Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/UrcJGmJGLfMQEkQXQc4iDlKk22I.roa
File: UrcJGmJGLfMQEkQXQc4iDlKk22I.roa (raw, json)
Hash identifier: e3RFWoTfV+RwhNvUr07Ig1ZOffvsKOKYu7t0VFCrDKw=
Subject key identifier: 52:B7:09:1A:62:46:2D:F3:10:12:44:17:41:CE:22:0E:52:A4:DB:62
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 0188229D8A1CCFAE65E3E4B7BA23BB1B1DD4
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/UrcJGmJGLfMQEkQXQc4iDlKk22I.roa
Signing time: Tue 16 May 2023 03:32:09 +0000
ROA not before: Tue 16 May 2023 03:32:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.139.25.0/24 maxlen: 24
185.139.27.0/24 maxlen: 24
185.235.32.0/24 maxlen: 24
185.100.212.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:22:9d:8a:1c:cf:ae:65:e3:e4:b7:ba:23:bb:1b:1d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: May 16 03:32:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52b7091a62462df31012441741ce220e52a4db62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5c:a4:a9:57:06:b1:a5:11:1a:e4:f8:34:97:
2a:af:ff:64:83:91:95:71:4c:54:94:f7:0d:72:78:
ee:69:5e:ba:7f:c0:d2:16:6c:00:6a:5e:bb:52:a1:
3e:df:9d:2d:03:d8:cb:c3:d5:10:d8:b0:4c:f8:92:
18:c2:cc:83:5a:d4:79:f5:bf:aa:49:59:09:3c:d7:
c9:1a:21:6d:d2:d5:81:0d:40:6f:86:f9:b5:9f:89:
15:6b:6a:0e:5b:e8:d5:47:71:ed:58:84:9b:a0:82:
5a:fd:ab:d8:7e:30:b3:96:c7:41:6c:35:29:5d:17:
4c:df:4a:f5:38:9d:d8:a0:ad:54:f6:10:8c:f7:a6:
8a:f8:33:4f:49:a5:66:f7:ff:93:65:c1:ff:7a:f0:
ff:30:8d:96:6a:bf:25:27:b9:e3:f5:b5:43:47:ae:
c5:78:0c:06:81:bd:0c:06:32:ea:de:df:af:18:d3:
98:5e:18:e2:71:31:d9:c2:c5:88:d7:2e:50:fa:78:
c3:da:db:7d:ec:27:9b:65:1f:fd:7b:d7:17:77:66:
30:de:d0:c8:6d:6e:ee:cc:1e:b1:96:0b:fb:97:59:
c0:17:ce:37:91:68:e2:f5:93:91:d8:59:6a:87:da:
a7:fc:5e:bd:c5:95:83:ec:38:a1:dd:ba:36:81:8e:
6b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B7:09:1A:62:46:2D:F3:10:12:44:17:41:CE:22:0E:52:A4:DB:62
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/UrcJGmJGLfMQEkQXQc4iDlKk22I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.212.0/22
185.139.25.0/24
185.139.27.0/24
185.235.32.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:29:e8:2f:cd:e1:cb:e0:62:0f:55:bc:3e:4e:42:cf:5e:c3:
7e:09:cd:ac:b6:01:73:53:8f:f6:75:ee:ff:fe:c1:3f:61:27:
41:5c:49:f0:0e:80:0d:bc:83:e2:a8:b3:4f:8d:6f:de:1c:f7:
3b:a1:6b:36:45:94:18:e7:13:b8:60:fb:c0:1a:27:c9:e9:cd:
4d:a3:ef:3b:9c:83:2f:7a:92:86:d6:ae:a3:11:ff:ed:44:0f:
aa:0b:5a:89:0e:20:9b:7f:6a:a4:85:a0:4f:1d:51:51:5a:a6:
f3:73:05:f4:c6:d5:ae:1c:0b:b3:6e:35:ae:41:6a:8d:9b:97:
12:88:5f:fc:5c:26:34:c8:73:1a:5c:68:d8:86:c0:2e:7a:34:
67:aa:ef:b5:04:83:5d:74:ce:3a:28:1c:e9:3e:2a:0d:88:26:
d1:6b:e5:a6:6e:54:e8:d8:5a:35:90:97:08:cd:4f:4c:bc:e7:
11:af:5d:ab:f8:31:61:ce:f4:ac:02:7a:7a:e9:67:fe:47:4a:
6b:2f:d8:7e:0a:56:ce:e3:12:53:76:7f:a9:94:0c:f4:ba:89:
55:bb:eb:dc:a4:f9:ab:8d:07:ab:df:c7:91:cf:81:09:bf:0b:
18:80:a0:2a:7d:89:e6:2f:e2:16:39:9f:bf:17:95:bc:30:29:
1c:f6:4c:d4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYginYocz65l4+S3uiO7Gx3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMwNTE2MDMzMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI3MDkxYTYyNDYyZGYzMTAxMjQ0MTc0MWNlMjIwZTUyYTRkYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVykqVcGsaURGuT4NJcqr/9kg5GV
cUxUlPcNcnjuaV66f8DSFmwAal67UqE+350tA9jLw9UQ2LBM+JIYwsyDWtR59b+q
SVkJPNfJGiFt0tWBDUBvhvm1n4kVa2oOW+jVR3HtWISboIJa/avYfjCzlsdBbDUp
XRdM30r1OJ3YoK1U9hCM96aK+DNPSaVm9/+TZcH/evD/MI2War8lJ7nj9bVDR67F
eAwGgb0MBjLq3t+vGNOYXhjicTHZwsWI1y5Q+njD2tt97CebZR/9e9cXd2Yw3tDI
bW7uzB6xlgv7l1nAF843kWji9ZOR2Flqh9qn/F69xZWD7Dih3bo2gY5rgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFK3CRpiRi3zEBJEF0HOIg5SpNtiMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvVXJjSkdtSkdMZk1RRWtRWFFjNGlEbEtrMjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuWTUAwQA
uYsZAwQAuYsbAwQAuesgMA0GCSqGSIb3DQEBCwUAA4IBAQB6KegvzeHL4GIPVbw+
TkLPXsN+Cc2stgFzU4/2de7//sE/YSdBXEnwDoANvIPiqLNPjW/eHPc7oWs2RZQY
5xO4YPvAGifJ6c1No+87nIMvepKG1q6jEf/tRA+qC1qJDiCbf2qkhaBPHVFRWqbz
cwX0xtWuHAuzbjWuQWqNm5cSiF/8XCY0yHMaXGjYhsAuejRnqu+1BINddM46KBzp
PioNiCbRa+WmblTo2Fo1kJcIzU9MvOcRr12r+DFhzvSsAnp66Wf+R0prL9h+ClbO
4xJTdn+plAz0uolVu+vcpPmrjQer38eRz4EJvwsYgKAqfYnmL+IWOZ+/F5W8MCkc
9kzU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-ams.rpki-client.org