Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/UrgIPf7rCANf-2XFz-3sGV_gHfo.roa
File: UrgIPf7rCANf-2XFz-3sGV_gHfo.roa (raw, json)
Hash identifier: SQjb/ORIu4wPtF+WSh3FEfpfUUjoAo9EJ3jG55sXpwc=
Subject key identifier: 52:B8:08:3D:FE:EB:08:03:5F:FB:65:C5:CF:ED:EC:19:5F:E0:1D:FA
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 018BD9D02F86182726D804BE8F5E22EA31E2
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/UrgIPf7rCANf-2XFz-3sGV_gHfo.roa
Signing time: Thu 16 Nov 2023 20:26:21 +0000
ROA not before: Thu 16 Nov 2023 20:26:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 5.182.244.0/24 maxlen: 24
185.233.245.0/24 maxlen: 24
89.200.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d9:d0:2f:86:18:27:26:d8:04:be:8f:5e:22:ea:31:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Nov 16 20:26:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52b8083dfeeb08035ffb65c5cfedec195fe01dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:42:12:f4:0b:15:00:0c:f4:24:f7:ab:b4:f0:
ab:b3:fa:82:67:7c:15:1b:0f:7b:a6:dd:90:3d:53:
8e:54:21:9e:da:2b:dc:d8:2a:58:2a:09:21:45:15:
10:a2:a3:4d:3f:3d:cd:ff:4e:52:4e:59:51:1a:6f:
a7:99:b3:14:50:db:f1:39:08:7e:2d:a9:2f:a1:d8:
b7:e8:6d:48:e9:bb:52:4a:c9:a5:aa:dc:8d:70:98:
20:ff:42:2f:a8:8b:66:95:85:d1:c5:17:c0:e1:f4:
5a:76:a9:be:d0:ca:11:6a:11:c1:98:fc:fb:0e:a1:
a2:b4:36:13:ec:6b:ba:88:ac:fd:68:f8:b9:a8:85:
c1:65:44:68:db:8d:fd:4b:fd:36:b3:d9:56:74:b1:
a1:75:d8:8e:10:4f:d4:47:4f:c1:74:ee:03:42:d5:
71:da:1d:8b:61:12:07:73:14:31:2e:3c:78:5a:3f:
a0:97:4b:30:a0:71:80:4d:bc:3c:62:fd:d7:b9:6f:
fc:21:5a:fe:7e:32:84:ef:b6:41:60:c7:e8:f8:d4:
4a:23:4b:2c:40:be:7c:9a:b5:e8:07:bd:18:e4:45:
8f:ad:63:9c:91:a6:05:2e:39:a8:aa:07:60:8d:6f:
b1:d1:16:f6:56:ca:f4:db:67:80:b5:0a:2e:09:a2:
fd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B8:08:3D:FE:EB:08:03:5F:FB:65:C5:CF:ED:EC:19:5F:E0:1D:FA
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/UrgIPf7rCANf-2XFz-3sGV_gHfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.244.0/24
89.200.219.0/24
185.233.245.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:59:c6:92:4d:fb:bf:d4:26:14:a9:51:89:7b:26:cf:c1:57:
da:73:97:c3:c3:e3:42:85:a0:d4:08:c8:6a:58:b8:82:57:fe:
40:9d:05:93:b7:8a:e0:5b:d7:fa:bf:ec:cb:79:8b:6c:ca:a0:
a6:7d:31:78:4d:00:b9:08:5f:e5:59:71:d5:6c:42:85:2b:81:
bf:09:7f:5b:2e:39:3d:c5:b2:b1:7d:39:70:b5:a3:c4:a5:2e:
0b:c0:02:ce:9f:63:0e:27:d4:ae:c0:6d:35:76:69:f4:0f:90:
38:b8:2e:12:dd:ef:5f:c7:a6:97:60:7a:5f:58:06:f6:15:3d:
d1:5a:3b:ab:a5:59:b9:6b:6e:12:ff:67:e9:1c:d7:d1:98:19:
52:eb:96:3f:6c:00:79:34:7c:83:0c:ef:6b:5a:72:80:c1:ac:
d9:d3:85:40:b7:ea:33:24:a9:46:58:d6:9c:fc:5a:55:9d:47:
ff:27:14:48:31:4f:3c:c8:98:46:dc:a1:8a:c5:c7:22:9a:b4:
9e:02:76:2e:95:95:c5:93:6a:21:38:e1:98:31:7c:f8:7f:4c:
d7:b4:31:d9:6a:f5:48:db:6d:f4:4b:e2:f9:4c:a3:09:be:93:
98:4b:a6:a2:b1:6b:4b:27:fb:53:9f:6d:2e:af:d7:3a:b4:c0:
19:76:a6:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvZ0C+GGCcm2AS+j14i6jHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjMxMTE2MjAyNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI4MDgzZGZlZWIwODAzNWZmYjY1YzVjZmVkZWMxOTVmZTAxZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUIS9AsVAAz0JPertPCrs/qCZ3wV
Gw97pt2QPVOOVCGe2ivc2CpYKgkhRRUQoqNNPz3N/05STllRGm+nmbMUUNvxOQh+
Lakvodi36G1I6btSSsmlqtyNcJgg/0IvqItmlYXRxRfA4fRadqm+0MoRahHBmPz7
DqGitDYT7Gu6iKz9aPi5qIXBZURo2439S/02s9lWdLGhddiOEE/UR0/BdO4DQtVx
2h2LYRIHcxQxLjx4Wj+gl0swoHGATbw8Yv3XuW/8IVr+fjKE77ZBYMfo+NRKI0ss
QL58mrXoB70Y5EWPrWOckaYFLjmoqgdgjW+x0Rb2Vsr022eAtQouCaL96wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFK4CD3+6wgDX/tlxc/t7Blf4B36MB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvVXJnSVBmN3JDQU5mLTJYRnotM3NHVl9nSGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbb0AwQA
WcjbAwQAuen1MA0GCSqGSIb3DQEBCwUAA4IBAQB+WcaSTfu/1CYUqVGJeybPwVfa
c5fDw+NChaDUCMhqWLiCV/5AnQWTt4rgW9f6v+zLeYtsyqCmfTF4TQC5CF/lWXHV
bEKFK4G/CX9bLjk9xbKxfTlwtaPEpS4LwALOn2MOJ9SuwG01dmn0D5A4uC4S3e9f
x6aXYHpfWAb2FT3RWjurpVm5a24S/2fpHNfRmBlS65Y/bAB5NHyDDO9rWnKAwazZ
04VAt+ozJKlGWNac/FpVnUf/JxRIMU88yJhG3KGKxccimrSeAnYulZXFk2ohOOGY
MXz4f0zXtDHZavVI2230S+L5TKMJvpOYS6aisWtLJ/tTn20ur9c6tMAZdqZs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:51 2024 by rpki-client on console-fra.rpki-client.org