Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/uPIuc3giDhVSfkIQycKMZYMuJq8.roa
File: uPIuc3giDhVSfkIQycKMZYMuJq8.roa (raw, json)
Hash identifier: r74k1sWXQ48cukp/+qUll3PbDS1Sk+R2LPpfe7w9BIQ=
Subject key identifier: B8:F2:2E:73:78:22:0E:15:52:7E:42:10:C9:C2:8C:65:83:2E:26:AF
Certificate issuer: /CN=ef478021f72a21b77142a44d815dde9ef2684cbc
Certificate serial: 018572711080BCD4949B783042CA9EC5A1DA
Authority key identifier: EF:47:80:21:F7:2A:21:B7:71:42:A4:4D:81:5D:DE:9E:F2:68:4C:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70eAIfcqIbdxQqRNgV3envJoTLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/uPIuc3giDhVSfkIQycKMZYMuJq8.roa
Signing time: Mon 02 Jan 2023 12:24:50 +0000
ROA not before: Mon 02 Jan 2023 12:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203675
IP address blocks: 185.82.108.0/24 maxlen: 24
185.82.111.0/24 maxlen: 24
185.82.108.0/22 maxlen: 22
185.82.109.0/24 maxlen: 24
185.82.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:10:80:bc:d4:94:9b:78:30:42:ca:9e:c5:a1:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef478021f72a21b77142a44d815dde9ef2684cbc
Validity
Not Before: Jan 2 12:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8f22e7378220e15527e4210c9c28c65832e26af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:eb:5d:b1:f0:46:6c:56:c7:ec:a3:af:ce:e9:
e9:0c:d8:6f:e3:84:f8:2a:b0:0f:92:9a:1f:bb:5b:
94:1d:f9:5a:a3:83:22:45:d4:45:8e:6b:a2:66:af:
e5:9b:1c:f8:27:7b:79:7a:2e:6d:82:a5:72:0e:2f:
bb:6b:e6:82:c6:52:97:92:1d:b5:50:b4:bb:be:31:
a1:0f:b5:9e:da:68:ef:fc:6c:db:a2:30:5f:af:f6:
56:a2:4d:00:37:b5:02:59:df:2d:eb:5c:2c:f6:f1:
dc:2b:11:83:ee:75:27:e2:6d:e6:32:19:d7:c9:a0:
98:76:e4:2f:43:c9:31:c1:d9:69:41:ca:66:ae:9d:
d7:23:c5:53:c0:c8:ce:5f:90:c2:3d:08:ea:48:f9:
8d:67:cc:50:e6:bd:75:f1:85:6c:0b:97:8f:bf:2d:
42:37:56:96:2d:d2:58:ea:5f:47:e2:20:c8:ed:66:
44:9b:1c:e2:e8:81:a1:b0:a0:90:00:d8:1d:f6:15:
0e:97:f1:64:e6:62:64:4d:7c:d9:6d:4a:d0:91:71:
77:96:f8:60:4c:16:97:45:e2:af:e3:36:36:02:15:
69:5f:ed:a7:80:94:77:89:30:ee:76:28:bc:6b:5f:
cc:28:52:2a:08:a1:10:46:4e:07:6b:88:2d:47:3e:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F2:2E:73:78:22:0E:15:52:7E:42:10:C9:C2:8C:65:83:2E:26:AF
X509v3 Authority Key Identifier:
keyid:EF:47:80:21:F7:2A:21:B7:71:42:A4:4D:81:5D:DE:9E:F2:68:4C:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70eAIfcqIbdxQqRNgV3envJoTLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/uPIuc3giDhVSfkIQycKMZYMuJq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/70eAIfcqIbdxQqRNgV3envJoTLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.108.0/22
Signature Algorithm: sha256WithRSAEncryption
19:7a:aa:08:3b:c3:01:40:ce:53:38:ed:c9:d5:fb:4f:e1:67:
9e:00:36:73:d1:f0:c5:21:29:e2:10:a4:88:1e:f3:76:13:51:
8a:fd:9a:2d:95:57:30:b3:fb:57:5f:ca:c8:4d:77:77:65:d3:
b2:bc:70:ea:3f:f3:a1:18:24:60:a9:74:66:c6:f8:91:31:4b:
f2:37:43:e1:50:d9:a0:65:b3:cc:ab:7d:e4:aa:1c:f3:91:9a:
7c:35:0b:4b:eb:f4:4a:5a:7e:a8:f4:9c:54:6d:b8:4f:ea:ec:
a3:9a:75:98:e7:45:c7:61:cb:7d:c2:6a:d2:17:f9:11:2e:5c:
61:21:13:f0:76:23:f7:3f:df:02:fe:75:73:2f:ad:e7:24:77:
6d:19:1e:3a:45:ef:e9:9d:29:77:e1:3e:f5:e8:0d:68:c5:e1:
44:c0:a1:61:55:81:c9:1f:4c:f1:98:bf:06:2d:4c:c1:a5:10:
2b:dd:ec:9f:fd:a3:5b:cc:32:5a:bb:47:6a:91:a1:51:bb:7e:
1b:87:6b:4f:51:1f:f4:d7:ab:32:39:ba:9e:b3:73:8e:e7:14:
54:e2:9d:f7:7e:ca:46:0c:f0:3d:7f:d9:db:36:7a:f3:c4:c0:
39:fa:83:1d:33:f0:57:07:3f:8f:d9:b2:3e:fb:4e:9d:fa:79:
55:d8:e8:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycRCAvNSUm3gwQsqexaHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDc4MDIxZjcyYTIxYjc3MTQyYTQ0ZDgxNWRkZTllZjI2
ODRjYmMwHhcNMjMwMTAyMTIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGYyMmU3Mzc4MjIwZTE1NTI3ZTQyMTBjOWMyOGM2NTgzMmUyNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjetdsfBGbFbH7KOvzunpDNhv44T4
KrAPkpofu1uUHflao4MiRdRFjmuiZq/lmxz4J3t5ei5tgqVyDi+7a+aCxlKXkh21
ULS7vjGhD7We2mjv/GzbojBfr/ZWok0AN7UCWd8t61ws9vHcKxGD7nUn4m3mMhnX
yaCYduQvQ8kxwdlpQcpmrp3XI8VTwMjOX5DCPQjqSPmNZ8xQ5r118YVsC5ePvy1C
N1aWLdJY6l9H4iDI7WZEmxzi6IGhsKCQANgd9hUOl/Fk5mJkTXzZbUrQkXF3lvhg
TBaXReKv4zY2AhVpX+2ngJR3iTDudii8a1/MKFIqCKEQRk4Ha4gtRz7BsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjyLnN4Ig4VUn5CEMnCjGWDLiavMB8GA1UdIwQY
MBaAFO9HgCH3KiG3cUKkTYFd3p7yaEy8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBlQUlmY3FJYmR4UXFSTmdWM2VudkpvVEx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81MTcyZWItNmZiOC00MjE2LThkODEt
MzQ0MzQ2NGI5MjA5LzEvdVBJdWMzZ2lEaFZTZmtJUXljS01aWU11SnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81MTcyZWItNmZiOC00MjE2LThkODEtMzQ0MzQ2NGI5MjA5
LzEvNzBlQUlmY3FJYmR4UXFSTmdWM2VudkpvVEx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVJsMA0G
CSqGSIb3DQEBCwUAA4IBAQAZeqoIO8MBQM5TOO3J1ftP4WeeADZz0fDFISniEKSI
HvN2E1GK/ZotlVcws/tXX8rITXd3ZdOyvHDqP/OhGCRgqXRmxviRMUvyN0PhUNmg
ZbPMq33kqhzzkZp8NQtL6/RKWn6o9JxUbbhP6uyjmnWY50XHYct9wmrSF/kRLlxh
IRPwdiP3P98C/nVzL63nJHdtGR46Re/pnSl34T716A1oxeFEwKFhVYHJH0zxmL8G
LUzBpRAr3eyf/aNbzDJau0dqkaFRu34bh2tPUR/016syObqes3OO5xRU4p33fspG
DPA9f9nbNnrzxMA5+oMdM/BXBz+P2bI++06d+nlV2Oh/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:20 2024 by rpki-client on console-ams.rpki-client.org