Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uQVI7DYxN4rz3TkSAklGwArJKOI.roa
File: uQVI7DYxN4rz3TkSAklGwArJKOI.roa (raw, json)
Hash identifier: eb+0lRqtxznd4CQMRU8cpVQ1ST6w2oQuoE5Ikh5+5xE=
Subject key identifier: B9:05:48:EC:36:31:37:8A:F3:DD:39:12:02:49:46:C0:0A:C9:28:E2
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018B95D5C45C8E513FCD4D076C0129E6D93E
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uQVI7DYxN4rz3TkSAklGwArJKOI.roa
Signing time: Fri 03 Nov 2023 15:38:16 +0000
ROA not before: Fri 03 Nov 2023 15:38:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 265753
IP address blocks: 91.242.81.0/24 maxlen: 24
95.214.152.0/22 maxlen: 24
91.242.107.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:d5:c4:5c:8e:51:3f:cd:4d:07:6c:01:29:e6:d9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 3 15:38:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b90548ec3631378af3dd3912024946c00ac928e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:05:9f:30:ce:f7:34:ac:5a:59:50:ac:04:20:
d1:13:ed:34:ad:b8:40:c3:03:5a:74:fb:92:5a:30:
14:f3:e2:df:3e:b8:e1:e8:c5:5d:5c:27:6a:ff:60:
c1:d4:2f:55:9a:1a:5b:75:9b:ca:c2:00:08:e7:cb:
e0:96:fa:64:15:0f:2a:84:3f:a4:0b:26:0a:35:0e:
8a:ea:ae:26:08:05:40:05:83:90:db:a5:be:57:cf:
12:17:2c:fb:2e:e8:be:62:bc:c6:98:2a:23:c3:4f:
94:82:d6:7a:50:91:b7:8b:ed:a7:cf:4a:54:51:fb:
39:3f:20:26:81:ae:a0:b1:2f:a5:8f:53:ad:fd:90:
fc:1d:08:6a:3b:dd:d7:83:7b:42:a8:1c:2a:ea:c4:
f3:06:f9:e4:e7:93:ae:f4:06:13:6f:07:28:2d:4e:
cf:1b:02:a6:42:f4:4c:a4:e0:2f:7f:48:99:8c:12:
3a:35:44:fa:1f:92:23:9a:fe:17:1f:06:80:38:c2:
f9:f2:53:94:a7:7a:d5:cf:af:e8:5b:7a:b7:88:a5:
3e:fe:78:f7:f3:d5:a5:25:f7:78:64:dd:56:fa:d2:
38:9d:0b:29:e1:ca:b0:7a:d4:43:58:24:06:b8:f5:
bd:63:95:e3:7f:18:bf:48:c0:18:c7:3b:e8:58:e3:
30:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:05:48:EC:36:31:37:8A:F3:DD:39:12:02:49:46:C0:0A:C9:28:E2
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uQVI7DYxN4rz3TkSAklGwArJKOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.71.0/24
91.242.81.0/24
91.242.107.0/24
95.214.152.0/22
Signature Algorithm: sha256WithRSAEncryption
50:0a:9b:a4:82:08:28:20:91:8a:41:22:c7:28:03:59:ba:03:
73:bb:73:ec:ef:f5:95:f4:d6:aa:df:69:55:24:31:d4:d8:df:
4d:4c:99:89:0d:12:e4:bd:d6:db:38:de:48:92:b9:26:41:a5:
6f:65:83:ec:8c:e1:fb:ce:07:6a:fb:8d:c0:55:ba:54:0e:bf:
82:c8:fb:5d:eb:54:5e:9d:dc:65:8d:e2:7d:00:3d:80:56:ff:
03:7c:f0:94:2d:ad:95:ac:8f:52:5a:b4:78:c2:b5:35:fa:ed:
01:4a:b4:c1:24:53:cd:2a:f3:4c:d3:54:fd:b5:93:37:c5:0e:
74:bc:15:d6:15:09:9d:96:e5:70:64:c7:92:c0:ad:48:b1:19:
5a:4c:35:28:00:b8:b2:e7:de:b1:81:00:87:92:91:47:40:51:
48:d7:f1:99:72:87:8f:0f:c6:14:11:fa:86:2e:0b:50:16:ce:
fd:2f:a6:c4:5d:96:e5:6e:1a:0c:a9:82:5e:8b:a0:fe:31:50:
1f:78:ef:02:4f:58:a9:cc:7f:59:9c:e1:f9:d8:de:bb:3c:3c:
3a:52:e2:77:7a:5c:54:b9:84:2f:6e:c1:1a:d7:08:66:3d:ad:
1d:18:3a:ff:34:1b:42:35:82:59:8a:ba:87:7e:67:ea:30:18:
42:f3:9d:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuV1cRcjlE/zU0HbAEp5tk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTAzMTUzODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTA1NDhlYzM2MzEzNzhhZjNkZDM5MTIwMjQ5NDZjMDBhYzkyOGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAWfMM73NKxaWVCsBCDRE+00rbhA
wwNadPuSWjAU8+LfPrjh6MVdXCdq/2DB1C9VmhpbdZvKwgAI58vglvpkFQ8qhD+k
CyYKNQ6K6q4mCAVABYOQ26W+V88SFyz7Lui+YrzGmCojw0+UgtZ6UJG3i+2nz0pU
Ufs5PyAmga6gsS+lj1Ot/ZD8HQhqO93Xg3tCqBwq6sTzBvnk55Ou9AYTbwcoLU7P
GwKmQvRMpOAvf0iZjBI6NUT6H5Ijmv4XHwaAOML58lOUp3rVz6/oW3q3iKU+/nj3
89WlJfd4ZN1W+tI4nQsp4cqwetRDWCQGuPW9Y5Xjfxi/SMAYxzvoWOMwMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLkFSOw2MTeK8905EgJJRsAKySjiMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdVFWSTdEWXhONHJ6M1RrU0FrbEd3QXJKS09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW/JHAwQA
W/JRAwQAW/JrAwQCX9aYMA0GCSqGSIb3DQEBCwUAA4IBAQBQCpukgggoIJGKQSLH
KANZugNzu3Ps7/WV9Naq32lVJDHU2N9NTJmJDRLkvdbbON5IkrkmQaVvZYPsjOH7
zgdq+43AVbpUDr+CyPtd61RendxljeJ9AD2AVv8DfPCULa2VrI9SWrR4wrU1+u0B
SrTBJFPNKvNM01T9tZM3xQ50vBXWFQmdluVwZMeSwK1IsRlaTDUoALiy596xgQCH
kpFHQFFI1/GZcoePD8YUEfqGLgtQFs79L6bEXZblbhoMqYJei6D+MVAfeO8CT1ip
zH9ZnOH52N67PDw6UuJ3elxUuYQvbsEa1whmPa0dGDr/NBtCNYJZirqHfmfqMBhC
853b
-----END CERTIFICATE-----
Generated at Tue Nov 7 16:57:31 2023 by rpki-client on console-ams.rpki-client.org