Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/Me37GyH-EZYRWI0BigJHi0ukPAY.roa
File: Me37GyH-EZYRWI0BigJHi0ukPAY.roa (raw, json)
Hash identifier: cRle4EwgldHjf7o2hTV4yeykWiP04AZ5LkTpoNjEMWc=
Subject key identifier: 31:ED:FB:1B:21:FE:11:96:11:58:8D:01:8A:02:47:8B:4B:A4:3C:06
Certificate issuer: /CN=dd5072b13880c1f1ba86fcc4c40297f5d9f43774
Certificate serial: 01856EA6CD1FE69E05D0E5A113C0D783C993
Authority key identifier: DD:50:72:B1:38:80:C1:F1:BA:86:FC:C4:C4:02:97:F5:D9:F4:37:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/Me37GyH-EZYRWI0BigJHi0ukPAY.roa
Signing time: Sun 01 Jan 2023 18:45:03 +0000
ROA not before: Sun 01 Jan 2023 18:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200697
IP address blocks: 185.135.197.0/24 maxlen: 24
185.135.198.0/24 maxlen: 24
185.135.199.0/24 maxlen: 24
185.135.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 May 2023 08:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:cd:1f:e6:9e:05:d0:e5:a1:13:c0:d7:83:c9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5072b13880c1f1ba86fcc4c40297f5d9f43774
Validity
Not Before: Jan 1 18:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31edfb1b21fe119611588d018a02478b4ba43c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:49:2c:2b:ce:ee:0c:bf:52:9e:18:93:30:b0:
11:85:74:83:ff:52:79:aa:87:14:03:36:72:8d:e0:
f8:ec:02:41:cc:69:24:fe:7a:39:37:ec:07:d8:29:
6a:1f:29:ca:01:54:2b:b8:de:21:06:c4:cc:dc:e5:
49:6f:fc:c2:64:9c:1d:80:74:3e:fb:e3:9d:3b:d0:
c0:a4:b7:a9:48:53:f5:3e:fe:7d:5d:4e:00:5e:52:
80:6d:49:9f:3b:a5:6b:41:43:76:fc:11:31:0a:88:
d3:8d:4e:7a:87:09:0d:34:ad:46:be:a3:4a:55:40:
97:3e:cf:74:cc:69:70:94:8c:15:5d:21:da:fc:7b:
6e:ad:57:37:ae:ed:a5:13:d6:2a:1a:0e:cf:7e:b1:
4a:fa:16:cf:34:d7:b6:b3:40:e6:c3:cf:e2:f7:7c:
1c:4a:f1:ad:82:29:9a:86:4b:35:9a:da:46:f3:c6:
7c:a6:ad:ef:b9:83:2f:e2:d5:69:c1:83:9c:8b:bc:
fa:16:f2:35:b9:4d:63:ec:72:c8:02:08:c4:49:e4:
78:1d:44:29:cd:af:d0:77:29:45:a8:af:44:24:45:
83:d2:96:16:71:1a:51:95:38:f7:d0:54:89:87:92:
b1:86:81:5a:72:46:1c:e5:ef:7a:b1:e0:22:13:b6:
3a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:ED:FB:1B:21:FE:11:96:11:58:8D:01:8A:02:47:8B:4B:A4:3C:06
X509v3 Authority Key Identifier:
keyid:DD:50:72:B1:38:80:C1:F1:BA:86:FC:C4:C4:02:97:F5:D9:F4:37:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/Me37GyH-EZYRWI0BigJHi0ukPAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.196.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:b7:c3:d0:13:77:20:0a:8d:1f:d0:55:95:30:2e:e9:fb:20:
1c:60:a4:49:f6:9b:da:91:68:56:eb:38:5a:5d:7c:fd:22:5d:
c5:21:f7:03:ef:ad:94:23:da:2d:16:cb:e0:c4:81:65:f1:6d:
3a:87:b8:dc:56:e0:60:5d:70:2b:39:1a:99:a5:9b:b0:6b:1c:
1e:97:ed:34:49:c2:18:f2:82:6a:18:29:e0:d5:09:f3:17:7a:
f4:af:c0:de:53:33:ea:f1:11:3f:50:8e:29:03:80:80:35:cc:
ea:c8:9b:f3:c4:9f:88:7b:a0:11:a3:4f:06:fa:5a:4a:ad:67:
00:83:66:20:28:52:48:ff:67:3c:3e:be:e2:e6:fa:e7:b0:f3:
dd:b1:0e:44:b0:72:93:7e:36:8d:98:bc:a0:89:01:61:56:b6:
dd:fd:5b:5b:c6:a2:42:b1:41:bb:6b:c7:ff:11:45:38:16:c0:
fd:91:4d:42:62:88:23:eb:9e:1c:87:9e:af:4e:84:cf:84:d3:
51:5d:68:ab:50:2a:c9:c2:8a:c2:75:b7:d9:2f:63:94:b2:30:
5c:b8:51:ad:4c:b6:cb:f1:ae:f9:47:2f:e1:df:16:c7:c5:06:
84:a9:1c:9b:5e:49:b6:6e:e2:6f:5d:c1:c5:bd:e7:66:86:7f:
9a:e5:6d:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVups0f5p4F0OWhE8DXg8mTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTA3MmIxMzg4MGMxZjFiYTg2ZmNjNGM0MDI5N2Y1ZDlm
NDM3NzQwHhcNMjMwMTAxMTg0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWVkZmIxYjIxZmUxMTk2MTE1ODhkMDE4YTAyNDc4YjRiYTQzYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0ksK87uDL9SnhiTMLARhXSD/1J5
qocUAzZyjeD47AJBzGkk/no5N+wH2ClqHynKAVQruN4hBsTM3OVJb/zCZJwdgHQ+
++OdO9DApLepSFP1Pv59XU4AXlKAbUmfO6VrQUN2/BExCojTjU56hwkNNK1GvqNK
VUCXPs90zGlwlIwVXSHa/HturVc3ru2lE9YqGg7PfrFK+hbPNNe2s0Dmw8/i93wc
SvGtgimahks1mtpG88Z8pq3vuYMv4tVpwYOci7z6FvI1uU1j7HLIAgjESeR4HUQp
za/QdylFqK9EJEWD0pYWcRpRlTj30FSJh5KxhoFackYc5e96seAiE7Y62wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHt+xsh/hGWEViNAYoCR4tLpDwGMB8GA1UdIwQY
MBaAFN1QcrE4gMHxuob8xMQCl/XZ9Dd0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jYmMxOGYtZTZkYi00YmQ2LTg0Mjct
NjRkMWJjNzM1YmFjLzEvTWUzN0d5SC1FWllSV0kwQmlnSkhpMHVrUEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jYmMxOGYtZTZkYi00YmQ2LTg0MjctNjRkMWJjNzM1YmFj
LzEvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYfEMA0G
CSqGSIb3DQEBCwUAA4IBAQBOt8PQE3cgCo0f0FWVMC7p+yAcYKRJ9pvakWhW6zha
XXz9Il3FIfcD762UI9otFsvgxIFl8W06h7jcVuBgXXArORqZpZuwaxwel+00ScIY
8oJqGCng1QnzF3r0r8DeUzPq8RE/UI4pA4CANczqyJvzxJ+Ie6ARo08G+lpKrWcA
g2YgKFJI/2c8Pr7i5vrnsPPdsQ5EsHKTfjaNmLygiQFhVrbd/VtbxqJCsUG7a8f/
EUU4FsD9kU1CYogj654ch56vToTPhNNRXWirUCrJworCdbfZL2OUsjBcuFGtTLbL
8a75Ry/h3xbHxQaEqRybXkm2buJvXcHFvedmhn+a5W2r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:44 2024 by rpki-client on console-fra.rpki-client.org