Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/UzhuFbT-XVaJFRsoAtB65Kl0leQ.roa
File: UzhuFbT-XVaJFRsoAtB65Kl0leQ.roa (raw, json)
Hash identifier: DDr0LdDFpRimtdiSJk9wkykqFrgsZgr5Ue79SUJBeTQ=
Subject key identifier: 53:38:6E:15:B4:FE:5D:56:89:15:1B:28:02:D0:7A:E4:A9:74:95:E4
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01891A6E36F9750A995160FA84B0520D441F
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/UzhuFbT-XVaJFRsoAtB65Kl0leQ.roa
Signing time: Mon 03 Jul 2023 06:26:17 +0000
ROA not before: Mon 03 Jul 2023 06:26:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 91.243.44.0/22 maxlen: 22
5.188.10.0/23 maxlen: 23
5.8.66.0/23 maxlen: 23
46.161.26.0/24 maxlen: 24
91.243.52.0/22 maxlen: 22
46.161.28.0/22 maxlen: 22
91.243.56.0/22 maxlen: 22
46.161.41.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1a:6e:36:f9:75:0a:99:51:60:fa:84:b0:52:0d:44:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jul 3 06:26:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53386e15b4fe5d5689151b2802d07ae4a97495e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c7:61:61:01:1a:b6:e5:31:6b:fd:00:b3:88:
69:06:fe:ba:25:72:3e:95:71:8c:72:6d:7e:eb:e3:
89:36:c9:0f:a9:b6:fa:7d:4c:92:44:fb:33:eb:ae:
1f:81:88:0d:54:90:5d:22:21:5e:eb:05:8b:45:6a:
fd:e4:06:34:27:9a:6e:a2:00:36:48:6f:41:57:17:
a6:4b:7f:f6:bf:b4:f6:c1:cb:b6:a4:aa:fb:49:bd:
37:3d:9b:f3:17:b9:84:2c:79:a9:59:32:f3:b6:3a:
54:c0:2e:bd:7d:ff:5a:29:4c:0d:7c:33:28:96:0c:
c3:a3:c8:15:17:23:ac:86:1a:18:0f:f3:90:52:38:
36:36:1f:71:2e:4a:e5:6c:c0:71:49:e8:ac:d8:9c:
5a:28:a6:df:ad:2e:f4:f6:ac:4a:2d:a6:fc:2f:3a:
32:e2:48:34:26:3c:87:54:27:5d:4c:dd:30:96:65:
9f:9f:d6:44:2b:88:1e:b6:e0:a4:79:9e:7d:d7:4c:
e3:23:61:9a:12:18:66:cc:fa:a4:b8:d4:c9:43:61:
f9:49:6f:82:0c:ed:b7:e9:be:d6:ef:c0:b0:5c:ad:
f6:35:63:94:2c:9f:21:2e:da:77:20:c5:c5:e6:81:
b2:12:9c:4d:2f:5c:74:27:b4:db:83:d6:63:a8:c7:
fd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:38:6E:15:B4:FE:5D:56:89:15:1B:28:02:D0:7A:E4:A9:74:95:E4
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/UzhuFbT-XVaJFRsoAtB65Kl0leQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.66.0/23
5.188.10.0/23
46.161.26.0/24
46.161.28.0/22
46.161.41.0/24
91.243.32.0/22
91.243.44.0/22
91.243.52.0-91.243.59.255
Signature Algorithm: sha256WithRSAEncryption
75:51:7f:93:a4:67:98:97:3d:a6:9e:7a:76:ba:d6:f3:18:a6:
e2:ba:c1:5b:b8:e5:c5:34:ea:53:ae:85:07:6a:76:bf:88:25:
31:83:53:43:96:23:5a:2a:51:d6:62:4b:ab:de:3c:02:1e:bf:
17:ec:e8:cc:62:6f:2a:1e:07:d5:5f:67:9b:0a:a7:bf:10:6c:
f3:d3:92:1a:ee:a0:b4:b5:a1:54:b9:cb:fc:e7:a0:83:f2:f2:
72:93:2e:7b:5b:30:80:f0:ca:ce:b8:0e:98:bd:57:dd:ac:05:
b8:2b:e6:84:ea:47:39:2e:9e:47:09:9f:d7:96:a1:9a:f6:38:
6b:7f:7d:c3:a8:c8:d2:e3:54:3b:e0:44:ed:a2:a9:1c:bb:47:
5f:bf:5e:4e:4f:02:1c:ce:8b:65:24:6c:3b:b3:c4:4c:67:91:
af:69:47:e8:90:04:f9:5f:ec:bd:d3:7b:05:cf:06:b8:dd:1b:
bf:2b:8e:ee:70:92:73:62:3d:16:22:c3:f4:d7:1b:3e:d0:6f:
50:1c:b5:e3:1c:2f:8a:84:64:c4:df:ac:ca:6c:15:35:16:8a:
ec:96:42:25:fd:d8:15:9b:18:c3:2e:2b:33:a1:9c:e8:d2:37:
37:2f:49:ae:cf:5c:73:f0:ba:a0:7f:cf:02:90:1b:45:21:b2:
f4:c8:80:d0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYkabjb5dQqZUWD6hLBSDUQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwNzAzMDYyNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM4NmUxNWI0ZmU1ZDU2ODkxNTFiMjgwMmQwN2FlNGE5NzQ5NWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMdhYQEatuUxa/0As4hpBv66JXI+
lXGMcm1+6+OJNskPqbb6fUySRPsz664fgYgNVJBdIiFe6wWLRWr95AY0J5puogA2
SG9BVxemS3/2v7T2wcu2pKr7Sb03PZvzF7mELHmpWTLztjpUwC69ff9aKUwNfDMo
lgzDo8gVFyOshhoYD/OQUjg2Nh9xLkrlbMBxSeis2JxaKKbfrS709qxKLab8Lzoy
4kg0JjyHVCddTN0wlmWfn9ZEK4getuCkeZ5910zjI2GaEhhmzPqkuNTJQ2H5SW+C
DO236b7W78CwXK32NWOULJ8hLtp3IMXF5oGyEpxNL1x0J7Tbg9ZjqMf9iQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFM4bhW0/l1WiRUbKALQeuSpdJXkMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvVXpodUZiVC1YVmFKRlJzb0F0QjY1S2wwbGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBBQhCAwQB
BbwKAwQALqEaAwQCLqEcAwQALqEpAwQCW/MgAwQCW/MsMAwDBAJb8zQDBAJb8zgw
DQYJKoZIhvcNAQELBQADggEBAHVRf5OkZ5iXPaaeena61vMYpuK6wVu45cU06lOu
hQdqdr+IJTGDU0OWI1oqUdZiS6vePAIevxfs6MxibyoeB9VfZ5sKp78QbPPTkhru
oLS1oVS5y/znoIPy8nKTLntbMIDwys64Dpi9V92sBbgr5oTqRzkunkcJn9eWoZr2
OGt/fcOoyNLjVDvgRO2iqRy7R1+/Xk5PAhzOi2UkbDuzxExnka9pR+iQBPlf7L3T
ewXPBrjdG78rju5wknNiPRYiw/TXGz7Qb1ActeMcL4qEZMTfrMpsFTUWiuyWQiX9
2BWbGMMuKzOhnOjSNzcvSa7PXHPwuqB/zwKQG0UhsvTIgNA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org