Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UxCCphGXvTyM76_gVkeBDPGOECw.roa
File: UxCCphGXvTyM76_gVkeBDPGOECw.roa (raw, json)
Hash identifier: EE+nq7yuxao8WDjFIvostpQBC1vndGeEmPWhtY5vEA4=
Subject key identifier: 53:10:82:A6:11:97:BD:3C:8C:EF:AF:E0:56:47:81:0C:F1:8E:10:2C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01899C7B84B5A70C0F9B9F1AC2D8ED21965D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UxCCphGXvTyM76_gVkeBDPGOECw.roa
Signing time: Fri 28 Jul 2023 12:31:27 +0000
ROA not before: Fri 28 Jul 2023 12:31:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 2.59.254.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:7b:84:b5:a7:0c:0f:9b:9f:1a:c2:d8:ed:21:96:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 28 12:31:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=531082a61197bd3c8cefafe05647810cf18e102c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:8f:bf:d1:80:cc:7b:f9:59:3e:fd:9f:92:
e3:42:5a:55:f8:be:8a:a6:1b:68:d0:28:82:c2:db:
ab:02:e8:2d:2d:04:ea:4f:39:35:56:14:84:e8:0e:
7a:1b:6d:7c:ec:23:ff:1c:bb:d9:29:30:60:a0:2b:
8f:9a:b9:99:4f:10:6c:d7:db:0a:30:ea:b3:4a:b8:
7c:07:55:61:39:f4:92:89:55:e1:a1:75:bc:78:a2:
eb:26:ef:aa:90:f7:3f:f7:d0:f3:ff:75:bb:31:f4:
7a:71:76:79:26:e1:73:55:a8:48:4f:ab:ba:66:39:
4b:bd:da:d2:14:5e:f5:03:ea:ce:e4:9a:3c:32:a7:
1e:67:9f:40:3e:25:aa:1d:9b:b2:b2:be:f7:90:9a:
78:ca:80:57:36:f1:5c:18:ba:aa:59:67:d7:70:66:
99:be:14:a8:1f:2a:1d:43:de:90:75:8b:e5:09:d9:
c8:33:45:7b:3c:58:93:89:b8:dc:11:e7:f9:7f:fe:
ed:8f:90:6c:ce:c4:32:80:d7:9a:d7:aa:01:b5:66:
01:ce:f2:fb:19:3e:d6:ea:c8:7e:ee:05:d7:97:db:
2c:de:07:b9:10:48:a1:ef:e1:b1:62:2d:15:b9:9b:
cf:60:ad:3c:7e:21:51:59:79:f2:86:1d:cb:34:e1:
75:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:10:82:A6:11:97:BD:3C:8C:EF:AF:E0:56:47:81:0C:F1:8E:10:2C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UxCCphGXvTyM76_gVkeBDPGOECw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.254.0/24
87.120.84.0/24
94.156.102.0/24
147.78.103.0/24
Signature Algorithm: sha256WithRSAEncryption
62:32:cf:60:91:5b:34:72:f1:43:87:e6:d3:d0:6a:89:46:e1:
a6:a2:c3:db:96:93:8c:5f:1c:85:42:98:06:4d:83:55:e2:3a:
43:c7:08:f9:2d:06:43:36:1f:78:56:4b:3e:b5:e1:e6:94:85:
e0:93:fb:52:3b:f9:6d:7f:24:f3:7b:36:ec:c9:a0:1c:ac:78:
0e:5f:cf:02:ba:71:5c:7c:e1:30:8a:56:b0:e2:1b:ac:d2:40:
78:14:a5:56:f1:21:ef:a8:ef:c8:db:08:9f:06:c0:50:51:cf:
2a:8a:a6:79:c0:56:d5:90:3c:5e:a8:1c:8a:e6:66:d6:ce:bf:
e9:13:8d:00:8f:b7:6b:68:fe:ca:6f:5b:98:ea:47:9d:f3:45:
24:2d:88:67:45:aa:2d:19:cd:a0:34:c4:4b:2c:54:91:7c:1e:
46:27:d3:ef:03:df:7a:08:fe:fa:b4:53:5a:ed:92:f2:25:09:
83:3c:82:5a:65:2b:4f:9d:0b:db:28:22:23:ae:03:e1:26:57:
d1:2b:7c:da:bd:83:73:8a:03:42:db:03:d4:0d:5b:4a:6a:df:
22:ab:34:cf:e7:90:c7:12:38:8a:b4:e7:5c:b9:6f:da:8c:c5:
ff:14:b6:ff:e9:00:d3:51:b8:9f:9a:d6:a0:d7:fa:c1:b9:15:
22:42:01:e2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmce4S1pwwPm58awtjtIZZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzI4MTIzMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzEwODJhNjExOTdiZDNjOGNlZmFmZTA1NjQ3ODEwY2YxOGUxMDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgaPv9GAzHv5WT79n5LjQlpV+L6K
phto0CiCwturAugtLQTqTzk1VhSE6A56G2187CP/HLvZKTBgoCuPmrmZTxBs19sK
MOqzSrh8B1VhOfSSiVXhoXW8eKLrJu+qkPc/99Dz/3W7MfR6cXZ5JuFzVahIT6u6
ZjlLvdrSFF71A+rO5Jo8MqceZ59APiWqHZuysr73kJp4yoBXNvFcGLqqWWfXcGaZ
vhSoHyodQ96QdYvlCdnIM0V7PFiTibjcEef5f/7tj5BszsQygNea16oBtWYBzvL7
GT7W6sh+7gXXl9ss3ge5EEih7+GxYi0VuZvPYK08fiFRWXnyhh3LNOF1aQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFMQgqYRl708jO+v4FZHgQzxjhAsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVXhDQ3BoR1h2VHlNNzZfZ1ZrZUJEUEdPRUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjv+AwQA
V3hUAwQAXpxmAwQAk05nMA0GCSqGSIb3DQEBCwUAA4IBAQBiMs9gkVs0cvFDh+bT
0GqJRuGmosPblpOMXxyFQpgGTYNV4jpDxwj5LQZDNh94Vks+teHmlIXgk/tSO/lt
fyTzezbsyaAcrHgOX88CunFcfOEwilaw4hus0kB4FKVW8SHvqO/I2wifBsBQUc8q
iqZ5wFbVkDxeqByK5mbWzr/pE40Aj7draP7Kb1uY6ked80UkLYhnRaotGc2gNMRL
LFSRfB5GJ9PvA996CP76tFNa7ZLyJQmDPIJaZStPnQvbKCIjrgPhJlfRK3zavYNz
igNC2wPUDVtKat8iqzTP55DHEjiKtOdcuW/ajMX/FLb/6QDTUbifmtag1/rBuRUi
QgHi
-----END CERTIFICATE-----
Generated at Mon Jul 31 12:30:18 2023 by rpki-client on console-ams.rpki-client.org