Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/UXU5EpFA9OoL8poBMylO7_4PcME.roa
File: UXU5EpFA9OoL8poBMylO7_4PcME.roa (raw, json)
Hash identifier: W0tUaC6kif3ddKhJZQHA4alCZoX5DyslhhBm/3H8b0w=
Subject key identifier: 51:75:39:12:91:40:F4:EA:0B:F2:9A:01:33:29:4E:EF:FE:0F:70:C1
Certificate issuer: /CN=75193bd9f84b4a9ed47a03bdf892d9e798b72727
Certificate serial: 01867EFC6B9E6916D25C4F616AAD10BD8FBC
Authority key identifier: 75:19:3B:D9:F8:4B:4A:9E:D4:7A:03:BD:F8:92:D9:E7:98:B7:27:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dRk72fhLSp7UegO9-JLZ55i3Jyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/UXU5EpFA9OoL8poBMylO7_4PcME.roa
Signing time: Thu 23 Feb 2023 15:55:17 +0000
ROA not before: Thu 23 Feb 2023 15:55:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48954
IP address blocks: 85.91.40.0/22 maxlen: 24
45.147.84.0/24 maxlen: 24
195.88.100.0/23 maxlen: 24
37.48.240.0/21 maxlen: 24
185.83.120.0/22 maxlen: 24
2a00:7640::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:fc:6b:9e:69:16:d2:5c:4f:61:6a:ad:10:bd:8f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75193bd9f84b4a9ed47a03bdf892d9e798b72727
Validity
Not Before: Feb 23 15:55:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=517539129140f4ea0bf29a0133294eeffe0f70c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f9:3c:a6:54:82:13:01:03:51:a3:0d:e2:cd:
36:57:a4:c8:2c:c5:00:d0:fe:41:f5:55:7c:fa:1d:
35:96:0f:8d:b7:66:25:5a:de:6a:63:55:0f:b1:e6:
c2:a1:46:99:45:23:da:3a:7b:23:a4:31:e6:6b:89:
17:19:9d:fa:f5:6b:a2:96:50:9a:ea:ac:ea:dc:1e:
b5:f7:5c:1f:18:c9:c1:4f:fe:65:b1:72:ad:f9:91:
47:a4:c3:32:9c:2a:e8:1c:7d:f0:1c:18:7b:4c:c6:
76:9b:dc:6d:54:c8:54:3b:ff:99:6b:eb:b7:ac:da:
2e:f0:71:b0:52:bf:53:4e:11:d8:cd:96:2d:d1:ca:
12:f7:88:6c:8c:9d:c1:02:98:2e:08:4e:b3:21:7d:
fc:4e:fd:f4:7c:6f:9f:25:a3:41:cc:e9:07:da:8d:
6a:93:89:5b:cb:8b:70:8a:d5:d8:3d:5b:ba:05:4b:
80:7b:f4:89:6c:67:13:56:39:5d:48:bb:b0:91:33:
9c:2c:83:e9:de:ef:e6:67:10:58:18:5b:33:40:a2:
03:4f:48:52:cf:dc:ee:55:e6:cc:59:f7:35:21:b9:
c5:b5:47:2d:83:37:c2:de:a1:cd:28:75:5c:04:09:
75:d2:c4:f6:30:06:20:dc:27:cc:04:cc:8c:11:4f:
3c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:75:39:12:91:40:F4:EA:0B:F2:9A:01:33:29:4E:EF:FE:0F:70:C1
X509v3 Authority Key Identifier:
keyid:75:19:3B:D9:F8:4B:4A:9E:D4:7A:03:BD:F8:92:D9:E7:98:B7:27:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dRk72fhLSp7UegO9-JLZ55i3Jyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/UXU5EpFA9OoL8poBMylO7_4PcME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/dRk72fhLSp7UegO9-JLZ55i3Jyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.240.0/21
45.147.84.0/24
85.91.40.0/22
185.83.120.0/22
195.88.100.0/23
IPv6:
2a00:7640::/32
Signature Algorithm: sha256WithRSAEncryption
3e:d9:62:9d:ac:95:4c:41:b4:75:84:8b:df:c0:b9:a0:0d:59:
72:1e:71:9e:c7:2a:a2:8b:50:92:03:3c:1e:61:47:b8:07:1d:
84:1d:b6:d8:75:c5:9f:3e:72:d4:42:05:ef:7c:0d:73:e6:0a:
f6:d5:0e:e0:9f:24:79:5f:4e:fa:23:d0:3e:68:66:7b:65:b7:
0d:0a:bb:0b:ae:b2:ff:6b:38:cb:66:61:e3:2b:7b:03:12:dc:
c6:ec:89:01:f7:40:ff:0b:0c:3c:be:5b:fb:8c:76:e2:2e:6e:
bf:80:d7:71:8b:50:88:eb:25:55:17:c3:0c:5e:d0:f2:3d:0e:
d8:e7:d4:71:5a:a9:f7:b7:06:86:46:34:da:9c:92:c0:3a:3f:
e4:98:0d:f7:04:d9:f3:2a:88:00:ca:55:55:58:10:f3:5b:3b:
82:54:cb:31:c7:e7:28:9f:05:a3:94:14:44:37:c8:62:4e:a4:
b7:65:82:75:db:55:cc:54:63:0f:41:b8:be:ab:88:ea:46:64:
27:83:be:11:86:3d:64:52:fe:5c:81:82:06:0f:db:3c:ca:81:
95:cb:0c:ca:03:24:bf:ca:b1:a7:3f:c0:c2:3f:fe:63:d8:74:
70:e5:07:a9:ff:8f:dd:2b:15:90:b5:3b:17:08:e4:72:01:ac:
fb:b0:fd:e0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYZ+/GueaRbSXE9haq0QvY+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MTkzYmQ5Zjg0YjRhOWVkNDdhMDNiZGY4OTJkOWU3OThi
NzI3MjcwHhcNMjMwMjIzMTU1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc1MzkxMjkxNDBmNGVhMGJmMjlhMDEzMzI5NGVlZmZlMGY3MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvk8plSCEwEDUaMN4s02V6TILMUA
0P5B9VV8+h01lg+Nt2YlWt5qY1UPsebCoUaZRSPaOnsjpDHma4kXGZ369WuillCa
6qzq3B6191wfGMnBT/5lsXKt+ZFHpMMynCroHH3wHBh7TMZ2m9xtVMhUO/+Za+u3
rNou8HGwUr9TThHYzZYt0coS94hsjJ3BApguCE6zIX38Tv30fG+fJaNBzOkH2o1q
k4lby4twitXYPVu6BUuAe/SJbGcTVjldSLuwkTOcLIPp3u/mZxBYGFszQKIDT0hS
z9zuVebMWfc1IbnFtUctgzfC3qHNKHVcBAl10sT2MAYg3CfMBMyMEU88eQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFF1ORKRQPTqC/KaATMpTu/+D3DBMB8GA1UdIwQY
MBaAFHUZO9n4S0qe1HoDvfiS2eeYtycnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFJrNzJmaExTcDdVZWdPOS1KTFo1NWkzSnljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jNGU2YTQtNjFjMi00Mzg4LWI4NDQt
M2I3MTU2OTFkMmU5LzEvVVhVNUVwRkE5T29MOHBvQk15bE83XzRQY01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jNGU2YTQtNjFjMi00Mzg4LWI4NDQtM2I3MTU2OTFkMmU5
LzEvZFJrNzJmaExTcDdVZWdPOS1KTFo1NWkzSnljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJTDwAwQA
LZNUAwQCVVsoAwQCuVN4AwQBw1hkMA0EAgACMAcDBQAqAHZAMA0GCSqGSIb3DQEB
CwUAA4IBAQA+2WKdrJVMQbR1hIvfwLmgDVlyHnGexyqii1CSAzweYUe4Bx2EHbbY
dcWfPnLUQgXvfA1z5gr21Q7gnyR5X076I9A+aGZ7ZbcNCrsLrrL/azjLZmHjK3sD
EtzG7IkB90D/Cww8vlv7jHbiLm6/gNdxi1CI6yVVF8MMXtDyPQ7Y59RxWqn3twaG
RjTanJLAOj/kmA33BNnzKogAylVVWBDzWzuCVMsxx+conwWjlBREN8hiTqS3ZYJ1
21XMVGMPQbi+q4jqRmQng74Rhj1kUv5cgYIGD9s8yoGVywzKAyS/yrGnP8DCP/5j
2HRw5Qep/4/dKxWQtTsXCORyAaz7sP3g
-----END CERTIFICATE-----
Generated at Fri Nov 17 10:52:32 2023 by rpki-client on console-fra.rpki-client.org