Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b4ce9a-4877-4159-bd80-beacb094f80c/1/UOvFrKicDo3JuiH1foHP8V9XGGw.roa
File: UOvFrKicDo3JuiH1foHP8V9XGGw.roa (raw, json)
Hash identifier: sAThOb5mxnI/lAd3wb1pD7QazwCjs31tJaRoDvMRCTk=
Subject key identifier: 50:EB:C5:AC:A8:9C:0E:8D:C9:BA:21:F5:7E:81:CF:F1:5F:57:18:6C
Certificate issuer: /CN=7ccd6dec67b0882d15e3282526980a167b4208b7
Certificate serial: 0185704BC371EC27A800C17E407063C442C9
Authority key identifier: 7C:CD:6D:EC:67:B0:88:2D:15:E3:28:25:26:98:0A:16:7B:42:08:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM1t7GewiC0V4yglJpgKFntCCLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b4ce9a-4877-4159-bd80-beacb094f80c/1/UOvFrKicDo3JuiH1foHP8V9XGGw.roa
Signing time: Mon 02 Jan 2023 02:24:51 +0000
ROA not before: Mon 02 Jan 2023 02:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48614
IP address blocks: 195.93.180.0/23 maxlen: 23
193.106.92.0/22 maxlen: 22
185.185.56.0/22 maxlen: 22
2a0b:4880::/48 maxlen: 48
2a0b:4880:1::/48 maxlen: 48
2a0b:4880:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c3:71:ec:27:a8:00:c1:7e:40:70:63:c4:42:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd6dec67b0882d15e3282526980a167b4208b7
Validity
Not Before: Jan 2 02:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50ebc5aca89c0e8dc9ba21f57e81cff15f57186c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4e:98:32:cd:a6:c4:b4:20:fe:7e:69:f8:40:
ee:76:b8:f3:0c:65:71:21:72:ec:47:a8:fe:b9:bc:
ff:92:66:1b:23:ab:81:4a:f4:2c:85:df:0d:59:c8:
d3:40:db:f5:1f:2d:a9:95:f2:22:0a:b6:dd:90:dd:
fe:c0:bc:5e:3c:ce:cf:99:cb:b0:8f:33:3a:48:a6:
e9:87:c4:c5:9e:ee:47:32:48:d3:ac:e9:37:c3:62:
e6:90:67:09:1f:7f:fa:b9:dd:bf:cb:f7:ac:a8:60:
7c:14:67:d9:a5:4c:7f:73:50:a1:27:91:33:b4:42:
c7:08:07:5f:b3:98:db:09:97:a2:ea:fd:0e:de:58:
e1:21:e4:fb:f9:48:80:c1:ae:c8:6b:04:4c:77:19:
9b:ba:3e:5a:61:8d:ae:7d:a0:34:5f:fa:b9:4a:48:
11:87:bd:1e:b1:29:41:0a:c1:05:28:30:e4:db:2c:
51:eb:27:78:dd:e5:a1:a1:3d:47:ae:a2:3c:a6:92:
7e:e0:e2:f3:96:af:3d:6f:3f:81:76:5b:0d:15:dd:
a7:ed:7b:96:47:47:fc:12:04:20:21:41:10:b9:2d:
cd:64:d5:d7:8b:25:c8:62:a6:48:10:8f:38:d2:21:
cd:e2:7c:79:2c:14:7f:4d:0c:7a:49:63:31:ef:11:
1d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EB:C5:AC:A8:9C:0E:8D:C9:BA:21:F5:7E:81:CF:F1:5F:57:18:6C
X509v3 Authority Key Identifier:
keyid:7C:CD:6D:EC:67:B0:88:2D:15:E3:28:25:26:98:0A:16:7B:42:08:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM1t7GewiC0V4yglJpgKFntCCLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b4ce9a-4877-4159-bd80-beacb094f80c/1/UOvFrKicDo3JuiH1foHP8V9XGGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b4ce9a-4877-4159-bd80-beacb094f80c/1/fM1t7GewiC0V4yglJpgKFntCCLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.56.0/22
193.106.92.0/22
195.93.180.0/23
IPv6:
2a0b:4880::-2a0b:4880:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ae:ec:ac:88:b4:60:6c:1c:66:f1:40:0d:e5:69:81:f2:6d:0c:
a8:23:00:55:41:41:65:d2:4d:4b:f6:b6:5b:e5:30:8c:ff:43:
1e:75:09:48:07:ef:89:cb:08:75:a8:d4:0a:e5:b8:f8:b8:11:
b3:55:7b:bf:84:e0:b5:37:bb:9e:5e:20:d0:73:0c:73:6c:bf:
a5:99:86:db:ac:27:9d:fa:5b:a4:c0:f4:df:a4:fe:35:ac:5b:
f1:c5:1e:ce:95:f3:f4:a6:02:ad:a1:90:5c:69:7e:11:d7:5f:
fe:41:b2:65:cf:26:59:5f:a1:34:1c:1b:e5:52:df:26:4b:8a:
ad:4d:60:9c:79:8e:8a:08:46:42:16:31:11:24:08:1e:76:22:
e4:b0:29:db:b4:b7:21:e2:ee:6d:0f:17:cc:9e:16:bb:9e:df:
6a:fd:cc:c8:8c:f7:66:e5:f7:33:e4:28:24:5d:76:97:57:0e:
d1:b0:35:79:d0:42:ad:ae:76:40:ab:de:eb:1c:08:e9:31:98:
8e:65:ab:b9:8e:91:f1:0c:ae:9b:ad:61:e3:ca:6a:db:71:96:
22:0d:3b:26:0f:3c:9e:a6:e5:3a:f5:ea:5c:30:07:65:9b:9e:
5c:89:f2:3d:37:9f:51:b7:91:34:17:90:b0:32:77:bd:c3:26:
a3:90:07:9c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVwS8Nx7CeoAMF+QHBjxELJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2Q2ZGVjNjdiMDg4MmQxNWUzMjgyNTI2OTgwYTE2N2I0
MjA4YjcwHhcNMjMwMTAyMDIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGViYzVhY2E4OWMwZThkYzliYTIxZjU3ZTgxY2ZmMTVmNTcxODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy06YMs2mxLQg/n5p+EDudrjzDGVx
IXLsR6j+ubz/kmYbI6uBSvQshd8NWcjTQNv1Hy2plfIiCrbdkN3+wLxePM7Pmcuw
jzM6SKbph8TFnu5HMkjTrOk3w2LmkGcJH3/6ud2/y/esqGB8FGfZpUx/c1ChJ5Ez
tELHCAdfs5jbCZei6v0O3ljhIeT7+UiAwa7IawRMdxmbuj5aYY2ufaA0X/q5SkgR
h70esSlBCsEFKDDk2yxR6yd43eWhoT1HrqI8ppJ+4OLzlq89bz+BdlsNFd2n7XuW
R0f8EgQgIUEQuS3NZNXXiyXIYqZIEI840iHN4nx5LBR/TQx6SWMx7xEdCQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFDrxayonA6Nyboh9X6Bz/FfVxhsMB8GA1UdIwQY
MBaAFHzNbexnsIgtFeMoJSaYChZ7Qgi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk0xdDdHZXdpQzBWNHlnbEpwZ0tGbnRDQ0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNGNlOWEtNDg3Ny00MTU5LWJkODAt
YmVhY2IwOTRmODBjLzEvVU92RnJLaWNEbzNKdWlIMWZvSFA4VjlYR0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iNGNlOWEtNDg3Ny00MTU5LWJkODAtYmVhY2IwOTRmODBj
LzEvZk0xdDdHZXdpQzBWNHlnbEpwZ0tGbnRDQ0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCubk4AwQC
wWpcAwQBw120MBgEAgACMBIwEAMFByoLSIADBwAqC0iAAAIwDQYJKoZIhvcNAQEL
BQADggEBAK7srIi0YGwcZvFADeVpgfJtDKgjAFVBQWXSTUv2tlvlMIz/Qx51CUgH
74nLCHWo1ArluPi4EbNVe7+E4LU3u55eINBzDHNsv6WZhtusJ536W6TA9N+k/jWs
W/HFHs6V8/SmAq2hkFxpfhHXX/5BsmXPJllfoTQcG+VS3yZLiq1NYJx5jooIRkIW
MREkCB52IuSwKdu0tyHi7m0PF8yeFrue32r9zMiM92bl9zPkKCRddpdXDtGwNXnQ
Qq2udkCr3uscCOkxmI5lq7mOkfEMrputYePKattxliINOyYPPJ6m5Tr16lwwB2Wb
nlyJ8j03n1G3kTQXkLAyd73DJqOQB5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org