Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/etwZs-jBajHLs2BWsLgCvKCfDlU.roa
File: etwZs-jBajHLs2BWsLgCvKCfDlU.roa (raw, json)
Hash identifier: UlRVoC3Whfx0pU/BbLKzWBMARac3x6KkQUUOL45FvfE=
Subject key identifier: 7A:DC:19:B3:E8:C1:6A:31:CB:B3:60:56:B0:B8:02:BC:A0:9F:0E:55
Certificate issuer: /CN=99efbb2b1653422837937dd27de354e68f9e01a3
Certificate serial: 01857082BBEAB745B50735A7F0B96DF1008B
Authority key identifier: 99:EF:BB:2B:16:53:42:28:37:93:7D:D2:7D:E3:54:E6:8F:9E:01:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/etwZs-jBajHLs2BWsLgCvKCfDlU.roa
Signing time: Mon 02 Jan 2023 03:24:54 +0000
ROA not before: Mon 02 Jan 2023 03:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48325
IP address blocks: 185.137.240.0/22 maxlen: 24
185.137.240.0/24 maxlen: 24
185.137.242.0/23 maxlen: 23
185.137.241.0/24 maxlen: 24
2a07:b80::/32 maxlen: 32
2a07:b81::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:bb:ea:b7:45:b5:07:35:a7:f0:b9:6d:f1:00:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99efbb2b1653422837937dd27de354e68f9e01a3
Validity
Not Before: Jan 2 03:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7adc19b3e8c16a31cbb36056b0b802bca09f0e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1c:1b:a3:7b:72:ab:98:e9:69:1d:0f:e8:b1:
b4:45:10:40:67:f1:80:42:00:0a:ae:04:a2:64:f6:
b3:13:f1:a4:ee:0b:23:57:dd:4e:52:10:1e:07:a9:
51:2e:81:7f:10:02:a1:88:94:0d:40:d7:3d:b4:60:
de:6e:ce:c0:24:1f:ba:16:f0:c3:24:11:51:fe:8d:
5a:26:02:a6:5b:26:19:36:67:58:94:e0:8f:83:2f:
27:00:8e:8b:62:65:cf:83:87:7b:aa:83:2d:18:eb:
4e:26:7d:c4:80:d5:38:ff:ef:21:72:04:8e:e0:b1:
20:ae:a0:ae:50:64:83:57:f2:e2:c9:4c:e5:99:d3:
93:45:75:25:f8:bc:21:8c:72:5b:08:32:81:0f:bb:
15:e5:af:0f:b6:8e:05:a1:00:5c:03:f6:58:43:e9:
33:7a:ca:ae:c9:2d:50:82:85:2f:d8:a2:3b:a9:c6:
dc:40:4e:a2:59:9e:0c:ba:18:4c:25:5f:49:7d:73:
34:36:cb:5c:be:d9:b6:b7:83:09:35:33:06:70:4f:
4a:a4:b5:b3:14:f8:ff:1a:e9:5d:76:ab:3a:f5:13:
6d:31:3d:ad:73:d1:3d:24:f3:98:54:fe:84:7a:17:
aa:0d:b8:de:5b:60:2b:f2:9a:f6:91:7b:50:ff:dd:
57:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:DC:19:B3:E8:C1:6A:31:CB:B3:60:56:B0:B8:02:BC:A0:9F:0E:55
X509v3 Authority Key Identifier:
keyid:99:EF:BB:2B:16:53:42:28:37:93:7D:D2:7D:E3:54:E6:8F:9E:01:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/etwZs-jBajHLs2BWsLgCvKCfDlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/me-7KxZTQig3k33SfeNU5o-eAaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.240.0/22
IPv6:
2a07:b80::/31
Signature Algorithm: sha256WithRSAEncryption
32:98:ef:ad:a8:bd:34:be:1e:42:40:ee:7e:ba:70:ef:eb:0c:
e3:53:8c:d8:ca:9d:ab:ad:49:41:ba:22:8c:75:ff:f5:88:8f:
f0:b8:42:c3:6f:9c:47:44:b1:b5:f8:de:10:45:c5:92:82:82:
eb:3d:ac:64:ab:a1:eb:b7:e7:bd:e5:f0:d3:10:cf:ed:0b:40:
8f:72:ac:57:4e:6e:6a:32:a9:96:cd:38:0e:c6:1b:69:ba:67:
08:ef:47:fa:a1:71:e1:e1:a1:e4:8a:37:8a:78:43:07:b5:d6:
ea:cb:5f:f9:be:91:56:27:e2:1a:ca:da:6d:2c:cb:73:f3:65:
e0:e2:24:84:82:d9:38:69:56:61:52:5d:2e:b7:b4:41:1c:33:
a0:8c:18:cb:5b:4f:e8:eb:4f:77:dd:74:f3:86:b1:d2:84:6c:
8a:46:e1:e3:7b:ce:d9:22:ea:00:2f:b5:e0:6b:52:65:4b:39:
6e:5c:98:bf:9d:95:e2:de:9e:84:c9:f1:b4:3d:13:52:de:68:
52:6b:bd:ab:7a:c6:72:fa:38:ca:fd:09:d6:ed:da:8c:f9:91:
fc:22:b9:f2:2a:80:05:77:18:e6:c3:7b:36:19:1f:9a:e9:08:
2e:99:33:25:15:e4:1e:1a:78:9a:d1:60:55:0e:a7:4c:93:3d:
77:f5:bd:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwgrvqt0W1BzWn8Llt8QCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZWZiYjJiMTY1MzQyMjgzNzkzN2RkMjdkZTM1NGU2OGY5
ZTAxYTMwHhcNMjMwMTAyMDMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWRjMTliM2U4YzE2YTMxY2JiMzYwNTZiMGI4MDJiY2EwOWYwZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxwbo3tyq5jpaR0P6LG0RRBAZ/GA
QgAKrgSiZPazE/Gk7gsjV91OUhAeB6lRLoF/EAKhiJQNQNc9tGDebs7AJB+6FvDD
JBFR/o1aJgKmWyYZNmdYlOCPgy8nAI6LYmXPg4d7qoMtGOtOJn3EgNU4/+8hcgSO
4LEgrqCuUGSDV/LiyUzlmdOTRXUl+LwhjHJbCDKBD7sV5a8Pto4FoQBcA/ZYQ+kz
esquyS1QgoUv2KI7qcbcQE6iWZ4MuhhMJV9JfXM0Nstcvtm2t4MJNTMGcE9KpLWz
FPj/Gulddqs69RNtMT2tc9E9JPOYVP6EeheqDbjeW2Ar8pr2kXtQ/91XXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHrcGbPowWoxy7NgVrC4Arygnw5VMB8GA1UdIwQY
MBaAFJnvuysWU0IoN5N90n3jVOaPngGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWUtN0t4WlRRaWczazMzU2ZlTlU1by1lQWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjZiYmMtZDA2MS00YWYxLTg5NjQt
NDFkNzllZmI0OWE5LzEvZXR3WnMtakJhakhMczJCV3NMZ0N2S0NmRGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjZiYmMtZDA2MS00YWYxLTg5NjQtNDFkNzllZmI0OWE5
LzEvbWUtN0t4WlRRaWczazMzU2ZlTlU1by1lQWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYnwMA0E
AgACMAcDBQEqBwuAMA0GCSqGSIb3DQEBCwUAA4IBAQAymO+tqL00vh5CQO5+unDv
6wzjU4zYyp2rrUlBuiKMdf/1iI/wuELDb5xHRLG1+N4QRcWSgoLrPaxkq6Hrt+e9
5fDTEM/tC0CPcqxXTm5qMqmWzTgOxhtpumcI70f6oXHh4aHkijeKeEMHtdbqy1/5
vpFWJ+IaytptLMtz82Xg4iSEgtk4aVZhUl0ut7RBHDOgjBjLW0/o60933XTzhrHS
hGyKRuHje87ZIuoAL7Xga1JlSzluXJi/nZXi3p6EyfG0PRNS3mhSa72resZy+jjK
/QnW7dqM+ZH8IrnyKoAFdxjmw3s2GR+a6QgumTMlFeQeGnia0WBVDqdMkz139b2q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:22 2024 by rpki-client on console-ams.rpki-client.org