Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/587a79-1b6c-4c2a-b139-24aab44f2539/1/uUvRalqs-jSSW9M8cMtIOIYyWY0.roa
File: uUvRalqs-jSSW9M8cMtIOIYyWY0.roa (raw, json)
Hash identifier: 9ibSrXw2rNMi9nIkcMD3pmjRIm8NxNxRb6dP/IiLdD0=
Subject key identifier: B9:4B:D1:6A:5A:AC:FA:34:92:5B:D3:3C:70:CB:48:38:86:32:59:8D
Certificate issuer: /CN=5346c4d200fe5035c61b0c894b9454e72d27c91f
Certificate serial: 01856DC1B9F87EF6A76A9B372E6AA6699FAE
Authority key identifier: 53:46:C4:D2:00:FE:50:35:C6:1B:0C:89:4B:94:54:E7:2D:27:C9:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U0bE0gD-UDXGGwyJS5RU5y0nyR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/587a79-1b6c-4c2a-b139-24aab44f2539/1/uUvRalqs-jSSW9M8cMtIOIYyWY0.roa
Signing time: Sun 01 Jan 2023 14:34:50 +0000
ROA not before: Sun 01 Jan 2023 14:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59869
IP address blocks: 45.84.132.0/22 maxlen: 22
81.22.176.0/20 maxlen: 20
178.22.224.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:b9:f8:7e:f6:a7:6a:9b:37:2e:6a:a6:69:9f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5346c4d200fe5035c61b0c894b9454e72d27c91f
Validity
Not Before: Jan 1 14:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b94bd16a5aacfa34925bd33c70cb48388632598d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:94:6b:58:0c:54:4c:e9:98:bc:48:65:d8:
00:a1:31:cf:86:e7:88:35:2e:b3:1d:b4:0e:cf:30:
5f:35:62:99:3d:60:21:9f:41:5d:17:80:12:a4:b4:
e2:87:35:fd:2b:96:92:b9:1e:7b:ad:16:c0:f2:79:
31:21:44:ca:53:4c:80:c2:8e:92:0b:23:45:7f:4a:
bd:c0:67:87:9f:d7:cd:ff:a6:f5:a5:68:ea:91:40:
b2:9b:3b:36:bc:8b:2e:8c:05:a9:3f:04:75:0d:b3:
00:20:b9:97:08:89:9a:e3:c5:04:a1:87:ca:5a:da:
fc:a3:3e:38:9f:70:a9:a8:70:e2:21:c2:d2:13:8d:
f0:1f:b7:4c:03:a7:79:a9:ed:a6:47:55:c7:19:4a:
d9:75:5a:24:05:4b:82:9b:33:ef:96:31:72:ff:5d:
bf:da:aa:fb:1e:08:d3:ad:5d:92:dc:62:e8:aa:bc:
15:00:99:be:32:12:96:37:90:98:f1:d4:a7:29:13:
f1:0e:7c:42:7e:47:98:d0:44:85:ec:fc:1b:80:8c:
22:02:c3:54:be:42:ca:89:7b:4e:b9:52:e5:75:01:
aa:21:a3:93:65:7d:29:67:8c:0b:dc:e1:67:52:2a:
d4:5c:4e:40:0e:47:95:c5:fb:8b:18:16:73:5e:dd:
ee:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4B:D1:6A:5A:AC:FA:34:92:5B:D3:3C:70:CB:48:38:86:32:59:8D
X509v3 Authority Key Identifier:
keyid:53:46:C4:D2:00:FE:50:35:C6:1B:0C:89:4B:94:54:E7:2D:27:C9:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U0bE0gD-UDXGGwyJS5RU5y0nyR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/587a79-1b6c-4c2a-b139-24aab44f2539/1/uUvRalqs-jSSW9M8cMtIOIYyWY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/587a79-1b6c-4c2a-b139-24aab44f2539/1/U0bE0gD-UDXGGwyJS5RU5y0nyR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.132.0/22
81.22.176.0/20
178.22.224.0/21
Signature Algorithm: sha256WithRSAEncryption
43:60:b7:bc:d4:33:d1:e5:aa:df:9d:1b:e7:e9:2e:23:6e:b7:
87:2d:3d:28:96:cc:04:31:30:7f:34:45:87:01:2a:85:85:c1:
77:68:7b:64:dc:fe:35:ca:a2:e1:ca:17:e4:d1:6b:83:55:00:
c7:32:4f:48:f5:7c:04:e9:a7:00:96:81:4d:83:a6:ca:98:59:
e4:56:8e:d0:0a:2e:37:6d:51:54:13:f0:5a:00:4b:f8:d6:a3:
66:b3:ef:63:c0:3d:1a:04:22:c4:2d:66:e5:4e:96:81:87:74:
c0:14:39:11:74:e6:29:a2:a0:87:6d:bc:c7:98:14:54:84:2c:
cb:83:7b:32:73:27:e3:2c:bd:d2:b9:d1:85:d9:b4:58:e8:cc:
6a:fd:99:42:03:db:c7:33:07:3c:46:e8:cd:20:da:58:57:c3:
ce:d5:06:ad:e7:bd:10:e6:ed:18:3d:2a:f5:74:e5:83:41:63:
db:30:3f:e2:2f:a2:76:e3:89:4f:79:4d:00:97:c4:be:0f:14:
85:f9:30:36:03:1d:ac:1e:50:8e:d3:a2:2a:e9:0a:69:db:da:
27:e0:6a:11:d6:ec:d1:5c:dd:88:3d:27:08:06:3f:33:92:2b:
1a:c9:43:4f:ce:d2:4f:2a:83:84:ad:db:92:0d:69:43:78:cf:
66:9b:7b:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtwbn4fvanaps3LmqmaZ+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNDZjNGQyMDBmZTUwMzVjNjFiMGM4OTRiOTQ1NGU3MmQy
N2M5MWYwHhcNMjMwMTAxMTQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRiZDE2YTVhYWNmYTM0OTI1YmQzM2M3MGNiNDgzODg2MzI1OThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+SUa1gMVEzpmLxIZdgAoTHPhueI
NS6zHbQOzzBfNWKZPWAhn0FdF4ASpLTihzX9K5aSuR57rRbA8nkxIUTKU0yAwo6S
CyNFf0q9wGeHn9fN/6b1pWjqkUCymzs2vIsujAWpPwR1DbMAILmXCIma48UEoYfK
Wtr8oz44n3CpqHDiIcLSE43wH7dMA6d5qe2mR1XHGUrZdVokBUuCmzPvljFy/12/
2qr7HgjTrV2S3GLoqrwVAJm+MhKWN5CY8dSnKRPxDnxCfkeY0ESF7PwbgIwiAsNU
vkLKiXtOuVLldQGqIaOTZX0pZ4wL3OFnUirUXE5ADkeVxfuLGBZzXt3uPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLlL0WparPo0klvTPHDLSDiGMlmNMB8GA1UdIwQY
MBaAFFNGxNIA/lA1xhsMiUuUVOctJ8kfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTBiRTBnRC1VRFhHR3d5SlM1UlU1eTBueVI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81ODdhNzktMWI2Yy00YzJhLWIxMzkt
MjRhYWI0NGYyNTM5LzEvdVV2UmFscXMtalNTVzlNOGNNdElPSVl5V1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81ODdhNzktMWI2Yy00YzJhLWIxMzktMjRhYWI0NGYyNTM5
LzEvVTBiRTBnRC1VRFhHR3d5SlM1UlU1eTBueVI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVSEAwQE
URawAwQDshbgMA0GCSqGSIb3DQEBCwUAA4IBAQBDYLe81DPR5arfnRvn6S4jbreH
LT0olswEMTB/NEWHASqFhcF3aHtk3P41yqLhyhfk0WuDVQDHMk9I9XwE6acAloFN
g6bKmFnkVo7QCi43bVFUE/BaAEv41qNms+9jwD0aBCLELWblTpaBh3TAFDkRdOYp
oqCHbbzHmBRUhCzLg3sycyfjLL3SudGF2bRY6Mxq/ZlCA9vHMwc8RujNINpYV8PO
1Qat570Q5u0YPSr1dOWDQWPbMD/iL6J244lPeU0Al8S+DxSF+TA2Ax2sHlCO06Iq
6Qpp29on4GoR1uzRXN2IPScIBj8zkisayUNPztJPKoOErduSDWlDeM9mm3un
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org