Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uqUFMdb2WUb-JpCzVBfMtqQ8FkQ.roa
File: uqUFMdb2WUb-JpCzVBfMtqQ8FkQ.roa (raw, json)
Hash identifier: SnQhOEaAuRlKb2XgW3yPU3gg9/OHEsBzcJ12Iz3IhFA=
Subject key identifier: BA:A5:05:31:D6:F6:59:46:FE:26:90:B3:54:17:CC:B6:A4:3C:16:44
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01897305CC8B1E6DF598C37A29CDC329022F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uqUFMdb2WUb-JpCzVBfMtqQ8FkQ.roa
Signing time: Thu 20 Jul 2023 11:18:27 +0000
ROA not before: Thu 20 Jul 2023 11:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 193.124.3.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
195.133.28.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:05:cc:8b:1e:6d:f5:98:c3:7a:29:cd:c3:29:02:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 20 11:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baa50531d6f65946fe2690b35417ccb6a43c1644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:63:f2:44:f0:94:b6:d7:68:9f:ae:ed:e5:ef:
5e:47:4a:54:d4:a7:f4:22:36:ad:c1:4d:7a:91:37:
b0:1a:a7:38:2d:c1:aa:77:70:7b:a6:fd:37:2e:f8:
ed:11:c4:5f:fb:5e:cc:9f:01:00:50:99:03:38:7a:
ea:a8:3b:a0:88:29:1f:be:f5:63:0b:2b:77:b6:bf:
76:00:b5:19:ca:c2:4d:e4:d9:f0:a6:91:1c:2f:78:
70:62:a5:c5:f6:ae:d9:b5:c3:65:3b:c5:36:46:7e:
29:47:dc:a5:9f:64:78:82:73:d3:4e:74:c1:df:9a:
6d:62:1d:6e:66:c8:58:74:f4:c0:b5:93:c9:ce:bd:
89:8a:67:49:1e:36:ec:d5:35:3b:c4:92:1c:9a:ef:
3b:28:d0:64:0d:58:52:25:e9:84:c3:b4:9d:f8:f2:
20:90:14:3c:9a:51:13:f5:05:20:e0:46:d6:88:21:
d1:f1:02:8c:99:c0:92:78:ec:72:b6:06:fb:33:48:
82:19:6e:4b:6a:99:a3:d6:47:80:7f:d5:3f:7a:11:
e8:af:b2:84:85:d4:0c:4d:a8:5e:2a:e2:00:de:42:
c0:5c:83:d1:78:df:ff:ea:5b:e8:fa:7f:97:94:23:
18:3e:42:b7:1a:ae:f6:e8:07:f4:88:c2:76:a1:13:
5c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A5:05:31:D6:F6:59:46:FE:26:90:B3:54:17:CC:B6:A4:3C:16:44
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uqUFMdb2WUb-JpCzVBfMtqQ8FkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
193.124.3.0/24
193.124.8.0/24
194.58.59.0/24
194.87.161.0/24
194.87.229.0/24
195.133.28.0/24
212.192.30.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
95:84:bb:13:1a:ac:2f:a2:86:33:95:70:cf:90:42:43:df:3c:
ae:43:48:e3:9d:63:b0:9c:32:71:a7:ef:b5:96:61:36:ca:c8:
f8:f2:df:ff:0b:34:fc:7a:8c:99:ea:a9:96:39:58:0d:50:32:
81:14:26:ff:35:ca:1c:86:47:b2:66:72:63:52:61:08:d1:6d:
34:ed:62:3b:4c:c9:6a:f0:be:c8:8c:96:d6:f9:d2:f5:e0:75:
95:4d:cb:f5:29:22:15:cd:72:b9:95:2c:7f:c3:70:89:e1:ad:
2f:08:42:d0:90:49:36:c7:f2:c3:0d:ce:31:94:2e:0e:0c:da:
03:75:47:dd:71:81:de:76:be:4c:1c:02:83:ce:d4:a6:18:ae:
fb:c1:59:4f:c0:e4:b1:2c:c0:cb:93:6f:e5:3f:a4:75:ac:a9:
66:9e:23:40:65:59:23:6d:1a:98:82:26:5c:c5:01:7a:23:2a:
88:66:f6:48:ac:0c:0d:10:7a:8c:88:8a:9b:6e:df:62:79:c3:
45:79:71:e2:ba:a6:7c:bc:9c:b2:62:4a:e5:27:04:20:2c:49:
a3:c9:cb:c4:14:5d:0c:1d:73:bd:1f:40:ea:94:1d:52:cc:ad:
95:f8:f9:c4:94:6c:58:47:72:64:42:28:57:56:2d:70:9d:c5:
8d:5b:7e:6d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYlzBcyLHm31mMN6Kc3DKQIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIwMTExODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE1MDUzMWQ2ZjY1OTQ2ZmUyNjkwYjM1NDE3Y2NiNmE0M2MxNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGPyRPCUttdon67t5e9eR0pU1Kf0
IjatwU16kTewGqc4LcGqd3B7pv03LvjtEcRf+17MnwEAUJkDOHrqqDugiCkfvvVj
Cyt3tr92ALUZysJN5NnwppEcL3hwYqXF9q7ZtcNlO8U2Rn4pR9yln2R4gnPTTnTB
35ptYh1uZshYdPTAtZPJzr2JimdJHjbs1TU7xJIcmu87KNBkDVhSJemEw7Sd+PIg
kBQ8mlET9QUg4EbWiCHR8QKMmcCSeOxytgb7M0iCGW5Lapmj1keAf9U/ehHor7KE
hdQMTaheKuIA3kLAXIPReN//6lvo+n+XlCMYPkK3Gq726Af0iMJ2oRNcbQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLqlBTHW9llG/iaQs1QXzLakPBZEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdXFVRk1kYjJXVWItSnBDelZCZk10cVE4RmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAuUgLAwQA
wXwDAwQAwXwIAwQAwjo7AwQAwlehAwQAwlflAwQAw4UcAwQA1MAeAwQA1MEPMA0G
CSqGSIb3DQEBCwUAA4IBAQCVhLsTGqwvooYzlXDPkEJD3zyuQ0jjnWOwnDJxp++1
lmE2ysj48t//CzT8eoyZ6qmWOVgNUDKBFCb/NcochkeyZnJjUmEI0W007WI7TMlq
8L7IjJbW+dL14HWVTcv1KSIVzXK5lSx/w3CJ4a0vCELQkEk2x/LDDc4xlC4ODNoD
dUfdcYHedr5MHAKDztSmGK77wVlPwOSxLMDLk2/lP6R1rKlmniNAZVkjbRqYgiZc
xQF6IyqIZvZIrAwNEHqMiIqbbt9iecNFeXHiuqZ8vJyyYkrlJwQgLEmjycvEFF0M
HXO9H0DqlB1SzK2V+PnElGxYR3JkQihXVi1wncWNW35t
-----END CERTIFICATE-----
Generated at Thu Jul 27 16:08:30 2023 by rpki-client on console-ams.rpki-client.org