Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/U640AuPE17AOHYdb8HmMrQS_aRY.roa
File: U640AuPE17AOHYdb8HmMrQS_aRY.roa (raw, json)
Hash identifier: orUYSHb4Ze3fHcgtaKCTHPKHg9tUXI/tfromDLN1iiw=
Subject key identifier: 53:AE:34:02:E3:C4:D7:B0:0E:1D:87:5B:F0:79:8C:AD:04:BF:69:16
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018BAA95AE3A5414C3146192352288D35276
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/U640AuPE17AOHYdb8HmMrQS_aRY.roa
Signing time: Tue 07 Nov 2023 16:20:18 +0000
ROA not before: Tue 07 Nov 2023 16:20:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 265753
IP address blocks: 91.242.81.0/24 maxlen: 24
95.214.152.0/22 maxlen: 24
193.37.200.0/22 maxlen: 22
91.242.107.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:95:ae:3a:54:14:c3:14:61:92:35:22:88:d3:52:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 7 16:20:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53ae3402e3c4d7b00e1d875bf0798cad04bf6916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:58:a7:26:64:c0:26:cf:83:90:53:fd:9e:14:
f5:a7:52:11:a0:de:37:89:80:fc:15:14:83:cd:a6:
80:ef:90:2e:1c:a8:88:8c:d7:b3:96:f7:7e:42:59:
e2:3b:7c:c8:b7:45:ef:aa:48:d9:82:06:d4:84:45:
75:5d:27:61:1d:81:e3:03:25:0e:25:69:a3:3c:fd:
36:40:3f:24:cc:aa:99:9e:e3:df:9e:18:ec:7e:c5:
84:29:6a:f0:85:89:3c:ca:42:0e:3c:6e:91:c5:7c:
11:15:2b:22:1e:8f:8c:37:d3:a3:ab:6d:84:9f:4b:
95:39:c1:62:eb:56:6b:cd:8e:36:69:1f:ba:ef:d5:
c2:c4:d3:1e:42:f9:0f:b4:8a:22:28:f7:52:01:31:
54:0d:97:f5:89:95:4e:c9:fd:0d:f5:2f:47:93:00:
e5:7d:e4:3f:51:1f:db:16:50:71:56:45:86:b9:b1:
c3:e7:07:25:83:99:31:d4:d5:9e:54:c5:86:2b:5c:
1d:d9:de:0a:60:1b:ef:06:ed:23:12:ac:03:a2:a3:
62:fa:44:d8:56:fd:9e:ff:94:21:29:4e:f4:58:2b:
5f:25:8b:48:35:f9:bb:8c:02:01:3c:f1:01:18:30:
60:38:6c:9c:00:2c:d5:69:1c:7a:e4:6f:67:16:a0:
b9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AE:34:02:E3:C4:D7:B0:0E:1D:87:5B:F0:79:8C:AD:04:BF:69:16
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/U640AuPE17AOHYdb8HmMrQS_aRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.71.0/24
91.242.81.0/24
91.242.107.0/24
95.214.152.0/22
193.37.200.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:c3:49:64:96:46:bc:58:55:31:92:40:1c:26:81:1d:b1:60:
1c:12:1d:2b:0e:38:2f:44:a6:12:ff:d6:f5:5c:00:56:1e:35:
cf:8f:1b:c9:7b:82:e4:a2:38:1f:e9:11:fd:49:09:85:65:e3:
9a:68:84:2e:b8:61:ff:cf:98:35:0a:ca:cf:97:f7:1f:1d:94:
77:4b:2c:88:0b:82:a3:49:b9:24:53:e7:dc:06:b2:b9:b4:88:
5a:59:45:91:bb:da:bf:7b:54:04:f3:13:cd:9e:51:df:a2:3a:
43:e0:74:43:83:12:b9:28:03:bf:66:0b:b3:70:dd:c7:2e:38:
5d:c2:e3:4e:de:e1:f2:28:4a:bd:b2:7c:57:d4:25:06:70:f8:
28:d6:b0:ea:68:19:e5:16:f1:06:0b:05:21:96:0c:00:08:5b:
13:c0:8b:d5:3f:6f:03:6e:8e:ee:81:46:7a:5e:0b:07:3e:09:
30:46:21:2f:48:49:5c:9f:6c:c9:f8:92:a8:17:3f:30:c6:0b:
57:b4:a6:27:eb:6e:4c:5b:33:d6:5c:6a:d4:91:87:8c:8a:bc:
fd:e1:49:2e:4c:d0:fd:d6:37:2b:77:5d:8f:0c:6b:3f:e2:a7:
32:28:09:a0:6e:6f:9d:b2:9d:11:77:ba:5b:c3:c7:07:ee:27:
70:7a:de:98
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYuqla46VBTDFGGSNSKI01J2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTA3MTYyMDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2FlMzQwMmUzYzRkN2IwMGUxZDg3NWJmMDc5OGNhZDA0YmY2OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVinJmTAJs+DkFP9nhT1p1IRoN43
iYD8FRSDzaaA75AuHKiIjNezlvd+QlniO3zIt0XvqkjZggbUhEV1XSdhHYHjAyUO
JWmjPP02QD8kzKqZnuPfnhjsfsWEKWrwhYk8ykIOPG6RxXwRFSsiHo+MN9Ojq22E
n0uVOcFi61ZrzY42aR+679XCxNMeQvkPtIoiKPdSATFUDZf1iZVOyf0N9S9HkwDl
feQ/UR/bFlBxVkWGubHD5wclg5kx1NWeVMWGK1wd2d4KYBvvBu0jEqwDoqNi+kTY
Vv2e/5QhKU70WCtfJYtINfm7jAIBPPEBGDBgOGycACzVaRx65G9nFqC51wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFOuNALjxNewDh2HW/B5jK0Ev2kWMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvVTY0MEF1UEUxN0FPSFlkYjhIbU1yUVNfYVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW/JHAwQA
W/JRAwQAW/JrAwQCX9aYAwQCwSXIMA0GCSqGSIb3DQEBCwUAA4IBAQAew0lklka8
WFUxkkAcJoEdsWAcEh0rDjgvRKYS/9b1XABWHjXPjxvJe4Lkojgf6RH9SQmFZeOa
aIQuuGH/z5g1CsrPl/cfHZR3SyyIC4KjSbkkU+fcBrK5tIhaWUWRu9q/e1QE8xPN
nlHfojpD4HRDgxK5KAO/ZguzcN3HLjhdwuNO3uHyKEq9snxX1CUGcPgo1rDqaBnl
FvEGCwUhlgwACFsTwIvVP28Dbo7ugUZ6XgsHPgkwRiEvSElcn2zJ+JKoFz8wxgtX
tKYn625MWzPWXGrUkYeMirz94UkuTND91jcrd12PDGs/4qcyKAmgbm+dsp0Rd7pb
w8cH7idwet6Y
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org