:22:11:
3a:0d:60:3e:93:51:7b:6e:0f:82:bd:fd:a6:ee:4a:
e3:0d:49:05:95:9d:b9:37:a6:36:ed:82:40:69:ae:
02:97:fe:26:ed:b5:ea:d2:c9:34:ce:44:1c:a4:d9:
55:33:8e:2b:f8:d3:20:fa:f9:df:e1:69:cf:42:ff:
86:74:af:4e:5c:16:60:61:ef:ba:b5:b7:05:82:35:
79:5c:0c:06:16:b5:e1:d4:41:af:6f:fc:77:ed:4a:
8a:06:54:e8:8b:ac:64:b8:79:e8:88:1d:bd:cc:aa:
b4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BC:9D:A2:D9:7B:F3:65:3E:A0:45:FA:7D:43:27:08:F4:62:13:95
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/M7ydotl782U-oEX6fUMnCPRiE5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.73.169.40/29
82.112.107.136/29
213.198.80.0/29
Signature Algorithm: sha256WithRSAEncryption
04:69:39:94:b4:6f:7e:15:28:ab:7d:29:9f:e0:3b:b6:fb:bc:
f0:01:cd:88:98:1c:3c:ad:7c:a0:ab:31:83:c9:50:f2:9f:22:
40:ca:95:06:21:df:68:b4:1d:c6:a8:95:ea:d4:cd:a0:11:19:
70:81:b6:06:32:0d:b5:27:34:bc:4d:3d:3c:14:bb:64:0b:d4:
5c:51:76:5b:fe:a4:0e:03:bb:c4:f6:b3:cb:4b:21:a7:33:56:
30:0e:cc:4f:72:9d:44:d0:5c:fc:d1:a7:86:c5:1a:ec:75:8d:
14:61:2b:97:cd:04:32:ff:5b:59:6a:60:f5:dd:7b:14:91:af:
35:3f:8a:61:3b:87:44:21:a4:c3:37:96:3d:ef:18:5a:1d:31:
6a:aa:d1:5a:a3:e3:f4:53:80:c2:51:6c:80:66:05:aa:c2:19:
8e:de:b9:dd:ee:18:be:ea:d3:a7:ac:06:45:f6:82:2a:70:f7:
5f:ee:61:f2:5b:18:6c:38:24:dc:58:dc:02:4e:8a:a2:ce:fe:
15:42:68:fb:b7:45:82:a7:57:93:ec:52:da:c0:7f:e5:ef:da:
34:ab:5b:91:ff:e6:a7:dc:8e:4c:85:a2:83:14:6c:bd:fb:d3:
48:08:f5:52:55:d9:b5:8f:2d:97:84:8f:a5:92:74:94:27:61:
2c:41:c4:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvJGqBOXUp50JDjx3MI4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjQwMTAyMTAzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2JjOWRhMmQ5N2JmMzY1M2VhMDQ1ZmE3ZDQzMjcwOGY0NjIxMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG/du1FkE8QoOAN58OppuzywUTat
UElVeEtOxUkHPNdRA7vUU0UmMe1TE9QzWajBsCQoXrTpZ0dZQFRAJnWRpbj0G6I9
q9PoWRSUAnp1rXc1euae+QzVV9Fp1xJAlE3GaJWsGFXgAhtQ3RHk5ZVuyYyN4GgV
/PhQfh7yraKpFAufT2bdBQIpcQOJS4seLFPN0XqvIhE6DWA+k1F7bg+Cvf2m7krj
DUkFlZ25N6Y27YJAaa4Cl/4m7bXq0sk0zkQcpNlVM44r+NMg+vnf4WnPQv+GdK9O
XBZgYe+6tbcFgjV5XAwGFrXh1EGvb/x37UqKBlToi6xkuHnoiB29zKq0swIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDO8naLZe/NlPqBF+n1DJwj0YhOVMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvTTd5ZG90bDc4MlUtb0VYNmZVTW5DUFJpRTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAATAVAwUDPkmpKAMF
A1Jwa4gDBQPVxlAAMA0GCSqGSIb3DQEBCwUAA4IBAQAEaTmUtG9+FSirfSmf4Du2
+7zwAc2ImBw8rXygqzGDyVDynyJAypUGId9otB3GqJXq1M2gERlwgbYGMg21JzS8
TT08FLtkC9RcUXZb/qQOA7vE9rPLSyGnM1YwDsxPcp1E0Fz80aeGxRrsdY0UYSuX
zQQy/1tZamD13XsUka81P4phO4dEIaTDN5Y97xhaHTFqqtFao+P0U4DCUWyAZgWq
whmO3rnd7hi+6tOnrAZF9oIqcPdf7mHyWxhsOCTcWNwCToqizv4VQmj7t0WCp1eT
7FLawH/l79o0q1uR/+an3I5MhaKDFGy9+9NICPVSVdm1jy2XhI+lknSUJ2EsQcRw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:03 2024 by rpki-client on console-ams.rpki-client.org