Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Us2GmRlYRq2BIhyD-hVlB4JaoPU.roa
File: Us2GmRlYRq2BIhyD-hVlB4JaoPU.roa (raw, json)
Hash identifier: 1u8KyJCqIgFi6C+cFNEaXJqgTIdmHXGafUuJktu0ScQ=
Subject key identifier: 52:CD:86:99:19:58:46:AD:81:22:1C:83:FA:15:65:07:82:5A:A0:F5
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 018A90082FB92D940DA57B482B9DBD810B55
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Us2GmRlYRq2BIhyD-hVlB4JaoPU.roa
Signing time: Wed 13 Sep 2023 19:32:50 +0000
ROA not before: Wed 13 Sep 2023 19:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207945
IP address blocks: 194.63.152.0/22 maxlen: 22
185.183.72.0/22 maxlen: 22
2a0f:6b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:90:08:2f:b9:2d:94:0d:a5:7b:48:2b:9d:bd:81:0b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Sep 13 19:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52cd8699195846ad81221c83fa156507825aa0f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ac:e6:b2:7e:07:33:b0:7c:f0:52:da:6f:7a:
f7:71:d3:84:b0:7b:cb:c4:d2:37:a2:88:60:ce:b1:
28:1f:56:4e:46:69:86:71:fb:e8:63:91:3b:c0:ea:
76:7e:33:dd:a0:15:47:11:fd:d0:82:17:25:ce:c1:
61:1e:fb:d5:b6:19:26:68:50:1a:1d:0c:f8:c1:88:
40:15:ce:77:76:68:ef:17:86:2f:09:e6:51:5c:dc:
32:d1:18:4c:b8:8f:79:11:7a:3c:1e:66:d5:2d:02:
4d:38:89:e9:f4:fe:c8:a6:b1:3a:c0:44:10:a5:fb:
6a:79:ba:d4:01:1b:1f:a2:66:90:05:e9:cb:c7:29:
6f:de:a6:cb:f9:46:7c:d5:15:11:da:29:65:35:bf:
87:6d:d7:ae:7b:5c:d1:4c:70:74:fc:ea:e6:5e:4d:
2c:25:4c:93:c4:ab:71:44:ff:39:dd:67:a1:cf:8e:
b1:3e:90:75:a6:a9:3e:da:9d:bb:c7:89:29:50:b0:
a3:85:8d:5c:de:ad:c4:62:c7:cf:30:58:90:a0:28:
cb:9f:15:01:4a:da:e8:12:b5:9d:9d:3e:c9:df:e5:
2a:4b:3e:c5:0f:19:e0:19:75:e8:82:fb:0a:e1:f8:
70:10:f7:9d:68:db:05:55:36:5c:e6:a5:7d:46:30:
33:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CD:86:99:19:58:46:AD:81:22:1C:83:FA:15:65:07:82:5A:A0:F5
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Us2GmRlYRq2BIhyD-hVlB4JaoPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.72.0/22
194.63.152.0/22
IPv6:
2a0f:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
79:a2:be:4b:61:12:07:6e:0f:24:18:38:29:f7:6b:26:fc:a1:
68:25:6e:99:2a:22:38:ca:20:a6:3c:ef:db:fe:7f:0b:07:b7:
e9:d8:f7:ff:d9:6d:98:e4:8e:90:5f:bd:a8:20:88:16:81:53:
4f:d6:fb:d8:ef:9e:b9:8a:fb:05:eb:ac:70:42:79:a9:75:be:
4f:d1:0a:f3:81:97:6f:78:99:f0:8a:35:cd:e9:b1:87:46:86:
c3:6f:0b:fe:a6:cc:21:21:0f:f2:01:dc:37:9e:24:ca:52:05:
99:c1:7c:23:e6:3d:0e:41:35:ed:d1:45:d3:03:45:e7:b4:f5:
c3:aa:a8:9b:c8:65:b6:62:8a:23:48:ac:2c:28:51:3f:7f:2d:
d4:4a:4f:ac:f4:54:ff:b8:04:08:6e:0a:77:a9:6f:e8:7b:a9:
d4:22:43:e6:e0:8c:90:48:e1:02:b0:aa:de:ad:8e:fd:a0:e5:
26:01:c1:3b:9c:55:9e:b9:36:43:79:50:da:20:6c:51:18:f7:
89:2c:be:e2:8b:a8:22:25:4f:41:a5:6d:5b:c5:21:fb:d4:ca:
e8:6e:f8:95:69:96:89:0c:19:ea:55:62:48:8a:c9:0d:64:fa:
0e:4d:64:e9:0b:c1:05:1a:92:ec:68:1a:57:b8:8b:ed:d1:d3:
33:da:86:ce
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYqQCC+5LZQNpXtIK529gQtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjMwOTEzMTkzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNkODY5OTE5NTg0NmFkODEyMjFjODNmYTE1NjUwNzgyNWFhMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqzmsn4HM7B88FLab3r3cdOEsHvL
xNI3oohgzrEoH1ZORmmGcfvoY5E7wOp2fjPdoBVHEf3QghclzsFhHvvVthkmaFAa
HQz4wYhAFc53dmjvF4YvCeZRXNwy0RhMuI95EXo8HmbVLQJNOInp9P7IprE6wEQQ
pftqebrUARsfomaQBenLxylv3qbL+UZ81RUR2illNb+Hbdeue1zRTHB0/OrmXk0s
JUyTxKtxRP853Wehz46xPpB1pqk+2p27x4kpULCjhY1c3q3EYsfPMFiQoCjLnxUB
StroErWdnT7J3+UqSz7FDxngGXXogvsK4fhwEPedaNsFVTZc5qV9RjAznQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFLNhpkZWEatgSIcg/oVZQeCWqD1MB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvVXMyR21SbFlScTJCSWh5RC1oVmxCNEphb1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubdIAwQC
wj+YMA0EAgACMAcDBQMqD2uAMA0GCSqGSIb3DQEBCwUAA4IBAQB5or5LYRIHbg8k
GDgp92sm/KFoJW6ZKiI4yiCmPO/b/n8LB7fp2Pf/2W2Y5I6QX72oIIgWgVNP1vvY
7565ivsF66xwQnmpdb5P0QrzgZdveJnwijXN6bGHRobDbwv+pswhIQ/yAdw3niTK
UgWZwXwj5j0OQTXt0UXTA0XntPXDqqibyGW2YoojSKwsKFE/fy3USk+s9FT/uAQI
bgp3qW/oe6nUIkPm4IyQSOECsKrerY79oOUmAcE7nFWeuTZDeVDaIGxRGPeJLL7i
i6giJU9BpW1bxSH71MrobviVaZaJDBnqVWJIiskNZPoOTWTpC8EFGpLsaBpXuIvt
0dMz2obO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org