Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/uttkgdXwPA9Vf54fNfkH5kh8BGA.roa
File: uttkgdXwPA9Vf54fNfkH5kh8BGA.roa (raw, json)
Hash identifier: MQT5BK5RtccVG4apXRdfqoBKvmvxc9j5TF2aZ6pOE8k=
Subject key identifier: BA:DB:64:81:D5:F0:3C:0F:55:7F:9E:1F:35:F9:07:E6:48:7C:04:60
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018CC4933547321A7E8D92B2928E46C4B712
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/uttkgdXwPA9Vf54fNfkH5kh8BGA.roa
Signing time: Mon 01 Jan 2024 10:30:30 +0000
ROA not before: Mon 01 Jan 2024 10:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 185.162.73.0/24 maxlen: 24
185.162.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Mar 2024 22:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:35:47:32:1a:7e:8d:92:b2:92:8e:46:c4:b7:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Jan 1 10:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=badb6481d5f03c0f557f9e1f35f907e6487c0460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b9:53:f1:9f:1c:da:7e:82:c5:85:4e:23:ab:
f8:2f:91:ab:e1:28:30:c2:57:cf:9d:16:70:cd:75:
cc:d3:6b:de:86:7a:ff:c2:84:59:7a:9d:ad:b7:6f:
f9:a1:7f:d7:80:09:79:02:81:d1:e9:82:0a:e1:9e:
d3:bb:8d:7b:18:64:91:ac:40:5e:de:73:21:a5:19:
95:e3:80:38:03:1b:54:e3:84:b1:06:0c:2b:d3:cc:
1d:44:d6:f4:72:c7:d5:e5:b5:82:15:b7:08:58:20:
f8:bc:48:7b:2e:bd:be:4b:3f:08:b6:fa:ba:1b:fe:
51:98:e9:95:b8:fd:8f:9f:ab:f5:83:0e:27:ce:c4:
3b:e1:14:d3:65:95:76:e2:cd:35:db:08:b1:90:4e:
3c:f9:5a:67:a5:a3:60:e5:65:91:89:6a:8e:76:c3:
8a:ca:73:a4:00:43:43:48:dc:12:ad:95:fb:fd:a2:
85:48:05:c6:56:26:af:a2:9a:5f:40:a2:c7:61:68:
f7:17:23:e8:78:fe:cc:69:f4:eb:48:c0:25:cd:1b:
c5:d0:79:75:6b:fc:fd:1e:67:d7:b8:22:e4:e3:66:
c0:d2:67:53:af:19:e9:53:a5:59:ea:59:ef:80:1e:
14:b2:89:52:92:18:33:0c:94:60:20:77:03:e9:b7:
fc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:DB:64:81:D5:F0:3C:0F:55:7F:9E:1F:35:F9:07:E6:48:7C:04:60
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/uttkgdXwPA9Vf54fNfkH5kh8BGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.72.0/23
Signature Algorithm: sha256WithRSAEncryption
66:29:d9:8f:6c:b1:59:f6:e0:5b:4f:b7:bc:5a:6a:f7:a3:df:
55:a6:69:3e:66:56:4f:45:03:f4:76:2e:86:d3:3f:94:e3:c0:
fd:e9:66:90:f7:c0:e6:79:8a:29:a2:c1:35:16:4f:46:2f:94:
6c:20:d7:1c:da:97:23:e0:4e:89:cc:b5:76:2c:a5:7b:39:a6:
0c:d3:a0:82:01:02:fe:71:4e:1e:23:95:3e:15:3d:d1:8b:3d:
cf:4a:d7:9b:58:b7:61:b1:d8:52:73:61:11:8e:b3:30:2c:87:
a6:a8:9d:c6:fe:cb:83:de:87:7e:e3:e5:1d:3c:27:86:a8:5f:
e1:b3:25:bf:56:87:c9:d1:3c:57:b2:cc:9e:e3:b7:5d:f0:61:
cc:0a:2e:7d:f1:3f:c7:26:55:c3:18:79:52:15:1f:cf:6b:6b:
5b:28:47:c1:2f:4e:44:d9:da:51:a5:67:09:2f:86:74:5a:3c:
ae:5b:ee:b1:0f:8a:4d:aa:f0:63:7d:70:1c:2e:85:80:3e:48:
d4:3c:ae:ee:04:7a:ee:9d:1f:45:1d:f4:04:02:16:a0:bd:f0:
8b:71:53:ab:1e:a0:fa:9a:ea:41:e0:37:d3:6f:2f:e8:60:c8:
ac:e8:49:8d:2a:85:ba:47:4b:43:fd:1c:26:5f:42:a5:0e:3b:
49:b7:0c:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkzVHMhp+jZKyko5GxLcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjQwMTAxMTAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWRiNjQ4MWQ1ZjAzYzBmNTU3ZjllMWYzNWY5MDdlNjQ4N2MwNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjblT8Z8c2n6CxYVOI6v4L5Gr4Sgw
wlfPnRZwzXXM02vehnr/woRZep2tt2/5oX/XgAl5AoHR6YIK4Z7Tu417GGSRrEBe
3nMhpRmV44A4AxtU44SxBgwr08wdRNb0csfV5bWCFbcIWCD4vEh7Lr2+Sz8Itvq6
G/5RmOmVuP2Pn6v1gw4nzsQ74RTTZZV24s012wixkE48+VpnpaNg5WWRiWqOdsOK
ynOkAENDSNwSrZX7/aKFSAXGViavoppfQKLHYWj3FyPoeP7MafTrSMAlzRvF0Hl1
a/z9HmfXuCLk42bA0mdTrxnpU6VZ6lnvgB4UsolSkhgzDJRgIHcD6bf8SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrbZIHV8DwPVX+eHzX5B+ZIfARgMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvdXR0a2dkWHdQQTlWZjU0Zk5ma0g1a2g4QkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaJIMA0G
CSqGSIb3DQEBCwUAA4IBAQBmKdmPbLFZ9uBbT7e8Wmr3o99Vpmk+ZlZPRQP0di6G
0z+U48D96WaQ98DmeYoposE1Fk9GL5RsINcc2pcj4E6JzLV2LKV7OaYM06CCAQL+
cU4eI5U+FT3Riz3PStebWLdhsdhSc2ERjrMwLIemqJ3G/suD3od+4+UdPCeGqF/h
syW/VofJ0TxXssye47dd8GHMCi598T/HJlXDGHlSFR/Pa2tbKEfBL05E2dpRpWcJ
L4Z0WjyuW+6xD4pNqvBjfXAcLoWAPkjUPK7uBHrunR9FHfQEAhagvfCLcVOrHqD6
mupB4DfTby/oYMis6EmNKoW6R0tD/RwmX0KlDjtJtwyW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:19 2024 by rpki-client on console-fra.rpki-client.org