Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/M-62rwsUBJ3Shhy1VoQojTIKPe8.roa
File: M-62rwsUBJ3Shhy1VoQojTIKPe8.roa (raw, json)
Hash identifier: k2viwzwL6MWkNRt4e8d8GcX6asV443clfJfCm/shOm8=
Subject key identifier: 33:EE:B6:AF:0B:14:04:9D:D2:86:1C:B5:56:84:28:8D:32:0A:3D:EF
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 018D36883183BD1FE8B2DFD5E42335B51556
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/M-62rwsUBJ3Shhy1VoQojTIKPe8.roa
Signing time: Tue 23 Jan 2024 13:35:11 +0000
ROA not before: Tue 23 Jan 2024 13:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215733
IP address blocks: 185.97.236.0/22 maxlen: 22
185.152.72.0/22 maxlen: 22
185.206.192.0/22 maxlen: 22
2a01:ac::/32 maxlen: 32
2a01:ad::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Jan 2024 17:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:88:31:83:bd:1f:e8:b2:df:d5:e4:23:35:b5:15:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Jan 23 13:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33eeb6af0b14049dd2861cb55684288d320a3def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:97:8f:5e:61:3d:c4:13:95:44:a5:46:0e:c1:
e4:db:f3:72:56:1a:af:2e:68:dd:a3:28:40:87:eb:
9c:ab:12:74:20:f2:04:44:32:f5:62:3c:49:53:09:
68:f9:b3:4f:12:f5:3d:55:ab:3d:ba:b6:7c:ef:69:
54:95:1e:89:35:7c:0e:ff:37:b0:ad:07:99:84:35:
71:61:92:07:12:30:e0:b6:7c:e7:c2:ea:4b:5e:f5:
95:b3:ac:a2:03:aa:02:c3:0d:f4:95:3c:ee:4a:35:
d9:70:c8:33:be:ba:e1:d6:3f:81:e6:60:39:0c:cd:
e8:cc:45:83:d8:1d:36:b7:d6:47:9c:81:39:3e:69:
1e:0e:17:ea:83:48:cd:4d:d7:bd:bc:85:4a:49:51:
29:a7:fb:b4:d2:ad:fd:73:3b:27:a5:30:e4:4c:2a:
cc:07:1e:d0:98:f1:a3:1e:52:cd:c2:cc:d2:72:66:
2d:3a:7f:08:1d:98:c5:e3:0a:ca:75:1a:2e:13:bc:
66:c0:f6:7b:95:5e:9e:21:b0:d5:0a:f2:81:5e:e3:
98:cf:ba:34:2b:b9:15:9b:d7:d3:78:38:87:c4:63:
43:6e:fa:8f:01:08:cb:99:5d:39:6b:01:56:cb:8b:
62:f0:53:27:78:ed:15:6a:51:8b:05:f0:7d:5a:2f:
1f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:EE:B6:AF:0B:14:04:9D:D2:86:1C:B5:56:84:28:8D:32:0A:3D:EF
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/M-62rwsUBJ3Shhy1VoQojTIKPe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.236.0/22
185.152.72.0/22
185.206.192.0/22
IPv6:
2a01:ac::/31
Signature Algorithm: sha256WithRSAEncryption
87:6d:4a:2b:2b:4e:f6:7a:53:e2:56:7f:39:e5:bc:dc:05:a2:
b0:63:ec:3e:9c:35:e4:f1:b9:f5:f4:42:2e:9b:ac:14:ed:dd:
fc:c9:0c:dc:4a:bf:f0:e1:41:17:3c:26:51:d3:c6:68:f6:f2:
86:d9:c7:dc:dc:a9:d6:74:be:d2:4c:9f:8e:e2:2f:9c:85:22:
5d:5e:a8:df:fd:f2:67:13:f4:1f:4d:67:bb:c1:c0:00:0e:1a:
2a:b0:87:6c:29:9d:3f:7f:a8:75:a5:41:7d:77:d6:f1:16:01:
94:de:54:f8:69:67:82:00:14:b8:48:98:42:d0:a7:06:e8:e1:
69:c3:1a:e4:54:7e:85:c7:70:a4:9e:e5:0f:2a:7d:25:a0:2d:
90:34:cc:18:f2:5c:fb:7c:0a:a0:1d:a2:92:31:e7:6f:c7:12:
4c:2e:69:67:f2:4c:74:aa:8e:e3:91:75:e7:0d:20:51:c4:9c:
8f:9a:c6:c2:f0:c7:93:d7:0b:8a:70:6d:a2:ec:5a:31:24:66:
ce:aa:ab:b0:6b:eb:9b:bf:25:2e:64:8a:ce:a9:cd:c0:df:43:
f7:69:46:20:51:5c:45:fb:e6:a4:bc:7b:1b:44:18:63:c0:bb:
0c:7a:97:7a:d1:93:bb:05:52:1e:bc:d7:31:40:e2:5f:49:e7:
2d:10:76:c5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY02iDGDvR/ost/V5CM1tRVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTIzMTMzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2VlYjZhZjBiMTQwNDlkZDI4NjFjYjU1Njg0Mjg4ZDMyMGEzZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZePXmE9xBOVRKVGDsHk2/NyVhqv
LmjdoyhAh+ucqxJ0IPIERDL1YjxJUwlo+bNPEvU9Vas9urZ872lUlR6JNXwO/zew
rQeZhDVxYZIHEjDgtnznwupLXvWVs6yiA6oCww30lTzuSjXZcMgzvrrh1j+B5mA5
DM3ozEWD2B02t9ZHnIE5PmkeDhfqg0jNTde9vIVKSVEpp/u00q39czsnpTDkTCrM
Bx7QmPGjHlLNwszScmYtOn8IHZjF4wrKdRouE7xmwPZ7lV6eIbDVCvKBXuOYz7o0
K7kVm9fTeDiHxGNDbvqPAQjLmV05awFWy4ti8FMneO0ValGLBfB9Wi8f2QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDPutq8LFASd0oYctVaEKI0yCj3vMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvTS02MnJ3c1VCSjNTaGh5MVZvUW9qVElLUGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWHsAwQC
uZhIAwQCuc7AMA0EAgACMAcDBQEqAQCsMA0GCSqGSIb3DQEBCwUAA4IBAQCHbUor
K072elPiVn855bzcBaKwY+w+nDXk8bn19EIum6wU7d38yQzcSr/w4UEXPCZR08Zo
9vKG2cfc3KnWdL7STJ+O4i+chSJdXqjf/fJnE/QfTWe7wcAADhoqsIdsKZ0/f6h1
pUF9d9bxFgGU3lT4aWeCABS4SJhC0KcG6OFpwxrkVH6Fx3CknuUPKn0loC2QNMwY
8lz7fAqgHaKSMedvxxJMLmln8kx0qo7jkXXnDSBRxJyPmsbC8MeT1wuKcG2i7Fox
JGbOqquwa+ubvyUuZIrOqc3A30P3aUYgUVxF++akvHsbRBhjwLsMepd60ZO7BVIe
vNcxQOJfSectEHbF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org