Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/Upirxf1AolC7gwPRHElkOHLiMO8.roa
File: Upirxf1AolC7gwPRHElkOHLiMO8.roa (raw, json)
Hash identifier: G3EH/UogteZ5pVextgPEDtvDABwiJq9VDzbilzeDnvo=
Subject key identifier: 52:98:AB:C5:FD:40:A2:50:BB:83:03:D1:1C:49:64:38:72:E2:30:EF
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018750D1B9F45E89FD7E9343052C52916B87
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/Upirxf1AolC7gwPRHElkOHLiMO8.roa
Signing time: Wed 05 Apr 2023 09:48:54 +0000
ROA not before: Wed 05 Apr 2023 09:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16211
IP address blocks: 176.57.32.0/21 maxlen: 21
62.193.32.0/19 maxlen: 19
95.141.96.0/20 maxlen: 20
78.109.240.0/20 maxlen: 20
185.41.4.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:d1:b9:f4:5e:89:fd:7e:93:43:05:2c:52:91:6b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Apr 5 09:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5298abc5fd40a250bb8303d11c49643872e230ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:66:13:27:d2:62:7e:ee:0f:e2:c2:66:c3:a5:
54:dd:bf:66:d6:d3:60:9d:18:2e:d8:8f:40:5c:e9:
c2:2e:b1:73:50:d3:c9:57:cb:77:61:00:75:8c:ec:
a3:ea:e6:86:8b:d0:97:e1:87:31:35:9b:df:cc:c2:
9f:94:e7:cb:2a:6e:d2:cc:e7:ee:bd:d6:0e:b6:6a:
b8:cb:b7:f3:21:90:10:07:40:d2:0e:db:75:40:e4:
8b:24:76:d6:d1:5c:2c:f9:a9:ac:82:bb:f9:9e:c4:
3d:29:66:d0:c9:e0:5c:64:ce:e1:26:54:03:11:7f:
46:79:aa:e3:a2:f3:0a:c9:5f:e6:a8:b8:10:75:67:
42:d6:07:8f:51:ad:d6:68:24:e2:4d:bb:6e:69:14:
e0:fa:23:b1:dd:3b:36:85:42:15:61:64:d2:d8:5a:
e7:b7:32:f1:e2:67:05:29:21:f6:92:62:63:ac:fb:
5e:79:cf:6c:9a:e9:79:5d:24:15:40:e4:d5:ff:67:
6f:1f:89:04:ed:7c:5f:6c:50:41:c0:13:e6:56:e6:
77:b0:67:7b:f3:54:af:16:49:a5:0e:ff:bc:b9:57:
21:c5:04:c6:82:47:e9:9a:26:3d:a7:df:98:03:d3:
6e:c5:90:08:2a:29:7f:e9:fd:2b:3a:c9:9f:54:cf:
dd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:98:AB:C5:FD:40:A2:50:BB:83:03:D1:1C:49:64:38:72:E2:30:EF
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/Upirxf1AolC7gwPRHElkOHLiMO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.193.32.0/19
78.109.240.0/20
95.141.96.0/20
176.57.32.0/21
185.41.4.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:3c:6d:bc:43:2f:7c:9c:ae:7d:20:b3:89:37:73:a1:2b:bb:
dc:8d:cc:82:e2:c0:be:98:5f:d3:78:49:ca:06:da:61:4c:c9:
ad:cd:17:55:66:51:95:5e:3e:d5:04:95:e4:df:27:1d:59:ee:
f3:83:e5:13:a6:4d:0d:ca:12:c6:95:72:e4:51:f5:1c:d9:76:
29:3d:e8:58:02:be:8c:60:b0:59:fb:2b:fe:fb:4a:76:d2:52:
ca:b2:51:1d:9d:0b:6e:1f:f5:19:41:6a:7d:7d:5e:c1:a8:c4:
d6:12:0d:c4:3d:7f:72:80:b8:bc:f0:0d:20:2f:1a:1f:03:35:
c4:c1:94:3f:f1:bb:c2:d5:3f:0c:8d:ec:c1:10:d8:52:8f:60:
b6:a1:bf:1c:6e:92:22:bf:7d:26:cb:e6:45:4a:72:32:af:db:
3a:b3:70:c6:4a:a8:a8:31:4e:5b:4c:da:69:17:b9:d0:2b:7d:
05:23:08:82:a6:f4:9d:fa:32:de:a2:8f:4f:bf:92:8e:cc:e8:
08:0f:e9:b5:79:85:26:aa:a9:7a:2e:4f:3f:d2:e3:79:f5:5d:
a9:dc:e2:47:4e:e7:07:2a:53:f1:51:49:4d:b8:f1:f9:e7:d4:
e0:18:80:49:2a:06:ae:ca:25:01:de:59:02:24:aa:bc:e9:97:
2d:9a:d7:4c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYdQ0bn0Xon9fpNDBSxSkWuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMwNDA1MDk0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjk4YWJjNWZkNDBhMjUwYmI4MzAzZDExYzQ5NjQzODcyZTIzMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WYTJ9Jifu4P4sJmw6VU3b9m1tNg
nRgu2I9AXOnCLrFzUNPJV8t3YQB1jOyj6uaGi9CX4YcxNZvfzMKflOfLKm7SzOfu
vdYOtmq4y7fzIZAQB0DSDtt1QOSLJHbW0Vws+amsgrv5nsQ9KWbQyeBcZM7hJlQD
EX9GearjovMKyV/mqLgQdWdC1gePUa3WaCTiTbtuaRTg+iOx3Ts2hUIVYWTS2Frn
tzLx4mcFKSH2kmJjrPteec9smul5XSQVQOTV/2dvH4kE7XxfbFBBwBPmVuZ3sGd7
81SvFkmlDv+8uVchxQTGgkfpmiY9p9+YA9NuxZAIKil/6f0rOsmfVM/dOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFKYq8X9QKJQu4MD0RxJZDhy4jDvMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvVXBpcnhmMUFvbEM3Z3dQUkhFbGtPSExpTU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFPsEgAwQE
Tm3wAwQEX41gAwQDsDkgAwQCuSkEMA0GCSqGSIb3DQEBCwUAA4IBAQAtPG28Qy98
nK59ILOJN3OhK7vcjcyC4sC+mF/TeEnKBtphTMmtzRdVZlGVXj7VBJXk3ycdWe7z
g+UTpk0NyhLGlXLkUfUc2XYpPehYAr6MYLBZ+yv++0p20lLKslEdnQtuH/UZQWp9
fV7BqMTWEg3EPX9ygLi88A0gLxofAzXEwZQ/8bvC1T8MjezBENhSj2C2ob8cbpIi
v30my+ZFSnIyr9s6s3DGSqioMU5bTNppF7nQK30FIwiCpvSd+jLeoo9Pv5KOzOgI
D+m1eYUmqql6Lk8/0uN59V2p3OJHTucHKlPxUUlNuPH559TgGIBJKgauyiUB3lkC
JKq86ZctmtdM
-----END CERTIFICATE-----
Generated at Thu Nov 30 17:46:32 2023 by rpki-client on console-ams.rpki-client.org