Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/uG064KufcXsHwFtCfP8zLCE20HE.roa
File: uG064KufcXsHwFtCfP8zLCE20HE.roa (raw, json)
Hash identifier: zD5+dK1g5XC/Wefi4W50mVdR1P93e0t06kRqxocLYq0=
Subject key identifier: B8:6D:3A:E0:AB:9F:71:7B:07:C0:5B:42:7C:FF:33:2C:21:36:D0:71
Certificate issuer: /CN=d301991fc343f358c0f2eebae55cf2da34521c7a
Certificate serial: 01856F5DAFA50FDBD98565DF7EFEF52B35A1
Authority key identifier: D3:01:99:1F:C3:43:F3:58:C0:F2:EE:BA:E5:5C:F2:DA:34:52:1C:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0wGZH8ND81jA8u665Vzy2jRSHHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/uG064KufcXsHwFtCfP8zLCE20HE.roa
Signing time: Sun 01 Jan 2023 22:04:48 +0000
ROA not before: Sun 01 Jan 2023 22:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57866
IP address blocks: 185.52.236.0/22 maxlen: 22
45.141.104.0/22 maxlen: 22
37.139.136.0/21 maxlen: 21
2a00:a7c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:af:a5:0f:db:d9:85:65:df:7e:fe:f5:2b:35:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d301991fc343f358c0f2eebae55cf2da34521c7a
Validity
Not Before: Jan 1 22:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b86d3ae0ab9f717b07c05b427cff332c2136d071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4e:14:05:66:9b:44:f3:48:0d:06:d7:de:2e:
db:e3:18:18:0b:5a:5f:0c:57:71:0f:a5:3c:d2:e1:
71:f9:ac:c8:60:0c:85:f9:e8:00:83:9c:de:c8:20:
0b:b9:0e:d8:1b:d7:d0:41:7e:32:28:89:5b:fb:21:
3f:cc:28:f4:0c:00:ad:b0:07:85:6c:5a:94:20:9a:
eb:90:be:42:f0:b8:2e:dc:0d:05:6a:62:33:60:36:
3c:08:7b:48:dd:21:da:e3:6c:7d:7d:1f:f3:e7:73:
76:5c:ed:1d:0c:ab:97:67:9f:e0:9c:ae:b0:0e:b6:
dc:54:f0:e4:1b:26:77:fe:a7:02:87:f1:b8:b8:2f:
25:03:10:94:c6:2b:e1:cf:14:fc:7d:c9:53:52:96:
87:db:27:a6:2b:99:3c:8a:8d:bd:40:a9:57:c5:bc:
c5:f9:79:eb:e3:b0:18:1a:e5:c9:60:b5:18:cf:b3:
6f:ae:2d:12:4a:53:dc:23:82:dc:4a:3e:0b:8e:d6:
cc:dd:52:6a:76:71:d1:8a:3a:1a:aa:14:4a:35:6c:
93:e3:dc:70:22:0b:64:0a:41:c8:69:92:63:19:8f:
f1:01:2a:76:a0:32:9c:9d:01:97:a8:d6:b4:bf:bc:
c8:fc:20:81:50:3f:f8:2f:67:e2:4f:f5:f3:26:07:
f3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6D:3A:E0:AB:9F:71:7B:07:C0:5B:42:7C:FF:33:2C:21:36:D0:71
X509v3 Authority Key Identifier:
keyid:D3:01:99:1F:C3:43:F3:58:C0:F2:EE:BA:E5:5C:F2:DA:34:52:1C:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wGZH8ND81jA8u665Vzy2jRSHHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/uG064KufcXsHwFtCfP8zLCE20HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c36f83-8b35-4d05-a334-f98c483015d7/1/0wGZH8ND81jA8u665Vzy2jRSHHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.136.0/21
45.141.104.0/22
185.52.236.0/22
IPv6:
2a00:a7c0::/32
Signature Algorithm: sha256WithRSAEncryption
59:de:ee:68:e3:06:53:bb:ec:29:47:a4:1d:8b:0a:53:ad:8b:
fc:d5:63:d1:d9:9d:f4:81:76:92:d2:83:40:f8:de:4e:15:8b:
71:3c:3e:32:b7:71:b5:37:ec:66:33:22:3c:13:3b:ee:52:52:
f0:57:0e:e2:87:91:86:48:8b:59:91:bd:76:12:de:71:6f:03:
60:95:f1:9a:05:78:8a:03:ec:93:88:37:d6:ad:eb:67:cd:8e:
09:39:5e:f7:92:50:d2:86:6d:d0:f8:ed:43:ea:13:01:a1:60:
95:6c:13:c0:7b:8f:9a:5e:b9:00:06:8e:8e:3c:bf:93:f6:57:
d3:24:f3:8d:09:22:67:cc:14:20:9e:24:03:4a:a9:50:43:e5:
9b:4c:5d:72:82:f2:9d:60:65:fc:81:ff:7e:92:f8:81:8a:74:
9e:e9:60:5c:15:88:15:dd:03:bb:02:4b:c0:43:a6:28:67:a5:
a9:1b:52:53:48:d1:8e:f0:d0:fb:c5:83:32:54:62:e2:4c:ee:
7a:2b:87:33:5d:a7:5e:b8:82:31:21:7d:c4:52:79:dd:b3:1c:
eb:31:4c:a2:41:c1:7d:d4:5a:75:24:fb:b4:50:35:b7:e5:8b:
0a:85:d3:01:52:9b:e9:b3:85:f5:4a:56:db:fd:ae:1a:e1:f4:
4a:5d:58:e7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvXa+lD9vZhWXffv71KzWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDE5OTFmYzM0M2YzNThjMGYyZWViYWU1NWNmMmRhMzQ1
MjFjN2EwHhcNMjMwMTAxMjIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZkM2FlMGFiOWY3MTdiMDdjMDViNDI3Y2ZmMzMyYzIxMzZkMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi04UBWabRPNIDQbX3i7b4xgYC1pf
DFdxD6U80uFx+azIYAyF+egAg5zeyCALuQ7YG9fQQX4yKIlb+yE/zCj0DACtsAeF
bFqUIJrrkL5C8Lgu3A0FamIzYDY8CHtI3SHa42x9fR/z53N2XO0dDKuXZ5/gnK6w
DrbcVPDkGyZ3/qcCh/G4uC8lAxCUxivhzxT8fclTUpaH2yemK5k8io29QKlXxbzF
+Xnr47AYGuXJYLUYz7Nvri0SSlPcI4LcSj4LjtbM3VJqdnHRijoaqhRKNWyT49xw
IgtkCkHIaZJjGY/xASp2oDKcnQGXqNa0v7zI/CCBUD/4L2fiT/XzJgfz2wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLhtOuCrn3F7B8BbQnz/MywhNtBxMB8GA1UdIwQY
MBaAFNMBmR/DQ/NYwPLuuuVc8to0Uhx6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdHWkg4TkQ4MWpBOHU2NjVWenkyalJTSEhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jMzZmODMtOGIzNS00ZDA1LWEzMzQt
Zjk4YzQ4MzAxNWQ3LzEvdUcwNjRLdWZjWHNId0Z0Q2ZQOHpMQ0UyMEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jMzZmODMtOGIzNS00ZDA1LWEzMzQtZjk4YzQ4MzAxNWQ3
LzEvMHdHWkg4TkQ4MWpBOHU2NjVWenkyalJTSEhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJYuIAwQC
LY1oAwQCuTTsMA0EAgACMAcDBQAqAKfAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ3u5o
4wZTu+wpR6QdiwpTrYv81WPR2Z30gXaS0oNA+N5OFYtxPD4yt3G1N+xmMyI8Ezvu
UlLwVw7ih5GGSItZkb12Et5xbwNglfGaBXiKA+yTiDfWretnzY4JOV73klDShm3Q
+O1D6hMBoWCVbBPAe4+aXrkABo6OPL+T9lfTJPONCSJnzBQgniQDSqlQQ+WbTF1y
gvKdYGX8gf9+kviBinSe6WBcFYgV3QO7AkvAQ6YoZ6WpG1JTSNGO8ND7xYMyVGLi
TO56K4czXadeuIIxIX3EUnndsxzrMUyiQcF91Fp1JPu0UDW35YsKhdMBUpvps4X1
Slbb/a4a4fRKXVjn
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:18 2024 by rpki-client on console-ams.rpki-client.org