Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uU83SPpk7Fo0LO3VUHrvuokCM3o.roa
File: uU83SPpk7Fo0LO3VUHrvuokCM3o.roa (raw, json)
Hash identifier: 3Uatm98p25VAFlABgJpGQRmJl58VElfMEKB369ye1gg=
Subject key identifier: B9:4F:37:48:FA:64:EC:5A:34:2C:ED:D5:50:7A:EF:BA:89:02:33:7A
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 0185712797DE798D432006F0513C4878218A
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uU83SPpk7Fo0LO3VUHrvuokCM3o.roa
Signing time: Mon 02 Jan 2023 06:24:58 +0000
ROA not before: Mon 02 Jan 2023 06:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 194.33.58.0/24 maxlen: 24
91.224.109.0/24 maxlen: 24
91.224.108.0/23 maxlen: 23
91.224.108.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:97:de:79:8d:43:20:06:f0:51:3c:48:78:21:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jan 2 06:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b94f3748fa64ec5a342cedd5507aefba8902337a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7f:1e:94:07:28:c3:f0:20:40:fa:bf:5f:0e:
c7:52:d9:da:e5:ae:69:60:ed:59:ec:ae:ac:79:bd:
74:16:99:eb:6a:1c:d4:31:91:2a:71:53:89:0b:06:
6d:2f:03:55:25:1d:3d:83:17:49:54:d4:42:b7:a9:
e3:4a:f0:d1:02:36:54:1c:25:ca:08:d5:34:4f:f3:
f0:b1:be:a9:07:66:e1:62:41:29:33:d7:b3:78:1b:
41:f6:8d:4d:5e:18:b0:db:f5:f5:d1:d2:00:9d:33:
db:1e:32:69:fc:fb:74:ad:0d:7a:f9:bc:fe:98:db:
be:94:31:3f:e5:1d:c0:8f:3e:b9:d3:45:d5:3c:0d:
ee:32:69:fa:6f:9c:08:84:27:47:c7:43:0d:8f:6b:
fe:1f:82:77:fd:3b:d1:2f:d2:71:87:d5:b5:5f:9d:
53:f6:66:a6:ab:5a:13:b0:c5:6b:01:44:61:b2:8f:
ca:ed:c5:e0:b1:96:81:d3:50:3e:6b:fe:af:4f:ca:
a3:86:74:2f:86:1d:7a:33:8a:61:c7:7f:d2:56:2a:
f1:c1:24:c2:6f:28:6f:24:e5:77:f4:d7:22:cf:ba:
98:4e:8b:af:19:29:01:97:e1:67:41:4f:c1:35:82:
d8:c3:da:5c:53:3f:bc:1e:b8:72:e7:74:22:b6:a3:
8b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4F:37:48:FA:64:EC:5A:34:2C:ED:D5:50:7A:EF:BA:89:02:33:7A
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uU83SPpk7Fo0LO3VUHrvuokCM3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.108.0/23
194.33.58.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:97:87:dd:59:db:32:94:26:82:c7:3c:0e:7a:9a:2f:88:ba:
01:fc:02:d7:df:5d:bc:c1:99:13:d1:2c:6f:a6:a0:f3:7d:4f:
b2:1a:69:07:c8:aa:0a:99:d9:70:d3:31:51:d4:5c:3e:09:a4:
76:3f:2f:32:57:89:bd:c0:59:fd:03:b3:a6:e5:2c:ca:29:a0:
c6:88:5a:09:78:2a:fa:53:85:b3:af:b3:01:a3:83:c2:cd:da:
3c:71:b7:2a:fb:f2:a4:70:90:e3:ae:05:4b:ac:06:bb:5a:ed:
b8:02:22:f8:64:c1:ad:d0:7f:80:c2:ab:e9:f8:b7:6f:39:13:
15:2b:22:fd:2f:e5:14:a7:b3:a3:8d:36:ac:20:9e:31:a0:a6:
55:c9:89:8a:9e:04:2f:c0:a8:d5:26:ae:92:c6:41:50:9a:17:
93:e5:1d:4f:bd:af:ff:4b:7e:89:ff:89:d4:f5:22:14:11:c7:
8d:ff:64:a1:16:19:0c:b5:6e:78:02:f3:33:4e:4b:06:f4:af:
a6:c5:40:e8:53:a0:43:8d:c5:18:df:70:4e:22:f0:55:b0:d1:
72:39:e6:23:cb:f0:45:87:f4:8e:ef:32:88:6e:86:bc:fa:b9:
17:54:cf:6c:d0:4e:70:b4:a7:43:c7:75:c4:c1:de:c1:34:d0:
d7:3a:d5:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxJ5feeY1DIAbwUTxIeCGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjMwMTAyMDYyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRmMzc0OGZhNjRlYzVhMzQyY2VkZDU1MDdhZWZiYTg5MDIzMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH8elAcow/AgQPq/Xw7HUtna5a5p
YO1Z7K6seb10FpnrahzUMZEqcVOJCwZtLwNVJR09gxdJVNRCt6njSvDRAjZUHCXK
CNU0T/Pwsb6pB2bhYkEpM9ezeBtB9o1NXhiw2/X10dIAnTPbHjJp/Pt0rQ16+bz+
mNu+lDE/5R3Ajz6500XVPA3uMmn6b5wIhCdHx0MNj2v+H4J3/TvRL9Jxh9W1X51T
9mamq1oTsMVrAURhso/K7cXgsZaB01A+a/6vT8qjhnQvhh16M4phx3/SVirxwSTC
byhvJOV39Nciz7qYTouvGSkBl+FnQU/BNYLYw9pcUz+8Hrhy53QitqOLEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLlPN0j6ZOxaNCzt1VB677qJAjN6MB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvdVU4M1NQcGs3Rm8wTE8zVlVIcnZ1b2tDTTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+BsAwQA
wiE6MA0GCSqGSIb3DQEBCwUAA4IBAQA7l4fdWdsylCaCxzwOepoviLoB/ALX3128
wZkT0SxvpqDzfU+yGmkHyKoKmdlw0zFR1Fw+CaR2Py8yV4m9wFn9A7Om5SzKKaDG
iFoJeCr6U4Wzr7MBo4PCzdo8cbcq+/KkcJDjrgVLrAa7Wu24AiL4ZMGt0H+Awqvp
+LdvORMVKyL9L+UUp7OjjTasIJ4xoKZVyYmKngQvwKjVJq6SxkFQmheT5R1Pva//
S36J/4nU9SIUEceN/2ShFhkMtW54AvMzTksG9K+mxUDoU6BDjcUY33BOIvBVsNFy
OeYjy/BFh/SO7zKIboa8+rkXVM9s0E5wtKdDx3XEwd7BNNDXOtVf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:52 2023 by rpki-client on console-fra.rpki-client.org