Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/c0a790-4ed9-44c3-8dfd-0bef9a3baba8/1/uUC29s87ozCWbKn0GKsWFZawJRI.roa
File: uUC29s87ozCWbKn0GKsWFZawJRI.roa (raw, json)
Hash identifier: F0QSj6jXz8edaIGeqRs1zp9phdB22sDWVBZa/NGXY40=
Subject key identifier: B9:40:B6:F6:CF:3B:A3:30:96:6C:A9:F4:18:AB:16:15:96:B0:25:12
Certificate issuer: /CN=10bda8ca86948d9fe029da111a0c9e70d3046a5a
Certificate serial: 018775989B65F44582D1C0E23528D727AEB1
Authority key identifier: 10:BD:A8:CA:86:94:8D:9F:E0:29:DA:11:1A:0C:9E:70:D3:04:6A:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EL2oyoaUjZ_gKdoRGgyecNMEalo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/c0a790-4ed9-44c3-8dfd-0bef9a3baba8/1/uUC29s87ozCWbKn0GKsWFZawJRI.roa
Signing time: Wed 12 Apr 2023 13:12:28 +0000
ROA not before: Wed 12 Apr 2023 13:12:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15995
IP address blocks: 185.97.44.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:98:9b:65:f4:45:82:d1:c0:e2:35:28:d7:27:ae:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10bda8ca86948d9fe029da111a0c9e70d3046a5a
Validity
Not Before: Apr 12 13:12:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b940b6f6cf3ba330966ca9f418ab161596b02512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:21:63:ee:b0:db:f8:b0:a3:b0:c7:44:de:e0:
0a:c5:a0:d6:93:d9:77:61:4b:c8:d3:b0:ee:f7:a8:
37:6d:94:26:f2:49:4a:66:f2:87:e8:96:d8:9e:af:
df:7b:d7:96:c6:2a:49:c5:d7:60:fd:df:35:cf:08:
0f:dd:69:ae:1b:b9:15:75:b3:91:5b:44:7e:26:d1:
3a:06:ef:0a:bd:8e:c4:92:bd:ec:fe:a2:ae:24:1c:
43:8a:a8:61:37:a5:41:09:8c:ad:0e:81:ff:15:5d:
62:46:37:4c:35:c7:60:74:96:be:84:dc:4a:be:03:
80:87:b7:b3:1e:f4:91:68:68:79:5d:0c:73:f4:fa:
5f:1f:0f:c1:1b:1c:6b:3b:70:15:b4:6d:2a:af:eb:
c9:0e:e9:ba:c5:1b:60:fd:0f:21:6a:20:fa:b0:f5:
3d:35:e5:93:81:10:56:13:a1:9a:15:0c:1f:a2:f3:
00:25:e9:f5:20:c6:67:a6:ba:7a:d5:21:ef:ff:25:
46:51:e9:d5:8e:e2:12:26:a0:bd:9b:25:20:2f:a0:
a9:ef:aa:df:4b:a3:70:91:b2:23:a2:ae:69:f3:17:
7d:57:c8:3d:18:4d:dd:50:e1:ca:12:05:e4:ca:42:
6c:e2:c7:68:34:97:46:ad:4e:e3:b1:40:69:70:f5:
c0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:40:B6:F6:CF:3B:A3:30:96:6C:A9:F4:18:AB:16:15:96:B0:25:12
X509v3 Authority Key Identifier:
keyid:10:BD:A8:CA:86:94:8D:9F:E0:29:DA:11:1A:0C:9E:70:D3:04:6A:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EL2oyoaUjZ_gKdoRGgyecNMEalo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/c0a790-4ed9-44c3-8dfd-0bef9a3baba8/1/uUC29s87ozCWbKn0GKsWFZawJRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/c0a790-4ed9-44c3-8dfd-0bef9a3baba8/1/EL2oyoaUjZ_gKdoRGgyecNMEalo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.44.0/22
Signature Algorithm: sha256WithRSAEncryption
27:c2:a1:7f:ab:02:b6:d1:f7:7a:e4:3a:b1:f5:c9:6b:ac:c9:
22:d1:23:2b:6a:40:a7:3f:ca:58:51:a4:a2:75:ed:5f:65:51:
4b:21:c7:f7:a3:e0:08:13:f7:ec:7c:f2:e0:e1:60:c2:06:89:
00:5a:94:ce:41:e9:4d:63:d1:6d:99:06:0d:33:e2:36:e1:de:
69:f6:2b:49:a0:a3:22:64:1a:2e:5a:0f:3a:ba:1a:2c:4e:14:
4d:11:23:ef:61:c1:50:6c:6e:19:31:59:e8:d8:90:3a:b1:24:
14:73:90:57:a7:a3:66:27:eb:28:00:c8:3b:8b:1c:54:1a:bf:
db:6b:52:c9:e7:94:a7:c2:22:11:1e:d8:8b:83:52:92:85:b0:
dd:ad:1a:28:98:5e:2e:d5:a6:84:63:11:51:aa:4a:d4:39:35:
b0:50:fb:97:48:d2:98:92:63:e8:93:68:c6:e8:7a:a9:4a:16:
46:b7:48:2b:d3:a6:09:5e:6a:c4:05:1d:c0:f0:1c:52:70:94:
f1:e1:44:40:23:41:4e:d7:1a:29:26:c0:f1:0f:fe:98:9d:01:
3f:f2:4d:86:ad:88:b7:91:76:82:63:5f:cf:cf:1e:40:b7:e9:
a5:0c:47:80:e7:57:62:8f:e6:3f:61:bd:63:62:76:9b:c3:ca:
65:ab:84:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd1mJtl9EWC0cDiNSjXJ66xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYmRhOGNhODY5NDhkOWZlMDI5ZGExMTFhMGM5ZTcwZDMw
NDZhNWEwHhcNMjMwNDEyMTMxMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTQwYjZmNmNmM2JhMzMwOTY2Y2E5ZjQxOGFiMTYxNTk2YjAyNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyFj7rDb+LCjsMdE3uAKxaDWk9l3
YUvI07Du96g3bZQm8klKZvKH6JbYnq/fe9eWxipJxddg/d81zwgP3WmuG7kVdbOR
W0R+JtE6Bu8KvY7Ekr3s/qKuJBxDiqhhN6VBCYytDoH/FV1iRjdMNcdgdJa+hNxK
vgOAh7ezHvSRaGh5XQxz9PpfHw/BGxxrO3AVtG0qr+vJDum6xRtg/Q8haiD6sPU9
NeWTgRBWE6GaFQwfovMAJen1IMZnprp61SHv/yVGUenVjuISJqC9myUgL6Cp76rf
S6NwkbIjoq5p8xd9V8g9GE3dUOHKEgXkykJs4sdoNJdGrU7jsUBpcPXAqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlAtvbPO6Mwlmyp9BirFhWWsCUSMB8GA1UdIwQY
MBaAFBC9qMqGlI2f4CnaERoMnnDTBGpaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUwyb3lvYVVqWl9nS2RvUkdneWVjTk1FYWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9jMGE3OTAtNGVkOS00NGMzLThkZmQt
MGJlZjlhM2JhYmE4LzEvdVVDMjlzODdvekNXYktuMEdLc1dGWmF3SlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9jMGE3OTAtNGVkOS00NGMzLThkZmQtMGJlZjlhM2JhYmE4
LzEvRUwyb3lvYVVqWl9nS2RvUkdneWVjTk1FYWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWEsMA0G
CSqGSIb3DQEBCwUAA4IBAQAnwqF/qwK20fd65Dqx9clrrMki0SMrakCnP8pYUaSi
de1fZVFLIcf3o+AIE/fsfPLg4WDCBokAWpTOQelNY9FtmQYNM+I24d5p9itJoKMi
ZBouWg86uhosThRNESPvYcFQbG4ZMVno2JA6sSQUc5BXp6NmJ+soAMg7ixxUGr/b
a1LJ55SnwiIRHtiLg1KShbDdrRoomF4u1aaEYxFRqkrUOTWwUPuXSNKYkmPok2jG
6HqpShZGt0gr06YJXmrEBR3A8BxScJTx4URAI0FO1xopJsDxD/6YnQE/8k2GrYi3
kXaCY1/Pzx5At+mlDEeA51dij+Y/Yb1jYnabw8plq4Tz
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:39 2024 by rpki-client on console-ams.rpki-client.org