Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/MeYmuj2invVM_4wrDaOfMtmJaR4.roa
File: MeYmuj2invVM_4wrDaOfMtmJaR4.roa (raw, json)
Hash identifier: i7eZ2vdTA2iblkrzVgWL/r/t+WlM4LsrCe0aXDZ+1Rc=
Subject key identifier: 31:E6:26:BA:3D:A2:9E:F5:4C:FF:8C:2B:0D:A3:9F:32:D9:89:69:1E
Certificate issuer: /CN=0a4bd1d30f7235cd71739c042310dc26080738f6
Certificate serial: 01857139F1F451A011556F048760E585DFCB
Authority key identifier: 0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/MeYmuj2invVM_4wrDaOfMtmJaR4.roa
Signing time: Mon 02 Jan 2023 06:45:00 +0000
ROA not before: Mon 02 Jan 2023 06:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51269
IP address blocks: 178.255.96.0/21 maxlen: 24
185.103.140.0/22 maxlen: 24
2a03:b700::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:f1:f4:51:a0:11:55:6f:04:87:60:e5:85:df:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4bd1d30f7235cd71739c042310dc26080738f6
Validity
Not Before: Jan 2 06:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31e626ba3da29ef54cff8c2b0da39f32d989691e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6f:d4:b2:25:ca:5c:df:23:50:ae:33:a5:22:
4a:5b:05:ea:f7:d4:08:a3:13:aa:bc:d4:b2:66:93:
a5:ce:f1:43:b9:03:36:0e:a1:24:e0:ae:70:0c:32:
6b:24:dd:9b:7b:e8:cb:3b:e7:33:ee:fd:24:9d:23:
71:ea:2a:3f:fa:32:19:be:d8:86:1a:62:0e:4c:43:
5e:0e:ca:85:d0:f4:cf:0d:da:26:cb:20:cb:f8:3f:
5a:4a:96:8a:47:63:5d:82:7a:17:86:04:a3:3c:01:
04:c5:70:26:ad:8c:90:32:cd:31:af:3e:26:9f:6a:
42:46:06:58:89:af:3f:66:36:51:d7:17:4f:eb:7e:
f9:b7:95:1a:0f:a5:ad:24:99:52:6b:57:c0:c5:6b:
20:9e:b5:32:f9:2c:2b:d7:96:e9:b3:e6:45:be:2a:
d4:e3:c8:ca:b8:a9:e2:1a:70:47:1d:e1:de:a9:b5:
a2:68:2e:e5:1e:a8:12:a8:9e:0f:3e:27:e6:e1:07:
4f:9f:99:7e:af:a2:d5:77:1b:e0:c6:e0:82:2a:a6:
1b:8e:fa:b3:7c:a3:f9:d1:bb:cd:73:29:60:f9:3b:
02:98:c7:15:cd:af:a2:5b:b3:f8:a1:30:db:89:98:
0d:d9:69:24:64:18:d1:2f:e5:a6:40:63:db:e8:97:
0d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E6:26:BA:3D:A2:9E:F5:4C:FF:8C:2B:0D:A3:9F:32:D9:89:69:1E
X509v3 Authority Key Identifier:
keyid:0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/MeYmuj2invVM_4wrDaOfMtmJaR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/CkvR0w9yNc1xc5wEIxDcJggHOPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.96.0/21
185.103.140.0/22
IPv6:
2a03:b700::/29
Signature Algorithm: sha256WithRSAEncryption
7d:64:25:f0:0b:a7:30:51:b5:fc:a6:e5:80:be:d4:8e:1e:bb:
96:3b:c4:b1:f8:bd:f3:8b:4f:a9:e0:cb:e4:64:d1:8c:26:f6:
36:74:d8:0e:94:8b:0b:fa:00:e6:b5:c0:8c:a9:68:6b:88:d5:
58:5f:32:a9:ff:55:a8:a0:a0:a0:a9:70:52:93:cd:ba:4a:0b:
3e:57:f9:d0:43:4c:6b:7f:c6:18:75:72:c2:46:47:f3:74:da:
d4:8a:0e:0c:bd:f6:32:6e:7a:1f:88:93:e6:dc:33:25:c8:19:
f6:d3:7e:59:8b:39:fe:5c:f6:66:c1:10:ce:71:f9:ff:ae:af:
1e:00:0c:ec:88:97:00:83:90:58:ba:c7:27:6c:51:ef:9e:58:
b8:94:64:57:d7:aa:a9:41:88:09:2b:7f:bc:9c:33:7e:37:a0:
9a:04:5b:1b:45:ad:f7:5a:07:c1:0c:6d:ca:ff:da:c4:80:51:
95:4e:d0:38:4e:f7:00:50:01:e7:3d:f6:0a:28:2b:90:b3:73:
5d:ef:5e:a8:46:06:04:e9:9a:97:b1:28:1b:ba:a5:ae:d9:7c:
ea:04:ff:8f:e1:15:87:03:cb:28:2e:94:c1:2f:f8:16:af:a3:
19:df:a1:86:c0:22:0b:55:b1:12:a3:5d:ab:9c:73:65:ad:3c:
e9:f8:64:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxOfH0UaARVW8Eh2Dlhd/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNGJkMWQzMGY3MjM1Y2Q3MTczOWMwNDIzMTBkYzI2MDgw
NzM4ZjYwHhcNMjMwMTAyMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWU2MjZiYTNkYTI5ZWY1NGNmZjhjMmIwZGEzOWYzMmQ5ODk2OTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim/UsiXKXN8jUK4zpSJKWwXq99QI
oxOqvNSyZpOlzvFDuQM2DqEk4K5wDDJrJN2be+jLO+cz7v0knSNx6io/+jIZvtiG
GmIOTENeDsqF0PTPDdomyyDL+D9aSpaKR2NdgnoXhgSjPAEExXAmrYyQMs0xrz4m
n2pCRgZYia8/ZjZR1xdP6375t5UaD6WtJJlSa1fAxWsgnrUy+Swr15bps+ZFvirU
48jKuKniGnBHHeHeqbWiaC7lHqgSqJ4PPifm4QdPn5l+r6LVdxvgxuCCKqYbjvqz
fKP50bvNcylg+TsCmMcVza+iW7P4oTDbiZgN2WkkZBjRL+WmQGPb6JcNLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDHmJro9op71TP+MKw2jnzLZiWkeMB8GA1UdIwQY
MBaAFApL0dMPcjXNcXOcBCMQ3CYIBzj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2t2UjB3OXlOYzF4YzV3RUl4RGNKZ2dIT1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84ZDUwOWYtZmI2NC00MjNkLWIyNjEt
Mzg4NDQzZDVmMDBmLzEvTWVZbXVqMmludlZNXzR3ckRhT2ZNdG1KYVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi84ZDUwOWYtZmI2NC00MjNkLWIyNjEtMzg4NDQzZDVmMDBm
LzEvQ2t2UjB3OXlOYzF4YzV3RUl4RGNKZ2dIT1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv9gAwQC
uWeMMA0EAgACMAcDBQMqA7cAMA0GCSqGSIb3DQEBCwUAA4IBAQB9ZCXwC6cwUbX8
puWAvtSOHruWO8Sx+L3zi0+p4MvkZNGMJvY2dNgOlIsL+gDmtcCMqWhriNVYXzKp
/1WooKCgqXBSk826Sgs+V/nQQ0xrf8YYdXLCRkfzdNrUig4MvfYybnofiJPm3DMl
yBn2035Zizn+XPZmwRDOcfn/rq8eAAzsiJcAg5BYuscnbFHvnli4lGRX16qpQYgJ
K3+8nDN+N6CaBFsbRa33WgfBDG3K/9rEgFGVTtA4TvcAUAHnPfYKKCuQs3Nd716o
RgYE6ZqXsSgbuqWu2XzqBP+P4RWHA8soLpTBL/gWr6MZ36GGwCILVbESo12rnHNl
rTzp+GQx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:13 2024 by rpki-client on console-fra.rpki-client.org