Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3ac761-9ad8-4513-8a32-1f55d9999eeb/1/uRqFmX5yPPaxl72w3QCj1-EAS_g.roa
File: uRqFmX5yPPaxl72w3QCj1-EAS_g.roa (raw, json)
Hash identifier: EDSUSx1n4xJr1bjy+NB9hmB6ko7/YolYn7i5BWLiD2g=
Subject key identifier: B9:1A:85:99:7E:72:3C:F6:B1:97:BD:B0:DD:00:A3:D7:E1:00:4B:F8
Certificate issuer: /CN=44728fb31c4ebdfb9bf129745b91bd2e2ee8ef31
Certificate serial: 01856D788A11BE9D67C3669B3B99131185BF
Authority key identifier: 44:72:8F:B3:1C:4E:BD:FB:9B:F1:29:74:5B:91:BD:2E:2E:E8:EF:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHKPsxxOvfub8Sl0W5G9Li7o7zE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3ac761-9ad8-4513-8a32-1f55d9999eeb/1/uRqFmX5yPPaxl72w3QCj1-EAS_g.roa
Signing time: Sun 01 Jan 2023 13:14:54 +0000
ROA not before: Sun 01 Jan 2023 13:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19750
IP address blocks: 185.235.85.0/24 maxlen: 24
91.199.242.0/24 maxlen: 24
91.212.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:8a:11:be:9d:67:c3:66:9b:3b:99:13:11:85:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44728fb31c4ebdfb9bf129745b91bd2e2ee8ef31
Validity
Not Before: Jan 1 13:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b91a85997e723cf6b197bdb0dd00a3d7e1004bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:9a:f8:7b:2a:ae:da:74:6d:88:c9:fc:63:
53:2e:c6:2d:74:f2:f3:7b:dc:95:5b:48:be:08:24:
71:6b:f9:ae:f0:7a:65:fb:f3:9b:05:c0:d3:a0:6e:
a9:d2:6e:8b:be:67:db:ec:f3:56:bd:29:15:7a:25:
f3:39:be:66:06:72:db:a5:62:e1:ce:09:27:06:6d:
22:ae:49:04:5a:3b:15:7a:41:b7:7e:3a:81:d9:77:
a6:15:41:68:47:fa:ca:92:d6:0c:f9:88:83:cb:fc:
a8:65:4d:e7:b0:2c:06:5b:20:bb:be:c0:71:1b:2a:
b2:48:a2:b1:65:22:c5:cd:e5:7c:f0:56:ce:af:c3:
7b:ce:f8:81:eb:d8:72:c2:10:af:bb:09:a6:38:8d:
7c:53:16:a5:fa:45:4c:db:69:ba:97:65:c8:be:b7:
be:5e:c8:55:0c:fc:2f:6b:22:3e:74:7a:45:e0:c0:
52:0b:90:df:cf:2d:32:b9:52:ed:95:e4:ed:65:62:
da:af:26:a8:34:2e:bf:ff:cf:8f:9f:f4:fe:6b:1d:
d7:fc:de:97:7c:bc:6c:fd:16:8e:86:52:c3:12:c2:
d3:ca:4b:60:23:c9:4a:1a:53:e2:c7:47:74:03:ac:
c7:e6:8e:bc:96:8b:fa:13:ab:4d:c1:69:49:27:d4:
3a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1A:85:99:7E:72:3C:F6:B1:97:BD:B0:DD:00:A3:D7:E1:00:4B:F8
X509v3 Authority Key Identifier:
keyid:44:72:8F:B3:1C:4E:BD:FB:9B:F1:29:74:5B:91:BD:2E:2E:E8:EF:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHKPsxxOvfub8Sl0W5G9Li7o7zE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3ac761-9ad8-4513-8a32-1f55d9999eeb/1/uRqFmX5yPPaxl72w3QCj1-EAS_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3ac761-9ad8-4513-8a32-1f55d9999eeb/1/RHKPsxxOvfub8Sl0W5G9Li7o7zE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.242.0/24
91.212.98.0/24
185.235.85.0/24
Signature Algorithm: sha256WithRSAEncryption
18:a7:16:ce:72:a6:bc:d2:78:6b:ae:b7:78:bf:f5:20:90:0c:
a3:17:22:c9:43:5d:07:96:e1:09:f0:a6:4e:93:18:8b:6b:5a:
6b:ee:ff:bb:37:0b:36:69:a5:69:61:d8:f4:50:99:1e:49:1d:
33:b4:64:3c:65:2c:a4:bd:e3:4f:4a:3b:58:16:e7:46:3e:e3:
fc:f1:0f:2e:3b:1f:da:ab:31:73:6a:ee:f3:d3:8c:11:da:e0:
b6:15:77:a1:2e:cd:6b:9e:49:8d:29:f1:14:91:20:74:2b:2d:
32:5d:fa:a4:d8:0b:ec:95:d1:1e:50:4d:cc:6f:f0:a8:e4:84:
1b:03:ce:b6:cf:08:a5:d9:df:59:c6:8d:54:a7:ee:74:76:9b:
48:68:4c:b7:37:e7:5e:77:6b:87:8e:0a:af:f6:50:9a:34:a6:
cd:b4:22:49:7f:d2:ac:4f:85:ea:a0:45:08:28:93:84:29:e3:
e7:1a:05:0f:31:93:fe:1d:01:18:cf:be:16:ce:7d:11:53:1f:
87:30:5f:90:3c:9c:ce:8e:10:e0:60:fe:f7:a0:c2:d5:ca:3f:
38:d5:f1:c1:e6:4d:ac:df:fb:a3:35:6f:13:8f:43:32:dd:af:
f1:c9:06:8e:ca:94:8f:b9:a7:96:3a:6a:8d:51:fd:3f:8e:f0:
ec:8d:85:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVteIoRvp1nw2abO5kTEYW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzI4ZmIzMWM0ZWJkZmI5YmYxMjk3NDViOTFiZDJlMmVl
OGVmMzEwHhcNMjMwMTAxMTMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFhODU5OTdlNzIzY2Y2YjE5N2JkYjBkZDAwYTNkN2UxMDA0YmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGOa+Hsqrtp0bYjJ/GNTLsYtdPLz
e9yVW0i+CCRxa/mu8Hpl+/ObBcDToG6p0m6Lvmfb7PNWvSkVeiXzOb5mBnLbpWLh
zgknBm0irkkEWjsVekG3fjqB2XemFUFoR/rKktYM+YiDy/yoZU3nsCwGWyC7vsBx
GyqySKKxZSLFzeV88FbOr8N7zviB69hywhCvuwmmOI18Uxal+kVM22m6l2XIvre+
XshVDPwvayI+dHpF4MBSC5Dfzy0yuVLtleTtZWLaryaoNC6//8+Pn/T+ax3X/N6X
fLxs/RaOhlLDEsLTyktgI8lKGlPix0d0A6zH5o68lov6E6tNwWlJJ9Q6OwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLkahZl+cjz2sZe9sN0Ao9fhAEv4MB8GA1UdIwQY
MBaAFERyj7McTr37m/EpdFuRvS4u6O8xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhLUHN4eE92ZnViOFNsMFc1RzlMaTdvN3pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zYWM3NjEtOWFkOC00NTEzLThhMzIt
MWY1NWQ5OTk5ZWViLzEvdVJxRm1YNXlQUGF4bDcydzNRQ2oxLUVBU19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zYWM3NjEtOWFkOC00NTEzLThhMzItMWY1NWQ5OTk5ZWVi
LzEvUkhLUHN4eE92ZnViOFNsMFc1RzlMaTdvN3pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8fyAwQA
W9RiAwQAuetVMA0GCSqGSIb3DQEBCwUAA4IBAQAYpxbOcqa80nhrrrd4v/UgkAyj
FyLJQ10HluEJ8KZOkxiLa1pr7v+7Nws2aaVpYdj0UJkeSR0ztGQ8ZSykveNPSjtY
FudGPuP88Q8uOx/aqzFzau7z04wR2uC2FXehLs1rnkmNKfEUkSB0Ky0yXfqk2Avs
ldEeUE3Mb/Co5IQbA862zwil2d9Zxo1Up+50dptIaEy3N+ded2uHjgqv9lCaNKbN
tCJJf9KsT4XqoEUIKJOEKePnGgUPMZP+HQEYz74Wzn0RUx+HMF+QPJzOjhDgYP73
oMLVyj841fHB5k2s3/ujNW8Tj0My3a/xyQaOypSPuaeWOmqNUf0/jvDsjYUz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:30 2024 by rpki-client on console-fra.rpki-client.org