Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/UEEXbzPkFji7dOzzMoW8E4THPVA.roa
File: UEEXbzPkFji7dOzzMoW8E4THPVA.roa (raw, json)
Hash identifier: v3bvCgLPPUKjxVvNmpQRyPg5AsZPqSNWAGBTMt1WS1s=
Subject key identifier: 50:41:17:6F:33:E4:16:38:BB:74:EC:F3:32:85:BC:13:84:C7:3D:50
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14F9303133501B0D752EBDC82245B6
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/UEEXbzPkFji7dOzzMoW8E4THPVA.roa
Signing time: Sun 01 Jan 2023 20:45:23 +0000
ROA not before: Sun 01 Jan 2023 20:45:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39668
IP address blocks: 217.156.4.0/22 maxlen: 22
85.120.24.0/22 maxlen: 22
193.230.215.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:f9:30:31:33:50:1b:0d:75:2e:bd:c8:22:45:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5041176f33e41638bb74ecf33285bc1384c73d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:91:69:25:20:b8:9e:9b:d6:5b:8d:a5:c8:93:
dc:af:4e:c9:4d:3f:38:45:be:f3:ea:3d:6b:f6:4d:
23:ed:9e:ee:20:ef:c4:5b:dd:98:00:72:e8:e6:bd:
90:5f:89:07:5c:7e:c9:d2:b1:7c:0a:69:51:35:75:
c3:6a:af:95:59:23:76:75:0e:85:f0:0e:9e:24:df:
9a:00:51:85:7c:d8:d7:ce:95:1e:6a:d8:a4:ce:18:
13:68:12:08:68:57:6e:bb:61:3f:b1:7c:a2:cc:42:
f6:0f:fb:7e:c3:9d:20:be:7d:8b:99:ee:da:10:92:
28:6d:12:bc:87:20:74:22:b3:d1:a8:2b:06:3a:ac:
a2:41:e3:4d:ca:c9:0f:bd:a7:4f:6a:4e:8d:65:90:
32:97:d5:b7:f0:d7:b2:12:4f:2e:aa:ab:4b:3a:91:
54:ee:22:aa:e4:85:39:3a:7e:5c:c5:70:95:6d:02:
bd:38:fc:dd:2e:dd:42:54:85:02:94:77:38:77:e4:
b4:36:5f:a4:76:f9:95:0b:f1:92:90:1a:be:b3:90:
33:d5:3e:5d:ac:05:8f:95:f2:75:fe:5a:ca:60:e9:
cb:0f:61:87:a2:d3:7a:cb:b3:93:06:07:d6:f9:be:
46:24:fc:8a:51:45:fd:cc:31:52:44:5c:df:a2:63:
7d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:41:17:6F:33:E4:16:38:BB:74:EC:F3:32:85:BC:13:84:C7:3D:50
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/UEEXbzPkFji7dOzzMoW8E4THPVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.24.0/22
193.230.215.0/24
217.156.4.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:db:37:de:6c:1c:86:21:e7:69:93:87:b1:b7:17:33:4c:b4:
e0:9d:1f:36:b3:90:86:e0:bc:5f:15:ac:d1:2c:4b:0f:cd:8b:
d7:19:e3:39:c8:52:1f:88:10:10:27:4e:18:7d:e0:89:66:7f:
29:4c:a3:8f:1b:a8:91:1b:1b:07:8a:1e:d2:d2:f9:d2:e9:aa:
26:c8:5f:ba:69:13:25:14:bf:bf:15:e4:73:27:be:ee:21:87:
0d:4f:4f:00:32:cb:c8:6a:1f:53:11:2c:f6:4a:cc:a5:6c:c5:
31:37:06:f8:cb:c0:f5:d3:32:6e:0b:64:34:78:ca:a8:c9:84:
08:5d:71:a9:61:c4:ca:eb:c3:a3:49:f2:5d:61:5f:3c:7d:fe:
37:c5:65:fc:71:db:ee:91:3b:ad:fc:25:b6:30:9d:4d:f9:26:
ea:09:c6:26:de:f6:10:01:70:06:b8:f0:62:7a:59:6e:73:46:
b5:af:4b:82:aa:41:e3:69:77:0a:6c:46:20:bb:ec:2c:87:d2:
1e:0d:63:dd:56:39:46:5d:b5:05:6b:10:2f:dd:0e:b8:ff:90:
f4:80:04:d3:0c:53:b5:48:5b:8e:aa:6b:0d:95:3b:81:55:24:
2b:87:4a:61:e7:c2:2c:86:3a:f5:98:d3:3a:ab:10:77:4d:6d:
f0:a9:f7:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvFPkwMTNQGw11Lr3IIkW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQxMTc2ZjMzZTQxNjM4YmI3NGVjZjMzMjg1YmMxMzg0YzczZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZFpJSC4npvWW42lyJPcr07JTT84
Rb7z6j1r9k0j7Z7uIO/EW92YAHLo5r2QX4kHXH7J0rF8CmlRNXXDaq+VWSN2dQ6F
8A6eJN+aAFGFfNjXzpUeatikzhgTaBIIaFduu2E/sXyizEL2D/t+w50gvn2Lme7a
EJIobRK8hyB0IrPRqCsGOqyiQeNNyskPvadPak6NZZAyl9W38NeyEk8uqqtLOpFU
7iKq5IU5On5cxXCVbQK9OPzdLt1CVIUClHc4d+S0Nl+kdvmVC/GSkBq+s5Az1T5d
rAWPlfJ1/lrKYOnLD2GHotN6y7OTBgfW+b5GJPyKUUX9zDFSRFzfomN9TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFBBF28z5BY4u3Ts8zKFvBOExz1QMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvVUVFWGJ6UGtGamk3ZE96ek1vVzhFNFRIUFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVXgYAwQA
webXAwQC2ZwEMA0GCSqGSIb3DQEBCwUAA4IBAQBc2zfebByGIedpk4extxczTLTg
nR82s5CG4LxfFazRLEsPzYvXGeM5yFIfiBAQJ04YfeCJZn8pTKOPG6iRGxsHih7S
0vnS6aomyF+6aRMlFL+/FeRzJ77uIYcNT08AMsvIah9TESz2SsylbMUxNwb4y8D1
0zJuC2Q0eMqoyYQIXXGpYcTK68OjSfJdYV88ff43xWX8cdvukTut/CW2MJ1N+Sbq
CcYm3vYQAXAGuPBielluc0a1r0uCqkHjaXcKbEYgu+wsh9IeDWPdVjlGXbUFaxAv
3Q64/5D0gATTDFO1SFuOqmsNlTuBVSQrh0ph58Ishjr1mNM6qxB3TW3wqffq
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:48 2024 by rpki-client on console-ams.rpki-client.org