Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/upsXCpuow-YEApIUQ44j__fptQU.roa
File: upsXCpuow-YEApIUQ44j__fptQU.roa (raw, json)
Hash identifier: sudoLJ9tmS2PTwhCXU0HybPGVg6gfPcVI5ZB0d5E8F4=
Subject key identifier: BA:9B:17:0A:9B:A8:C3:E6:04:02:92:14:43:8E:23:FF:F7:E9:B5:05
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018D8F9EF423E74FD8BAF4B7598AE36E6365
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/upsXCpuow-YEApIUQ44j__fptQU.roa
Signing time: Fri 09 Feb 2024 20:46:15 +0000
ROA not before: Fri 09 Feb 2024 20:46:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 87.237.167.0/24 maxlen: 24
89.251.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 11:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8f:9e:f4:23:e7:4f:d8:ba:f4:b7:59:8a:e3:6e:63:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 9 20:46:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba9b170a9ba8c3e604029214438e23fff7e9b505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d6:0e:da:e1:9c:5a:e7:51:ee:c6:60:f4:24:
25:36:f8:e6:4a:59:ef:ab:0f:92:91:4a:89:f2:f6:
1b:9c:3c:2b:46:e9:c7:66:2a:aa:10:b8:86:1e:b1:
6d:26:4c:50:bf:5a:ff:c6:d2:38:a8:5c:3d:62:2a:
5c:7e:32:3d:33:4b:62:b8:e6:e4:ca:70:b0:d5:4a:
99:67:ec:02:6d:ac:6f:b3:b1:db:63:8a:57:fd:8b:
27:a1:3b:c6:6a:c6:47:cd:cb:b1:5a:6c:87:c8:d6:
62:16:62:b6:b4:aa:fa:c3:45:36:40:d4:90:82:6f:
e5:83:e5:b9:ee:93:4b:36:42:81:77:bb:22:a0:37:
ac:83:7e:58:5f:4e:42:9c:c9:d1:af:cd:ed:d8:a4:
a0:f0:42:ab:0e:de:2e:81:fa:d5:df:06:c1:57:62:
8d:d5:4b:b6:43:bc:13:7b:75:4e:c5:3f:30:89:e3:
8d:c7:5b:a1:0a:8e:cb:31:83:c7:ea:68:72:f3:eb:
dc:5d:91:1f:3a:8c:38:79:fb:79:ce:27:b3:53:41:
14:d7:cb:e9:5c:3e:82:a7:a8:1a:db:c6:9f:d1:69:
6a:ee:e6:17:5c:10:6a:99:5c:f4:a1:2e:dd:6b:d0:
f5:4e:c6:51:2d:96:bc:9f:c9:ed:7e:f6:6a:d0:a0:
c6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9B:17:0A:9B:A8:C3:E6:04:02:92:14:43:8E:23:FF:F7:E9:B5:05
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/upsXCpuow-YEApIUQ44j__fptQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.167.0/24
89.251.30.0/24
Signature Algorithm: sha256WithRSAEncryption
77:33:2c:c3:42:68:d3:82:4d:29:d5:33:4b:56:f9:d9:fc:9d:
3f:09:48:8c:1c:cf:7a:8a:4b:36:34:6d:bf:ee:9f:b7:dd:f4:
40:3e:af:d2:54:cc:1e:6a:38:43:30:65:70:b9:7e:6e:38:f4:
d9:82:2e:96:f8:4e:23:c2:66:68:92:0c:e1:81:3f:42:5b:01:
6b:99:88:78:85:dc:b6:28:e5:98:6c:34:42:43:fe:e3:3b:65:
bb:a4:fe:cc:04:d3:b9:9a:02:e3:06:07:80:0c:aa:3c:bc:d7:
17:15:a3:af:c4:12:6f:2f:12:3f:75:c1:10:ac:28:6a:a9:c9:
a9:27:9d:49:13:04:3e:ea:2d:5b:e3:20:15:50:2e:0c:3c:53:
44:96:41:c5:49:9f:7f:ec:d4:1a:82:23:b6:96:8e:47:56:ee:
43:32:43:4d:d4:f3:78:d6:c8:2e:5d:1a:d1:5b:76:96:69:bc:
4a:88:81:43:c0:f8:65:4f:e6:4c:cf:92:cc:40:f9:b6:35:61:
62:c2:e8:71:0c:01:e2:25:ea:75:13:a2:78:5a:6e:30:55:4e:
4c:27:4a:f0:1d:af:db:0c:e4:f0:a6:40:40:15:50:bd:cf:1a:
cc:3d:41:20:80:09:7a:44:a6:65:93:1f:42:b9:4d:44:c3:54:
c3:e1:1d:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2PnvQj50/YuvS3WYrjbmNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwMjA5MjA0NjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTliMTcwYTliYThjM2U2MDQwMjkyMTQ0MzhlMjNmZmY3ZTliNTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNYO2uGcWudR7sZg9CQlNvjmSlnv
qw+SkUqJ8vYbnDwrRunHZiqqELiGHrFtJkxQv1r/xtI4qFw9YipcfjI9M0tiuObk
ynCw1UqZZ+wCbaxvs7HbY4pX/YsnoTvGasZHzcuxWmyHyNZiFmK2tKr6w0U2QNSQ
gm/lg+W57pNLNkKBd7sioDesg35YX05CnMnRr83t2KSg8EKrDt4ugfrV3wbBV2KN
1Uu2Q7wTe3VOxT8wieONx1uhCo7LMYPH6mhy8+vcXZEfOow4eft5ziezU0EU18vp
XD6Cp6ga28af0Wlq7uYXXBBqmVz0oS7da9D1TsZRLZa8n8ntfvZq0KDGRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqbFwqbqMPmBAKSFEOOI//36bUFMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdXBzWENwdW93LVlFQXBJVVE0NGpfX2ZwdFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+2nAwQA
WfseMA0GCSqGSIb3DQEBCwUAA4IBAQB3MyzDQmjTgk0p1TNLVvnZ/J0/CUiMHM96
iks2NG2/7p+33fRAPq/SVMweajhDMGVwuX5uOPTZgi6W+E4jwmZokgzhgT9CWwFr
mYh4hdy2KOWYbDRCQ/7jO2W7pP7MBNO5mgLjBgeADKo8vNcXFaOvxBJvLxI/dcEQ
rChqqcmpJ51JEwQ+6i1b4yAVUC4MPFNElkHFSZ9/7NQagiO2lo5HVu5DMkNN1PN4
1sguXRrRW3aWabxKiIFDwPhlT+ZMz5LMQPm2NWFiwuhxDAHiJep1E6J4Wm4wVU5M
J0rwHa/bDOTwpkBAFVC9zxrMPUEggAl6RKZlkx9CuU1Ew1TD4R0q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org