Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uPTUm9N8q-l_kdVNSzRRVUL-wc0.roa
File: uPTUm9N8q-l_kdVNSzRRVUL-wc0.roa (raw, json)
Hash identifier: tbqjnhgC8rED6Cz3dZzIKWXPOflTDSZz0tBtkNLxhPE=
Subject key identifier: B8:F4:D4:9B:D3:7C:AB:E9:7F:91:D5:4D:4B:34:51:55:42:FE:C1:CD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185D363E5FE47E376E0CEA5D006460BE589
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uPTUm9N8q-l_kdVNSzRRVUL-wc0.roa
Signing time: Sat 21 Jan 2023 08:13:37 +0000
ROA not before: Sat 21 Jan 2023 08:13:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 193.124.45.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Jan 2023 08:07:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d3:63:e5:fe:47:e3:76:e0:ce:a5:d0:06:46:0b:e5:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 21 08:13:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8f4d49bd37cabe97f91d54d4b34515542fec1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a0:29:5c:af:2f:a3:2d:72:67:22:fe:77:df:
d6:c8:d6:98:c5:bb:4a:07:0a:d9:99:d8:b4:84:b8:
0e:93:cf:93:d4:8f:92:e8:f4:9e:77:36:b4:1b:0f:
23:33:89:90:03:68:e3:cb:b1:0b:78:22:5f:65:e9:
c9:02:ed:d7:3e:91:90:80:cb:23:e0:cd:81:a9:1a:
8e:e1:9f:3e:09:ed:c0:99:59:2b:0c:90:44:38:54:
68:cc:46:cc:5f:cf:9b:65:cb:33:0d:fe:82:d1:22:
4d:1f:90:ea:cb:13:3b:79:8a:05:e3:87:77:01:dc:
f5:20:38:aa:df:92:85:d0:78:0a:68:86:33:d9:7c:
89:42:bb:44:79:87:20:36:e3:87:1c:39:22:69:1b:
83:4a:f3:07:52:aa:2c:c1:3c:88:f7:21:62:dc:3f:
00:7c:c6:58:e0:f8:0a:b7:ce:c9:5c:da:d2:f8:f9:
61:16:b3:5b:cf:d0:2e:e1:ea:d0:b3:0d:06:cd:30:
3b:47:36:7a:e8:45:00:ee:98:6e:c4:da:54:9e:eb:
0b:8b:f8:ec:48:49:93:99:66:62:46:e6:bb:db:a6:
17:71:88:51:aa:02:4b:e0:af:fe:0d:03:e9:c6:54:
24:b4:00:1f:b0:4b:f7:be:fb:da:5d:09:82:5b:15:
cb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F4:D4:9B:D3:7C:AB:E9:7F:91:D5:4D:4B:34:51:55:42:FE:C1:CD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uPTUm9N8q-l_kdVNSzRRVUL-wc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0/24
194.58.58.0/24
194.58.67.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:44:d9:cb:b5:65:92:34:02:eb:20:a1:81:27:eb:cd:8c:93:
19:08:f9:5d:b4:65:5d:d7:00:d6:76:b6:28:e2:f7:c7:04:3f:
49:b4:77:c6:24:b2:ed:e7:24:f1:4c:04:ed:5d:42:98:f2:cb:
41:c2:41:5f:6b:c6:ec:e0:e2:1c:50:6a:74:d9:ee:95:41:73:
67:05:ac:b5:1c:2b:04:dd:eb:40:e8:6d:98:2a:54:db:de:9b:
85:74:fd:0a:c0:6a:c8:d5:d2:5a:97:f0:ed:2c:62:a7:f5:87:
91:68:0b:aa:85:53:a2:96:8e:a9:aa:52:df:c0:ef:27:35:f9:
95:34:31:e0:b5:8c:02:6c:2a:03:d7:83:3e:24:8d:0d:de:02:
b1:4d:1b:0c:81:83:02:6d:55:fb:27:7b:de:1e:33:f5:9a:bc:
86:53:b8:e6:c1:ac:30:13:17:4c:ea:21:2c:65:e0:7b:f7:14:
f7:a1:75:50:83:bb:f3:04:ca:aa:6a:e6:75:d3:98:39:74:60:
15:b3:a9:73:ba:3c:b7:f3:3e:ae:78:5b:2e:b2:58:0b:f4:fd:
4a:0d:e9:05:1b:a9:58:0d:d9:f0:b1:62:0e:0c:43:60:a4:0b:
ec:b1:21:a8:4b:47:c0:49:e9:98:99:a1:45:32:54:85:cb:06:
d2:c4:b4:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXTY+X+R+N24M6l0AZGC+WJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTIxMDgxMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGY0ZDQ5YmQzN2NhYmU5N2Y5MWQ1NGQ0YjM0NTE1NTQyZmVjMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaApXK8voy1yZyL+d9/WyNaYxbtK
BwrZmdi0hLgOk8+T1I+S6PSedza0Gw8jM4mQA2jjy7ELeCJfZenJAu3XPpGQgMsj
4M2BqRqO4Z8+Ce3AmVkrDJBEOFRozEbMX8+bZcszDf6C0SJNH5DqyxM7eYoF44d3
Adz1IDiq35KF0HgKaIYz2XyJQrtEeYcgNuOHHDkiaRuDSvMHUqoswTyI9yFi3D8A
fMZY4PgKt87JXNrS+PlhFrNbz9Au4erQsw0GzTA7RzZ66EUA7phuxNpUnusLi/js
SEmTmWZiRua726YXcYhRqgJL4K/+DQPpxlQktAAfsEv3vvvaXQmCWxXL1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLj01JvTfKvpf5HVTUs0UVVC/sHNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdVBUVW05TjhxLWxfa2RWTlN6UlJWVUwtd2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXwtAwQA
wjo6AwQAwjpDMA0GCSqGSIb3DQEBCwUAA4IBAQAsRNnLtWWSNALrIKGBJ+vNjJMZ
CPldtGVd1wDWdrYo4vfHBD9JtHfGJLLt5yTxTATtXUKY8stBwkFfa8bs4OIcUGp0
2e6VQXNnBay1HCsE3etA6G2YKlTb3puFdP0KwGrI1dJal/DtLGKn9YeRaAuqhVOi
lo6pqlLfwO8nNfmVNDHgtYwCbCoD14M+JI0N3gKxTRsMgYMCbVX7J3veHjP1mryG
U7jmwawwExdM6iEsZeB79xT3oXVQg7vzBMqqauZ105g5dGAVs6lzujy38z6ueFsu
slgL9P1KDekFG6lYDdnwsWIODENgpAvssSGoS0fASemYmaFFMlSFywbSxLTp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org