Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/UlhTEm8z7mvxDK6hjl2kZX-eoJU.roa
File: UlhTEm8z7mvxDK6hjl2kZX-eoJU.roa (raw, json)
Hash identifier: Gw2XK9YW06CNRNOgql6xIU3WfnNJxv6rAVxyDwOcCo0=
Subject key identifier: 52:58:53:12:6F:33:EE:6B:F1:0C:AE:A1:8E:5D:A4:65:7F:9E:A0:95
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FEE2613F8C21550BE3F0FA51C0990
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/UlhTEm8z7mvxDK6hjl2kZX-eoJU.roa
Signing time: Mon 02 Jan 2023 17:38:10 +0000
ROA not before: Mon 02 Jan 2023 17:38:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52041
IP address blocks: 185.227.71.0/24 maxlen: 24
85.202.162.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:ee:26:13:f8:c2:15:50:be:3f:0f:a5:1c:09:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=525853126f33ee6bf10caea18e5da4657f9ea095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:aa:57:c9:8c:bf:14:22:20:76:28:a4:43:fb:
fc:d9:46:35:07:5a:4f:bd:a9:c9:f9:49:50:2f:c8:
a9:b2:7e:a8:c0:5d:5e:e6:76:26:09:2d:4a:54:c0:
dd:aa:4e:0f:40:46:91:34:ac:32:40:aa:56:de:96:
92:3e:f2:2b:09:3d:f1:1e:7b:97:7b:86:2d:7b:a1:
f8:bf:6e:15:7a:e8:a1:5a:23:e4:7d:c3:a2:0d:e3:
94:96:0c:ca:1b:73:ad:e5:b4:0e:cd:58:6e:f5:f4:
36:ed:2e:f6:71:5c:6f:84:f6:71:94:78:14:fa:8c:
65:d5:c9:02:f8:c0:41:60:d7:4d:b3:f7:4f:ff:43:
d8:c6:0f:d8:f8:37:33:2b:4d:72:05:2c:3f:1d:c5:
82:09:8f:8f:a2:86:19:61:b4:09:0a:ed:98:66:e2:
70:4d:30:4d:b9:86:8b:df:a8:df:35:20:08:af:ae:
22:3c:71:92:88:64:ce:48:75:8e:6b:41:74:fe:0e:
48:55:12:08:a2:9e:4f:80:a1:36:b3:71:bf:10:83:
a7:e0:e2:8b:e4:90:8d:04:ed:c2:56:c7:f4:ee:30:
af:85:b7:28:1b:c4:50:56:18:93:73:1a:df:30:b2:
0b:56:54:d4:27:df:59:dc:20:c5:93:5c:82:17:77:
b0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:58:53:12:6F:33:EE:6B:F1:0C:AE:A1:8E:5D:A4:65:7F:9E:A0:95
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/UlhTEm8z7mvxDK6hjl2kZX-eoJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.162.0/24
185.227.71.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:77:d3:08:8e:8d:28:48:03:0b:0f:0d:0f:ec:fa:f8:82:20:
1c:2c:8e:e4:3f:f5:7c:6e:cd:27:c2:ab:c5:79:19:eb:c8:3e:
9a:ab:be:05:7a:f0:88:6f:d8:b1:a4:ff:9b:a6:dc:8f:44:f6:
7b:60:4a:f9:25:4c:f1:3d:0b:69:2d:1b:3b:59:3e:02:aa:74:
28:0e:da:f1:82:37:eb:f8:3d:59:01:95:a6:a7:e4:32:cc:33:
74:a8:ff:59:5f:2a:7d:92:b5:d3:80:2a:4f:c4:56:5d:ac:f3:
92:27:e4:9d:3a:57:b2:f9:cb:78:41:1b:6a:45:bb:1b:d7:b5:
2a:9e:d9:64:b1:be:45:76:c7:ef:7e:96:0d:be:cf:5e:2c:24:
1b:21:fa:ee:4a:a8:29:c5:02:8d:e7:f1:88:5f:1c:fc:4b:62:
45:c0:ce:75:22:d2:cd:0f:3c:8a:62:a8:c5:94:65:06:62:7c:
c0:ef:03:6c:28:3a:a8:32:fa:59:c8:3d:00:7c:ae:dc:a6:d4:
a7:8e:55:6f:26:75:78:b4:58:02:97:d4:f3:92:4e:50:95:76:
af:33:ce:17:7f:3d:f2:29:27:7e:a2:b4:ca:e3:74:5a:6e:98:
9c:b4:42:99:95:fe:ce:0d:a3:22:73:30:fa:e7:6c:27:29:5a:
34:7e:76:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzj+4mE/jCFVC+Pw+lHAmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU4NTMxMjZmMzNlZTZiZjEwY2FlYTE4ZTVkYTQ2NTdmOWVhMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlapXyYy/FCIgdiikQ/v82UY1B1pP
vanJ+UlQL8ipsn6owF1e5nYmCS1KVMDdqk4PQEaRNKwyQKpW3paSPvIrCT3xHnuX
e4Yte6H4v24VeuihWiPkfcOiDeOUlgzKG3Ot5bQOzVhu9fQ27S72cVxvhPZxlHgU
+oxl1ckC+MBBYNdNs/dP/0PYxg/Y+DczK01yBSw/HcWCCY+PooYZYbQJCu2YZuJw
TTBNuYaL36jfNSAIr64iPHGSiGTOSHWOa0F0/g5IVRIIop5PgKE2s3G/EIOn4OKL
5JCNBO3CVsf07jCvhbcoG8RQVhiTcxrfMLILVlTUJ99Z3CDFk1yCF3ewMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJYUxJvM+5r8QyuoY5dpGV/nqCVMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvVWxoVEVtOHo3bXZ4REs2aGpsMmtaWC1lb0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcqiAwQA
ueNHMA0GCSqGSIb3DQEBCwUAA4IBAQBbd9MIjo0oSAMLDw0P7Pr4giAcLI7kP/V8
bs0nwqvFeRnryD6aq74FevCIb9ixpP+bptyPRPZ7YEr5JUzxPQtpLRs7WT4CqnQo
Dtrxgjfr+D1ZAZWmp+QyzDN0qP9ZXyp9krXTgCpPxFZdrPOSJ+SdOley+ct4QRtq
Rbsb17Uqntlksb5FdsfvfpYNvs9eLCQbIfruSqgpxQKN5/GIXxz8S2JFwM51ItLN
DzyKYqjFlGUGYnzA7wNsKDqoMvpZyD0AfK7cptSnjlVvJnV4tFgCl9Tzkk5QlXav
M84Xfz3yKSd+orTK43RabpictEKZlf7ODaMiczD652wnKVo0fnYb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org