Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/MET03x5h-XAYbqDBf40Kd8yMI9M.roa
File: MET03x5h-XAYbqDBf40Kd8yMI9M.roa (raw, json)
Hash identifier: VAmVSDysp5jrojJluSQKV21CJYupdlSuN7+wEqda2QQ=
Subject key identifier: 30:44:F4:DF:1E:61:F9:70:18:6E:A0:C1:7F:8D:0A:77:CC:8C:23:D3
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 018571F9F97F0E572AF033DF24FFC0818437
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/MET03x5h-XAYbqDBf40Kd8yMI9M.roa
Signing time: Mon 02 Jan 2023 10:14:45 +0000
ROA not before: Mon 02 Jan 2023 10:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8540
IP address blocks: 185.151.20.0/22 maxlen: 24
45.155.184.0/22 maxlen: 24
185.236.166.0/24 maxlen: 24
185.236.164.0/23 maxlen: 24
2a07:7540::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Dec 2023 07:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f9:f9:7f:0e:57:2a:f0:33:df:24:ff:c0:81:84:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Jan 2 10:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3044f4df1e61f970186ea0c17f8d0a77cc8c23d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:29:5d:37:53:a4:5c:15:c1:de:1f:b5:64:c7:
61:ce:0e:0e:85:89:b1:b6:bc:6e:a7:00:7b:f8:9a:
b8:f7:38:ea:4d:a4:5e:84:4d:d1:47:6d:a8:d3:0c:
f5:52:dc:54:5b:2f:7e:e8:7c:d1:a7:6b:ba:72:8b:
56:16:5f:31:15:b1:37:49:10:3f:3f:8c:86:00:e8:
30:3a:b0:ae:5a:d2:87:39:52:7d:58:aa:b4:a6:49:
40:fa:3a:87:af:04:a0:5c:64:5b:f2:bc:70:f2:e5:
36:ee:f2:b7:ad:dd:77:5f:fa:a8:8a:55:74:93:c5:
6c:57:49:eb:11:fd:7d:67:0d:c3:ae:17:84:2b:62:
65:21:54:ae:fa:cf:08:65:cd:81:d7:1f:5a:42:e5:
93:ee:e1:54:f1:35:bc:0e:24:fb:6a:7d:93:5f:61:
b7:e1:cb:3e:c2:a9:49:20:e1:4f:1c:0c:3f:ac:29:
3f:dd:99:ba:b9:cf:32:3e:72:8d:77:d0:a0:11:8c:
f8:a6:00:5f:26:82:fb:40:c6:7f:ee:dd:23:ac:2f:
d7:f0:9f:99:27:c6:01:65:81:63:71:df:50:ed:3b:
fc:42:c5:87:9e:be:1f:6b:a5:f9:ee:bb:dd:4a:d1:
b4:3d:92:93:2b:ea:97:55:04:d6:fb:b3:e5:a9:46:
e1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:44:F4:DF:1E:61:F9:70:18:6E:A0:C1:7F:8D:0A:77:CC:8C:23:D3
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/MET03x5h-XAYbqDBf40Kd8yMI9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
185.151.20.0/22
185.236.164.0-185.236.166.255
IPv6:
2a07:7540::/29
Signature Algorithm: sha256WithRSAEncryption
68:48:19:9e:5c:ed:5e:98:0a:a6:e6:cc:de:f7:dc:1a:59:ab:
37:9f:8a:fc:ba:f6:6d:1a:79:c1:46:98:81:05:df:71:3f:2f:
9b:eb:53:ca:6f:65:cf:64:c1:b9:43:2a:96:f7:d0:80:d3:39:
96:20:f4:3c:33:85:24:d1:d1:7e:93:05:5a:c5:43:a4:54:ef:
a5:65:29:03:9f:5b:c4:5d:9d:85:c8:1e:80:b9:2c:00:ef:74:
3c:02:94:4f:81:d1:8f:bb:7d:da:f9:a4:bf:4b:dd:f9:fb:dd:
9d:1f:26:d5:0d:47:7b:02:79:6c:03:10:71:3f:97:6c:22:2d:
b0:b1:fa:32:31:99:c9:69:73:24:89:7c:3c:71:14:44:c2:97:
bb:eb:77:fc:d2:cb:8d:e9:0b:c9:fa:da:94:26:34:d7:c5:fa:
86:42:32:00:af:1c:b3:b4:94:c1:df:db:bd:98:a2:18:9f:bf:
1c:f5:36:d0:fa:76:90:52:85:59:82:3a:15:7b:57:50:f0:dd:
1b:e4:c5:46:3e:dd:d0:2b:27:a8:4f:98:0c:e7:af:87:de:a7:
ec:e2:c1:2d:80:4c:2f:e3:7b:03:61:c4:de:9d:a8:09:a8:51:
d0:54:09:02:20:81:5e:1f:71:7b:96:48:dd:cd:fd:4f:58:87:
a5:a5:2a:8b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVx+fl/Dlcq8DPfJP/AgYQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDY0YmE5ZDI2Mzg1ZjU0ZGY2MjU0YWMyNDg5MjZkMzcw
NDQ1YjAwHhcNMjMwMTAyMTAxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDQ0ZjRkZjFlNjFmOTcwMTg2ZWEwYzE3ZjhkMGE3N2NjOGMyM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCldN1OkXBXB3h+1ZMdhzg4OhYmx
trxupwB7+Jq49zjqTaRehE3RR22o0wz1UtxUWy9+6HzRp2u6cotWFl8xFbE3SRA/
P4yGAOgwOrCuWtKHOVJ9WKq0pklA+jqHrwSgXGRb8rxw8uU27vK3rd13X/qoilV0
k8VsV0nrEf19Zw3DrheEK2JlIVSu+s8IZc2B1x9aQuWT7uFU8TW8DiT7an2TX2G3
4cs+wqlJIOFPHAw/rCk/3Zm6uc8yPnKNd9CgEYz4pgBfJoL7QMZ/7t0jrC/X8J+Z
J8YBZYFjcd9Q7Tv8QsWHnr4fa6X57rvdStG0PZKTK+qXVQTW+7PlqUbhmQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDBE9N8eYflwGG6gwX+NCnfMjCPTMB8GA1UdIwQY
MBaAFLxGS6nSY4X1TfYlSsJIkm03BEWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQt
ZDczZGM0YjQxY2UxLzEvTUVUMDN4NWgtWEFZYnFEQmY0MEtkOHlNSTlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQtZDczZGM0YjQxY2Ux
LzEvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCLZu4AwQC
uZcUMAwDBAK57KQDBAC57KYwDQQCAAIwBwMFAyoHdUAwDQYJKoZIhvcNAQELBQAD
ggEBAGhIGZ5c7V6YCqbmzN733BpZqzefivy69m0aecFGmIEF33E/L5vrU8pvZc9k
wblDKpb30IDTOZYg9DwzhSTR0X6TBVrFQ6RU76VlKQOfW8RdnYXIHoC5LADvdDwC
lE+B0Y+7fdr5pL9L3fn73Z0fJtUNR3sCeWwDEHE/l2wiLbCx+jIxmclpcySJfDxx
FETCl7vrd/zSy43pC8n62pQmNNfF+oZCMgCvHLO0lMHf272Yohifvxz1NtD6dpBS
hVmCOhV7V1Dw3RvkxUY+3dArJ6hPmAznr4fep+ziwS2ATC/jewNhxN6dqAmoUdBU
CQIggV4fcXuWSN3N/U9Yh6WlKos=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:16 2024 by rpki-client on console-ams.rpki-client.org