Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/MeQlUxMM4ddpuOCgfkyrgXaRyzY.roa
File: MeQlUxMM4ddpuOCgfkyrgXaRyzY.roa (raw, json)
Hash identifier: MY9VdVaoJe82BbLXTrB/ZlT9sVs0kPGrjDU9puHecpM=
Subject key identifier: 31:E4:25:53:13:0C:E1:D7:69:B8:E0:A0:7E:4C:AB:81:76:91:CB:36
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 018637CCB62D217146F9562FA213DE9F8F9D
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/MeQlUxMM4ddpuOCgfkyrgXaRyzY.roa
Signing time: Thu 09 Feb 2023 20:10:08 +0000
ROA not before: Thu 09 Feb 2023 20:10:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31368
IP address blocks: 185.173.156.0/24 maxlen: 24
185.173.159.0/24 maxlen: 24
89.107.128.0/23 maxlen: 23
89.107.128.0/21 maxlen: 23
185.173.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Feb 2023 21:55:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:37:cc:b6:2d:21:71:46:f9:56:2f:a2:13:de:9f:8f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Feb 9 20:10:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31e42553130ce1d769b8e0a07e4cab817691cb36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cd:26:79:ac:9c:6f:1e:ee:2f:8f:46:b5:5c:
8d:cf:bd:f2:88:12:e0:d3:47:28:fa:d2:bc:f9:05:
93:84:3c:3b:c2:eb:a4:cf:28:b4:70:c4:3d:99:ec:
23:ee:3c:e4:35:11:cf:96:58:2f:2e:22:86:83:a0:
4b:73:b1:73:70:60:4d:85:1b:cc:7c:f4:80:6c:c9:
95:e7:3b:ac:02:9f:55:7f:f9:66:7a:53:02:d1:02:
0f:4b:3b:9f:c2:a6:78:4b:85:d8:fe:7c:ca:f4:1d:
1e:3f:67:5b:6e:81:f1:5a:6d:a9:87:45:89:db:53:
a0:bf:16:df:29:33:ff:67:ff:26:56:6b:63:59:d8:
bb:b8:25:9f:55:76:87:e6:98:05:52:66:f2:31:a5:
5c:ae:79:f8:47:aa:f6:60:87:d5:b4:d3:cb:9a:86:
9b:56:33:69:47:e0:36:b1:10:d0:5d:83:82:62:34:
46:90:f8:ce:10:76:af:bf:1c:62:c8:2d:63:ff:9b:
5f:cb:15:6f:93:3d:07:15:2c:6b:f6:4e:7b:dd:19:
1b:29:dc:ff:a9:c6:a1:3d:be:7f:d5:62:9d:14:ff:
6d:17:9d:b7:ac:88:18:b3:52:39:24:23:12:40:f9:
54:9a:3f:78:1f:c7:c5:6b:01:12:96:6c:8e:2b:b6:
dd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E4:25:53:13:0C:E1:D7:69:B8:E0:A0:7E:4C:AB:81:76:91:CB:36
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/MeQlUxMM4ddpuOCgfkyrgXaRyzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/21
185.173.156.0/24
185.173.158.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:50:00:53:31:ee:cf:f2:74:70:b2:bb:af:b1:57:13:45:0e:
ef:8d:c7:a1:10:2f:3e:e9:46:37:b7:15:ef:e6:81:06:f6:88:
70:d3:7b:ed:40:c4:e7:21:98:65:a7:a9:b8:6b:64:21:80:f4:
c3:bb:56:ae:24:7e:92:a6:b7:64:1b:7e:fb:43:26:ed:3e:e7:
2f:99:f5:c3:64:55:9e:19:a2:5f:59:2e:b8:9e:3c:91:df:fa:
2f:12:3c:1e:17:7c:16:79:53:f7:ab:3c:2e:d1:9c:49:c1:10:
07:5f:71:a5:6f:b1:14:a5:41:85:51:73:6f:67:8f:08:2f:be:
7b:8f:01:ec:2d:85:a7:df:2e:c4:54:11:68:49:0c:d9:37:68:
d4:57:fc:03:f1:c9:f4:d7:cc:80:b5:ef:ff:e2:08:19:25:7a:
43:9b:62:36:5b:04:79:2b:36:01:d7:b7:34:77:9e:ff:8b:ad:
35:db:d2:45:bd:46:e7:86:f0:45:00:98:6b:b0:69:bf:6c:38:
6e:55:0a:5e:26:88:98:a8:38:96:3b:93:66:ea:4e:6c:b2:ed:
ed:ec:cb:72:d4:71:64:e8:b1:82:25:a3:85:3d:bd:21:81:f7:
79:eb:e4:4d:7a:2f:bf:8f:97:a0:9c:8d:18:c3:b3:1e:91:c6:
70:bb:cc:f1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYY3zLYtIXFG+VYvohPen4+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMjA5MjAxMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWU0MjU1MzEzMGNlMWQ3NjliOGUwYTA3ZTRjYWI4MTc2OTFjYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc0meaycbx7uL49GtVyNz73yiBLg
00co+tK8+QWThDw7wuukzyi0cMQ9mewj7jzkNRHPllgvLiKGg6BLc7FzcGBNhRvM
fPSAbMmV5zusAp9Vf/lmelMC0QIPSzufwqZ4S4XY/nzK9B0eP2dbboHxWm2ph0WJ
21OgvxbfKTP/Z/8mVmtjWdi7uCWfVXaH5pgFUmbyMaVcrnn4R6r2YIfVtNPLmoab
VjNpR+A2sRDQXYOCYjRGkPjOEHavvxxiyC1j/5tfyxVvkz0HFSxr9k573RkbKdz/
qcahPb5/1WKdFP9tF523rIgYs1I5JCMSQPlUmj94H8fFawESlmyOK7bdcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDHkJVMTDOHXabjgoH5Mq4F2kcs2MB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvTWVRbFV4TU00ZGRwdU9DZ2ZreXJnWGFSeXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWWuAAwQA
ua2cAwQBua2eMA0GCSqGSIb3DQEBCwUAA4IBAQB6UABTMe7P8nRwsruvsVcTRQ7v
jcehEC8+6UY3txXv5oEG9ohw03vtQMTnIZhlp6m4a2QhgPTDu1auJH6SprdkG377
QybtPucvmfXDZFWeGaJfWS64njyR3/ovEjweF3wWeVP3qzwu0ZxJwRAHX3Glb7EU
pUGFUXNvZ48IL757jwHsLYWn3y7EVBFoSQzZN2jUV/wD8cn018yAte//4ggZJXpD
m2I2WwR5KzYB17c0d57/i60129JFvUbnhvBFAJhrsGm/bDhuVQpeJoiYqDiWO5Nm
6k5ssu3t7Mty1HFk6LGCJaOFPb0hgfd56+RNei+/j5egnI0Yw7MekcZwu8zx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:45 2024 by rpki-client on console-fra.rpki-client.org