Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G1UK-rUKI22Q3fEUzCZRuIrfXp0.roa
File: G1UK-rUKI22Q3fEUzCZRuIrfXp0.roa (raw, json)
Hash identifier: vA2hZnAu4TvPfT7V5/3uHdR2G6akDezclTSf+YQpVmA=
Subject key identifier: 1B:55:0A:FA:B5:0A:23:6D:90:DD:F1:14:CC:26:51:B8:8A:DF:5E:9D
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FD6AE5D307890D41D1E56AEBCCC9B
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G1UK-rUKI22Q3fEUzCZRuIrfXp0.roa
Signing time: Mon 02 Jan 2023 17:38:04 +0000
ROA not before: Mon 02 Jan 2023 17:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 45.140.220.0/23 maxlen: 23
185.242.225.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:d6:ae:5d:30:78:90:d4:1d:1e:56:ae:bc:cc:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b550afab50a236d90ddf114cc2651b88adf5e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:81:21:1b:d3:81:62:23:ce:ff:c3:04:47:97:
e9:58:0c:0f:04:09:e0:06:36:0e:64:24:d3:fa:c8:
6a:0f:d3:55:40:91:d5:ee:e8:26:a1:bc:e1:ad:85:
d3:52:b3:e8:c4:c5:eb:c6:48:94:3b:1a:c1:88:fb:
6b:be:28:e5:66:ce:be:09:c4:0c:af:04:c2:70:80:
0d:be:0a:a5:85:04:0a:3d:6f:60:8c:5e:c2:a5:90:
d4:d7:eb:b4:b7:69:5d:c5:9f:00:0c:ae:e2:99:e5:
54:c8:22:3d:55:44:23:f4:e9:08:35:23:d6:e0:92:
57:af:c2:b5:88:9f:33:6c:19:ab:a5:7b:da:00:3e:
9b:19:97:c5:70:6d:55:e4:67:15:03:e2:03:11:56:
b3:0c:4b:fa:12:f2:41:35:bf:8a:97:76:40:c0:3c:
43:08:5f:e9:95:1c:65:d2:be:66:e7:05:da:63:42:
01:c6:b4:69:50:a1:7b:1a:78:ac:79:e9:31:28:2a:
d7:e7:e1:a9:23:b8:0f:70:86:6f:59:6f:33:b8:e0:
c9:28:14:a0:2e:20:29:c4:7f:37:12:aa:2b:60:36:
5e:aa:05:48:58:40:26:68:b3:20:0c:21:03:12:f7:
83:50:df:29:52:6e:f7:01:36:03:e5:03:c7:23:bc:
60:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:55:0A:FA:B5:0A:23:6D:90:DD:F1:14:CC:26:51:B8:8A:DF:5E:9D
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/G1UK-rUKI22Q3fEUzCZRuIrfXp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.220.0/23
77.83.241.0/24
185.242.225.0/24
Signature Algorithm: sha256WithRSAEncryption
67:68:a0:04:58:87:44:bd:cc:bc:ce:74:ef:4c:19:e2:b7:dd:
9a:3d:14:6a:9f:b5:83:4d:f1:8e:db:2d:99:24:c1:6c:1b:f6:
fd:9d:a2:60:e9:a9:05:31:f6:55:9e:f5:14:26:ee:b4:a0:7b:
4a:d1:1c:13:b6:28:74:04:36:56:f0:33:c4:62:9c:f0:66:13:
13:45:6d:bf:83:3d:3c:df:23:b7:9f:34:36:5c:0f:33:23:ea:
c8:59:5d:da:0f:3e:44:f0:f8:2c:0d:94:00:a4:5d:00:2b:70:
94:61:52:89:e7:66:5f:0e:d2:50:9e:57:14:e8:61:c8:1f:68:
c8:be:f2:d2:03:c4:b0:c9:21:81:c3:92:59:e7:2b:59:7d:1e:
98:c8:5d:ff:30:f7:2e:10:5f:3c:22:03:10:9a:eb:f9:91:58:
7c:87:9a:9f:3d:8f:a9:60:ac:dc:90:73:dd:e6:8b:8c:57:e4:
f1:26:1f:d3:b0:ea:03:76:cf:6f:dc:0e:12:6a:5b:61:4e:9e:
1d:29:65:96:59:07:cf:e4:e9:7c:14:cb:90:64:ad:2e:03:e9:
45:3e:bf:a3:16:06:ea:30:21:ca:19:5c:88:e6:df:be:0c:0a:
94:c7:7b:71:5b:0a:42:ac:69:00:d4:eb:6e:f4:e8:d0:45:76:
08:09:a8:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzj9auXTB4kNQdHlauvMybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjU1MGFmYWI1MGEyMzZkOTBkZGYxMTRjYzI2NTFiODhhZGY1ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4EhG9OBYiPO/8MER5fpWAwPBAng
BjYOZCTT+shqD9NVQJHV7ugmobzhrYXTUrPoxMXrxkiUOxrBiPtrvijlZs6+CcQM
rwTCcIANvgqlhQQKPW9gjF7CpZDU1+u0t2ldxZ8ADK7imeVUyCI9VUQj9OkINSPW
4JJXr8K1iJ8zbBmrpXvaAD6bGZfFcG1V5GcVA+IDEVazDEv6EvJBNb+Kl3ZAwDxD
CF/plRxl0r5m5wXaY0IBxrRpUKF7GniseekxKCrX5+GpI7gPcIZvWW8zuODJKBSg
LiApxH83EqorYDZeqgVIWEAmaLMgDCEDEveDUN8pUm73ATYD5QPHI7xgFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBtVCvq1CiNtkN3xFMwmUbiK316dMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRzFVSy1yVUtJMjJRM2ZFVXpDWlJ1SXJmWHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYzcAwQA
TVPxAwQAufLhMA0GCSqGSIb3DQEBCwUAA4IBAQBnaKAEWIdEvcy8znTvTBnit92a
PRRqn7WDTfGO2y2ZJMFsG/b9naJg6akFMfZVnvUUJu60oHtK0RwTtih0BDZW8DPE
YpzwZhMTRW2/gz083yO3nzQ2XA8zI+rIWV3aDz5E8PgsDZQApF0AK3CUYVKJ52Zf
DtJQnlcU6GHIH2jIvvLSA8SwySGBw5JZ5ytZfR6YyF3/MPcuEF88IgMQmuv5kVh8
h5qfPY+pYKzckHPd5ouMV+TxJh/TsOoDds9v3A4SalthTp4dKWWWWQfP5Ol8FMuQ
ZK0uA+lFPr+jFgbqMCHKGVyI5t++DAqUx3txWwpCrGkA1Otu9OjQRXYICagP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-ams.rpki-client.org