Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/0ad46e-e8ff-42a9-98c5-d78f6172b155/1/uK89WrdRZ1vB2SMiBqJIPV_NXuQ.roa
File: uK89WrdRZ1vB2SMiBqJIPV_NXuQ.roa (raw, json)
Hash identifier: R4jECs7dtPrBbCTjI1QtN8ckV6VrDQh1PEz86+wQ0PA=
Subject key identifier: B8:AF:3D:5A:B7:51:67:5B:C1:D9:23:22:06:A2:48:3D:5F:CD:5E:E4
Certificate issuer: /CN=d010ee78bbd487d39d79cb198085e984f702a208
Certificate serial: 018757409559F42D5BA1C63FFF6C1B73E4F8
Authority key identifier: D0:10:EE:78:BB:D4:87:D3:9D:79:CB:19:80:85:E9:84:F7:02:A2:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BDueLvUh9OdecsZgIXphPcCogg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/0ad46e-e8ff-42a9-98c5-d78f6172b155/1/uK89WrdRZ1vB2SMiBqJIPV_NXuQ.roa
Signing time: Thu 06 Apr 2023 15:47:43 +0000
ROA not before: Thu 06 Apr 2023 15:47:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49544
IP address blocks: 195.85.225.0/24 maxlen: 24
2a13:d780::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:40:95:59:f4:2d:5b:a1:c6:3f:ff:6c:1b:73:e4:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d010ee78bbd487d39d79cb198085e984f702a208
Validity
Not Before: Apr 6 15:47:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8af3d5ab751675bc1d9232206a2483d5fcd5ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8a:2c:3d:f4:f3:45:90:e4:ea:7f:15:fb:70:
bd:0c:d3:a6:4c:3c:f1:96:c4:02:4a:8a:49:98:0c:
87:ad:fd:55:7c:2b:34:d8:e6:f9:84:2b:ad:13:3f:
3e:5a:90:e5:35:5a:be:06:f2:4a:e5:02:8c:3c:1f:
38:fe:c9:e5:a0:aa:4a:0b:ac:04:52:4e:f5:32:61:
65:dd:b0:76:c9:99:7c:67:e8:f6:08:11:b1:bc:b1:
26:52:7c:87:95:bb:df:cf:ff:ef:b7:75:03:be:3f:
36:2b:fc:8d:7f:25:c0:03:3f:67:76:c8:50:ec:43:
40:3f:04:d7:d6:76:90:8d:37:b6:9c:ab:2d:54:c4:
10:1d:d5:c4:61:09:de:7c:f3:2b:8a:08:7c:a8:ac:
e5:94:89:79:64:27:d8:1f:e9:b3:8a:45:4f:47:17:
47:1c:be:1c:db:db:7a:dd:d6:6a:be:9a:53:e4:f9:
5d:9b:90:27:3d:77:24:41:6a:0f:1d:77:23:cf:38:
5d:85:64:5e:1f:89:a6:48:94:0c:cc:85:9c:f8:e4:
f7:80:92:01:80:85:32:ee:4c:f9:8c:0c:32:68:35:
dd:9b:fd:bd:5f:71:e1:fe:10:8d:6e:d1:bf:cf:9f:
02:61:f0:d7:e3:27:da:10:ad:a7:cd:0b:5f:c3:de:
ed:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AF:3D:5A:B7:51:67:5B:C1:D9:23:22:06:A2:48:3D:5F:CD:5E:E4
X509v3 Authority Key Identifier:
keyid:D0:10:EE:78:BB:D4:87:D3:9D:79:CB:19:80:85:E9:84:F7:02:A2:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BDueLvUh9OdecsZgIXphPcCogg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/0ad46e-e8ff-42a9-98c5-d78f6172b155/1/uK89WrdRZ1vB2SMiBqJIPV_NXuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/0ad46e-e8ff-42a9-98c5-d78f6172b155/1/0BDueLvUh9OdecsZgIXphPcCogg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.225.0/24
IPv6:
2a13:d780::/29
Signature Algorithm: sha256WithRSAEncryption
4d:a7:60:c5:c0:e7:ca:29:f1:9d:57:c9:df:2a:07:aa:71:49:
9f:0a:4a:ac:8d:27:c5:ed:18:13:4f:72:b0:0b:4b:e1:e2:7b:
5b:f4:9c:1c:c2:76:64:7c:b7:25:15:02:f8:e0:eb:9c:61:e5:
7c:56:d7:35:1c:59:f8:9d:cb:f6:3a:34:a2:f0:4e:96:b1:f7:
bb:b6:39:25:2d:e6:b1:cb:8e:fc:9c:33:9e:f0:fa:d9:45:3b:
0e:70:0a:f3:4e:80:5e:d2:22:d1:a3:d2:df:11:ac:cb:36:b8:
28:d0:65:5d:2b:fc:a6:0e:3b:f7:c6:44:d5:40:ea:a0:52:ce:
9e:c7:75:de:ef:60:cf:10:16:80:d0:2b:48:e5:0f:27:ca:b1:
03:7b:dd:c7:52:88:a8:e6:fb:20:29:c8:1a:d8:21:c4:34:50:
3f:c3:f6:81:f6:81:ef:59:db:a5:67:db:d4:23:25:99:c0:3b:
aa:a4:5f:b1:eb:14:fc:bd:62:81:16:a7:49:ef:ac:b4:99:fb:
59:94:97:b9:99:57:dd:f9:b8:d9:06:12:8c:43:08:cf:c6:0a:
f6:06:6b:22:61:b4:95:81:ed:5a:e2:ff:73:53:1c:ff:67:c2:
79:f1:c9:73:61:14:a3:9a:b4:4f:66:ca:e7:9f:21:e0:d7:41:
0a:9d:57:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdXQJVZ9C1bocY//2wbc+T4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMTBlZTc4YmJkNDg3ZDM5ZDc5Y2IxOTgwODVlOTg0Zjcw
MmEyMDgwHhcNMjMwNDA2MTU0NzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGFmM2Q1YWI3NTE2NzViYzFkOTIzMjIwNmEyNDgzZDVmY2Q1ZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4osPfTzRZDk6n8V+3C9DNOmTDzx
lsQCSopJmAyHrf1VfCs02Ob5hCutEz8+WpDlNVq+BvJK5QKMPB84/snloKpKC6wE
Uk71MmFl3bB2yZl8Z+j2CBGxvLEmUnyHlbvfz//vt3UDvj82K/yNfyXAAz9ndshQ
7ENAPwTX1naQjTe2nKstVMQQHdXEYQnefPMrigh8qKzllIl5ZCfYH+mzikVPRxdH
HL4c29t63dZqvppT5Pldm5AnPXckQWoPHXcjzzhdhWReH4mmSJQMzIWc+OT3gJIB
gIUy7kz5jAwyaDXdm/29X3Hh/hCNbtG/z58CYfDX4yfaEK2nzQtfw97tpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLivPVq3UWdbwdkjIgaiSD1fzV7kMB8GA1UdIwQY
MBaAFNAQ7ni71IfTnXnLGYCF6YT3AqIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEJEdWVMdlVoOU9kZWNzWmdJWHBoUGNDb2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8wYWQ0NmUtZThmZi00MmE5LTk4YzUt
ZDc4ZjYxNzJiMTU1LzEvdUs4OVdyZFJaMXZCMlNNaUJxSklQVl9OWHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8wYWQ0NmUtZThmZi00MmE5LTk4YzUtZDc4ZjYxNzJiMTU1
LzEvMEJEdWVMdlVoOU9kZWNzWmdJWHBoUGNDb2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw1XhMA0E
AgACMAcDBQMqE9eAMA0GCSqGSIb3DQEBCwUAA4IBAQBNp2DFwOfKKfGdV8nfKgeq
cUmfCkqsjSfF7RgTT3KwC0vh4ntb9JwcwnZkfLclFQL44OucYeV8Vtc1HFn4ncv2
OjSi8E6Wsfe7tjklLeaxy478nDOe8PrZRTsOcArzToBe0iLRo9LfEazLNrgo0GVd
K/ymDjv3xkTVQOqgUs6ex3Xe72DPEBaA0CtI5Q8nyrEDe93HUoio5vsgKcga2CHE
NFA/w/aB9oHvWdulZ9vUIyWZwDuqpF+x6xT8vWKBFqdJ76y0mftZlJe5mVfd+bjZ
BhKMQwjPxgr2BmsiYbSVge1a4v9zUxz/Z8J58clzYRSjmrRPZsrnnyHg10EKnVei
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:09 2024 by rpki-client on console-fra.rpki-client.org