Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/uLBLgl11VEcCqTveKPji7yjrCbk.roa
File: uLBLgl11VEcCqTveKPji7yjrCbk.roa (raw, json)
Hash identifier: ARWbZ/zk6wWJZCpK4980zQLpTL9KWAmP82OJ2yUkpqQ=
Subject key identifier: B8:B0:4B:82:5D:75:54:47:02:A9:3B:DE:28:F8:E2:EF:28:EB:09:B9
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A4332CBD147751B7724736840BD1A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/uLBLgl11VEcCqTveKPji7yjrCbk.roa
Signing time: Mon 02 Jan 2023 12:34:53 +0000
ROA not before: Mon 02 Jan 2023 12:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213136
IP address blocks: 185.218.4.0/24 maxlen: 24
185.218.4.0/23 maxlen: 23
185.218.5.0/24 maxlen: 24
185.217.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:43:32:cb:d1:47:75:1b:77:24:73:68:40:bd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8b04b825d75544702a93bde28f8e2ef28eb09b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5a:fb:21:79:b7:47:ca:e0:13:34:77:95:5b:
10:68:3a:52:71:10:47:b7:3f:b9:dd:49:5c:a3:8d:
70:d6:24:6f:76:87:7f:18:3b:bb:9a:03:61:37:ff:
28:59:5d:a0:ed:97:8a:a0:61:8c:96:e4:89:61:0b:
ee:39:a6:17:0f:e7:6d:3e:20:91:f5:6d:7f:3e:85:
91:c5:fe:24:d6:fa:e8:22:b6:03:47:d6:38:e6:48:
4e:cb:67:65:07:58:9b:08:b3:1e:34:cf:40:ce:42:
14:8a:ba:0d:ea:34:e3:5d:bc:d3:88:da:3f:e8:f6:
6e:df:da:52:3d:d6:2f:35:f9:23:d2:ef:d8:c7:8b:
6f:cd:ca:b5:97:a9:c9:e5:ce:66:1b:d0:a4:82:af:
21:ef:ea:ff:e0:c4:a8:f0:9e:9a:d4:71:65:1d:65:
da:33:8c:8d:ce:9c:29:05:86:75:e5:be:1a:b5:fc:
b2:03:b9:8f:8d:9e:c0:13:7a:6f:1e:97:c8:5f:64:
f6:7e:3b:c4:fa:cc:9b:c3:32:00:f5:f8:ac:53:87:
9d:4c:1e:b2:ce:18:c6:4a:5b:ed:21:52:79:de:ea:
21:51:f8:cd:a2:90:e9:88:03:20:c5:56:bc:40:09:
a0:7d:f0:5b:bb:47:e5:0a:00:95:14:68:ce:be:98:
3a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B0:4B:82:5D:75:54:47:02:A9:3B:DE:28:F8:E2:EF:28:EB:09:B9
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/uLBLgl11VEcCqTveKPji7yjrCbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.109.0/24
185.218.4.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:03:99:df:1a:1d:85:09:5a:fd:aa:42:bf:aa:af:a0:09:b9:
ea:a4:6b:98:20:55:84:eb:a1:e6:38:dc:f0:cb:01:13:4f:ea:
da:cb:57:33:51:96:74:41:26:24:f3:df:78:b1:60:bb:a8:23:
47:18:c2:3d:80:56:90:62:ff:c7:8b:67:9b:aa:7d:e1:94:e1:
4d:fc:e7:c1:49:ba:43:76:7c:43:c3:df:da:61:6c:b6:c3:b9:
bc:ea:38:78:d9:f4:79:cd:1a:73:4a:48:73:ad:fc:2b:12:d4:
cc:ce:b8:46:07:e8:b8:e8:f8:13:56:93:bc:c0:31:9f:42:0c:
19:cb:90:2f:3b:98:9a:a2:31:f3:ec:97:a7:8a:e1:52:3f:de:
96:59:da:1e:46:1e:31:a1:b8:62:60:3c:66:a2:17:4b:95:43:
b0:52:d1:e5:7e:a5:5e:93:b5:87:1c:51:da:b3:43:f5:45:51:
2d:66:c6:4c:14:98:2c:13:cb:38:1a:f7:b6:d0:66:09:2f:6c:
d2:c9:47:8a:e3:93:ad:9d:ce:7c:34:b5:01:24:9d:e5:99:81:
c5:87:7a:a7:32:30:70:2b:a0:7e:16:3c:b3:51:a8:f0:78:17:
27:86:41:9c:2c:fd:85:46:c5:ab:9b:d7:27:4a:50:a4:f9:7d:
8a:6e:d7:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyekMyy9FHdRt3JHNoQL0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIwNGI4MjVkNzU1NDQ3MDJhOTNiZGUyOGY4ZTJlZjI4ZWIwOWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFr7IXm3R8rgEzR3lVsQaDpScRBH
tz+53Ulco41w1iRvdod/GDu7mgNhN/8oWV2g7ZeKoGGMluSJYQvuOaYXD+dtPiCR
9W1/PoWRxf4k1vroIrYDR9Y45khOy2dlB1ibCLMeNM9AzkIUiroN6jTjXbzTiNo/
6PZu39pSPdYvNfkj0u/Yx4tvzcq1l6nJ5c5mG9Ckgq8h7+r/4MSo8J6a1HFlHWXa
M4yNzpwpBYZ15b4atfyyA7mPjZ7AE3pvHpfIX2T2fjvE+sybwzIA9fisU4edTB6y
zhjGSlvtIVJ53uohUfjNopDpiAMgxVa8QAmgffBbu0flCgCVFGjOvpg6pwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLiwS4JddVRHAqk73ij44u8o6wm5MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvdUxCTGdsMTFWRWNDcVR2ZUtQamk3eWpyQ2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudltAwQB
udoEMA0GCSqGSIb3DQEBCwUAA4IBAQCMA5nfGh2FCVr9qkK/qq+gCbnqpGuYIFWE
66HmONzwywETT+ray1czUZZ0QSYk8994sWC7qCNHGMI9gFaQYv/Hi2ebqn3hlOFN
/OfBSbpDdnxDw9/aYWy2w7m86jh42fR5zRpzSkhzrfwrEtTMzrhGB+i46PgTVpO8
wDGfQgwZy5AvO5iaojHz7JeniuFSP96WWdoeRh4xobhiYDxmohdLlUOwUtHlfqVe
k7WHHFHas0P1RVEtZsZMFJgsE8s4Gve20GYJL2zSyUeK45Otnc58NLUBJJ3lmYHF
h3qnMjBwK6B+FjyzUajweBcnhkGcLP2FRsWrm9cnSlCk+X2KbtdC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org