Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/UvEHpDsn_i-E9JEOTbYej-zh-Jw.roa
File: UvEHpDsn_i-E9JEOTbYej-zh-Jw.roa (raw, json)
Hash identifier: Hwaxv4j9Kp6CiffbYy7Ii3RESbWZ4vyiBLMJPHG3x0o=
Subject key identifier: 52:F1:07:A4:3B:27:FE:2F:84:F4:91:0E:4D:B6:1E:8F:EC:E1:F8:9C
Certificate issuer: /CN=9870bf4f95350d0377fa8938bf4f2dcb7e72ff12
Certificate serial: 01856DD3FE46C3418599C674D6DF559633B3
Authority key identifier: 98:70:BF:4F:95:35:0D:03:77:FA:89:38:BF:4F:2D:CB:7E:72:FF:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/UvEHpDsn_i-E9JEOTbYej-zh-Jw.roa
Signing time: Sun 01 Jan 2023 14:54:47 +0000
ROA not before: Sun 01 Jan 2023 14:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3194
IP address blocks: 5.10.225.0/24 maxlen: 24
5.10.226.0/24 maxlen: 24
5.10.224.0/24 maxlen: 24
5.10.229.0/24 maxlen: 24
5.10.230.0/24 maxlen: 24
5.10.227.0/24 maxlen: 24
5.10.231.0/24 maxlen: 24
5.10.228.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:fe:46:c3:41:85:99:c6:74:d6:df:55:96:33:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9870bf4f95350d0377fa8938bf4f2dcb7e72ff12
Validity
Not Before: Jan 1 14:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52f107a43b27fe2f84f4910e4db61e8fece1f89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5b:d1:d9:e1:15:04:ee:7c:ff:36:85:7a:a0:
f6:63:18:25:2a:de:2d:a8:95:f2:c4:fb:76:8c:15:
d3:33:fc:38:d6:96:3b:19:c8:2e:ff:8c:64:fc:4a:
58:89:ec:41:26:4f:26:f4:49:4c:92:d6:13:ff:4c:
e0:17:5d:6e:5c:31:30:4e:dd:3a:c0:69:32:2f:35:
d5:8a:2c:c5:dc:80:ee:7e:5c:08:e5:25:e5:12:b3:
b1:f3:bb:2a:73:20:96:24:5f:ba:60:10:d8:d1:7b:
6e:30:c8:9f:45:b2:34:f0:91:cd:32:78:4f:64:ca:
c5:3d:83:c4:0b:98:8c:79:68:79:0a:d2:b8:fd:a1:
b4:ed:1c:62:3e:24:99:8b:7c:95:52:32:fa:b3:6d:
bc:88:ae:e6:c2:66:a6:cd:77:f6:1c:de:3c:2b:ad:
a9:5e:d4:e0:83:b2:35:21:13:a3:0e:9a:64:51:95:
6c:ed:4f:ae:69:88:8c:b5:d3:66:c3:dc:c0:f2:2e:
cc:25:45:91:1a:f7:63:38:2a:7c:a5:fb:db:a7:d8:
8d:0c:b2:f2:42:6f:ed:df:c6:b6:9f:c6:19:48:9e:
06:1d:a8:f1:ee:e6:cf:8b:78:b9:b2:16:d2:88:14:
44:10:a8:09:df:55:1f:53:1b:38:5b:31:44:58:f4:
28:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F1:07:A4:3B:27:FE:2F:84:F4:91:0E:4D:B6:1E:8F:EC:E1:F8:9C
X509v3 Authority Key Identifier:
keyid:98:70:BF:4F:95:35:0D:03:77:FA:89:38:BF:4F:2D:CB:7E:72:FF:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/UvEHpDsn_i-E9JEOTbYej-zh-Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/mHC_T5U1DQN3-ok4v08ty35y_xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.224.0/21
Signature Algorithm: sha256WithRSAEncryption
45:cd:28:00:3e:03:4b:bc:dd:8e:63:3d:2f:96:60:05:a9:4b:
ec:22:c8:e1:1f:84:56:a0:96:50:b7:84:10:f4:52:b6:0b:b3:
29:cb:bd:ca:09:e4:d9:71:54:a3:ee:4e:96:2c:d1:bb:0b:2c:
b5:00:37:a8:c6:bc:36:ea:dc:12:b5:63:62:16:b2:5d:ca:32:
fb:19:1c:46:ec:56:33:91:e2:bb:1e:e4:68:91:f2:96:55:1a:
1b:b4:65:61:bb:db:92:63:fc:0c:58:76:09:48:4b:e3:30:41:
a5:66:3a:40:26:aa:0f:a8:5d:17:43:9c:38:b8:da:3a:ea:a3:
1f:b6:ed:45:37:a8:1b:ab:a0:4c:f3:1e:92:ef:2e:07:4f:3c:
7e:d4:12:46:25:02:06:c4:5b:ff:e6:e1:a4:f5:65:fa:3e:36:
a2:cc:9d:f7:67:c0:84:e3:9c:71:46:a3:fe:f6:5d:e5:04:1c:
e0:bd:20:1e:a9:ef:69:92:d7:92:25:76:35:9b:76:de:d7:db:
48:81:ff:cc:12:80:2f:76:c9:13:3b:b0:a0:09:92:9e:b8:25:
c7:fd:0f:51:95:39:d3:a8:95:65:5c:9b:6c:2b:f2:bc:ee:d5:
8d:d7:8e:e7:b7:03:87:e1:be:81:b1:f6:1c:63:70:15:54:0d:
6d:bb:f2:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt0/5Gw0GFmcZ01t9VljOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NzBiZjRmOTUzNTBkMDM3N2ZhODkzOGJmNGYyZGNiN2U3
MmZmMTIwHhcNMjMwMTAxMTQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmYxMDdhNDNiMjdmZTJmODRmNDkxMGU0ZGI2MWU4ZmVjZTFmODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVvR2eEVBO58/zaFeqD2YxglKt4t
qJXyxPt2jBXTM/w41pY7Gcgu/4xk/EpYiexBJk8m9ElMktYT/0zgF11uXDEwTt06
wGkyLzXViizF3IDuflwI5SXlErOx87sqcyCWJF+6YBDY0XtuMMifRbI08JHNMnhP
ZMrFPYPEC5iMeWh5CtK4/aG07RxiPiSZi3yVUjL6s228iK7mwmamzXf2HN48K62p
XtTgg7I1IROjDppkUZVs7U+uaYiMtdNmw9zA8i7MJUWRGvdjOCp8pfvbp9iNDLLy
Qm/t38a2n8YZSJ4GHajx7ubPi3i5shbSiBREEKgJ31UfUxs4WzFEWPQoVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLxB6Q7J/4vhPSRDk22Ho/s4ficMB8GA1UdIwQY
MBaAFJhwv0+VNQ0Dd/qJOL9PLct+cv8SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhDX1Q1VTFEUU4zLW9rNHYwOHR5MzV5X3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82MDBhMzctZjk2Ny00NWIxLWExZGQt
MDdhMzE1ZTkwMzNkLzEvVXZFSHBEc25faS1FOUpFT1RiWWVqLXpoLUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82MDBhMzctZjk2Ny00NWIxLWExZGQtMDdhMzE1ZTkwMzNk
LzEvbUhDX1Q1VTFEUU4zLW9rNHYwOHR5MzV5X3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBQrgMA0G
CSqGSIb3DQEBCwUAA4IBAQBFzSgAPgNLvN2OYz0vlmAFqUvsIsjhH4RWoJZQt4QQ
9FK2C7Mpy73KCeTZcVSj7k6WLNG7Cyy1ADeoxrw26twStWNiFrJdyjL7GRxG7FYz
keK7HuRokfKWVRobtGVhu9uSY/wMWHYJSEvjMEGlZjpAJqoPqF0XQ5w4uNo66qMf
tu1FN6gbq6BM8x6S7y4HTzx+1BJGJQIGxFv/5uGk9WX6PjaizJ33Z8CE45xxRqP+
9l3lBBzgvSAeqe9pkteSJXY1m3be19tIgf/MEoAvdskTO7CgCZKeuCXH/Q9RlTnT
qJVlXJtsK/K87tWN147ntwOH4b6BsfYcY3AVVA1tu/K2
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:39 2024 by rpki-client on console-fra.rpki-client.org