Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/UyIQ-TE9iR__sF6O4xyrimFmba4.roa
File: UyIQ-TE9iR__sF6O4xyrimFmba4.roa (raw, json)
Hash identifier: 3lcFIFFkWwPJ76Isqqd9FsBs4xPCt8CyU/rwgU2DuRM=
Subject key identifier: 53:22:10:F9:31:3D:89:1F:FF:B0:5E:8E:E3:1C:AB:8A:61:66:6D:AE
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 018C7C90D943A8B9E1850E26131E11CD1734
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/UyIQ-TE9iR__sF6O4xyrimFmba4.roa
Signing time: Mon 18 Dec 2023 10:55:16 +0000
ROA not before: Mon 18 Dec 2023 10:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58030
IP address blocks: 91.238.0.0/24 maxlen: 24
91.237.255.0/24 maxlen: 24
91.237.254.0/24 maxlen: 24
2001:67c:1158::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:90:d9:43:a8:b9:e1:85:0e:26:13:1e:11:cd:17:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Dec 18 10:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=532210f9313d891fffb05e8ee31cab8a61666dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:33:31:e3:8e:c6:ec:1c:65:d3:cf:6b:4e:50:
c1:31:9b:5a:67:d3:81:1f:88:c8:43:a4:4e:50:0e:
ef:2f:b5:53:4c:c6:0b:84:03:30:b4:7d:5c:bb:12:
05:c9:2f:a6:76:30:58:ec:9d:3e:04:a1:a6:0b:1d:
1c:6a:36:b2:9d:75:b8:db:f9:13:9a:5f:e7:b6:cb:
2c:5b:21:bd:fd:65:b9:d6:5e:f4:02:64:1a:63:95:
a9:c6:a0:d0:f3:7a:4d:85:2f:26:bc:48:3a:db:1e:
21:7a:ef:95:23:e0:df:86:f9:0c:69:cf:61:ce:2d:
5f:11:eb:c2:87:bb:35:8d:a5:b6:46:a3:8a:2d:c0:
2b:ca:c3:bc:2e:33:00:47:92:fd:72:7b:cd:38:21:
d6:e6:ad:dd:f5:15:85:f2:af:55:62:0f:6d:14:63:
a9:31:76:a8:be:24:69:b5:d9:3b:e9:da:e0:12:dc:
c2:66:a9:ce:8f:42:7c:cb:0c:df:da:96:2e:0c:a6:
49:4f:6b:08:97:5a:be:48:45:8b:16:75:72:93:44:
20:c6:29:bd:11:6b:cc:fe:6b:c5:13:9f:f4:9d:56:
62:04:f7:eb:f6:58:0d:fd:07:c4:23:7b:92:24:41:
ef:a9:34:99:6a:b5:d4:62:7a:a6:a0:f8:77:d9:b7:
11:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:22:10:F9:31:3D:89:1F:FF:B0:5E:8E:E3:1C:AB:8A:61:66:6D:AE
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/UyIQ-TE9iR__sF6O4xyrimFmba4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0-91.238.0.255
IPv6:
2001:67c:1158::/48
Signature Algorithm: sha256WithRSAEncryption
93:db:bc:0b:f9:a2:fb:59:ef:1d:8a:aa:20:b6:d3:c1:18:28:
77:1c:19:2e:3c:05:c1:0b:fe:45:9c:b8:8f:91:ce:02:2b:d4:
8b:41:bc:75:e4:6f:07:e0:2a:ff:c2:7a:14:db:e9:70:bf:d6:
f1:ba:53:20:38:4b:30:0a:d9:24:61:fc:9a:e2:91:9f:87:96:
74:7a:06:ef:0f:a2:b9:6c:db:b8:6e:69:7e:e3:40:10:08:3d:
51:f9:c3:20:0a:6a:83:45:66:03:47:eb:44:db:57:35:37:b5:
58:81:d5:4f:ad:08:63:31:49:c5:f9:34:09:0c:6d:e8:ac:d2:
40:04:d9:de:02:95:aa:57:29:ea:c0:68:86:c1:cb:c2:1a:f7:
bf:36:f0:ca:7f:96:f6:09:f8:6e:80:d2:af:2d:d0:70:b3:f2:
03:32:2c:de:b5:cc:20:e1:59:73:1e:51:9d:e5:2b:33:e3:3c:
44:c9:7f:a9:08:ca:3e:d5:06:ba:23:f3:4a:40:f6:d3:ae:25:
c4:61:fa:cf:d9:e3:5f:dc:b7:41:63:e1:74:2d:e2:9f:f8:0a:
ec:ba:6f:41:62:88:70:c8:e5:a1:f8:63:46:a1:d9:c8:f0:9f:
3e:54:7f:ff:90:aa:48:37:86:33:f3:d9:67:96:b8:97:06:cd:
8a:c3:dc:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYx8kNlDqLnhhQ4mEx4RzRc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjMxMjE4MTA1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzIyMTBmOTMxM2Q4OTFmZmZiMDVlOGVlMzFjYWI4YTYxNjY2ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDMx447G7Bxl089rTlDBMZtaZ9OB
H4jIQ6ROUA7vL7VTTMYLhAMwtH1cuxIFyS+mdjBY7J0+BKGmCx0cajaynXW42/kT
ml/ntsssWyG9/WW51l70AmQaY5WpxqDQ83pNhS8mvEg62x4heu+VI+DfhvkMac9h
zi1fEevCh7s1jaW2RqOKLcArysO8LjMAR5L9cnvNOCHW5q3d9RWF8q9VYg9tFGOp
MXaoviRptdk76drgEtzCZqnOj0J8ywzf2pYuDKZJT2sIl1q+SEWLFnVyk0Qgxim9
EWvM/mvFE5/0nVZiBPfr9lgN/QfEI3uSJEHvqTSZarXUYnqmoPh32bcRcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMiEPkxPYkf/7BejuMcq4phZm2uMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvVXlJUS1URTlpUl9fc0Y2TzR4eXJpbUZtYmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAFb7f4D
BABb7gAwDwQCAAIwCQMHACABBnwRWDANBgkqhkiG9w0BAQsFAAOCAQEAk9u8C/mi
+1nvHYqqILbTwRgodxwZLjwFwQv+RZy4j5HOAivUi0G8deRvB+Aq/8J6FNvpcL/W
8bpTIDhLMArZJGH8muKRn4eWdHoG7w+iuWzbuG5pfuNAEAg9UfnDIApqg0VmA0fr
RNtXNTe1WIHVT60IYzFJxfk0CQxt6KzSQATZ3gKVqlcp6sBohsHLwhr3vzbwyn+W
9gn4boDSry3QcLPyAzIs3rXMIOFZcx5RneUrM+M8RMl/qQjKPtUGuiPzSkD2064l
xGH6z9njX9y3QWPhdC3in/gK7LpvQWKIcMjlofhjRqHZyPCfPlR//5CqSDeGM/PZ
Z5a4lwbNisPcUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:46 2024 by rpki-client on console-ams.rpki-client.org