Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/UjKW8F_-702DH543DskWRL813tE.roa
File: UjKW8F_-702DH543DskWRL813tE.roa (raw, json)
Hash identifier: h2Ds15mMkwqnuhRGHPYK3s4sGEPRBJNrdOetxODUD0U=
Subject key identifier: 52:32:96:F0:5F:FE:EF:4D:83:1F:9E:37:0E:C9:16:44:BF:35:DE:D1
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01856ED4BE24598FD3AC06EB2AC7E793B8B6
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/UjKW8F_-702DH543DskWRL813tE.roa
Signing time: Sun 01 Jan 2023 19:35:14 +0000
ROA not before: Sun 01 Jan 2023 19:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210122
IP address blocks: 45.11.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:be:24:59:8f:d3:ac:06:eb:2a:c7:e7:93:b8:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 19:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=523296f05ffeef4d831f9e370ec91644bf35ded1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0e:79:ff:a8:d6:64:2a:ad:bc:6e:ee:34:0c:
a2:a5:b3:e0:12:53:08:82:ac:82:29:78:2e:34:b9:
73:ed:2f:fc:c3:4f:99:22:16:36:ee:df:c2:4d:06:
e2:82:07:77:a7:76:ca:84:94:8e:47:07:67:20:91:
8d:70:e7:0f:53:19:1f:fb:fd:28:1f:3e:de:b2:a1:
82:c6:49:ea:b6:f4:22:18:18:56:41:ba:c4:6a:7a:
a1:5a:83:84:52:6d:10:54:69:79:85:54:68:a6:6a:
d5:8f:4b:ab:eb:d2:ee:35:3d:24:2a:65:a5:a7:6e:
9b:43:fb:30:17:e6:61:1e:7e:14:08:23:a8:4f:cf:
a5:40:1b:fd:7e:84:36:83:2f:b1:ba:09:bf:51:0e:
1d:f4:a9:d4:c2:ff:2c:2a:18:38:5c:00:e7:77:dd:
cf:58:0c:84:d3:ad:c8:8b:b0:63:a4:ed:57:d7:04:
37:ce:d1:d2:2d:8c:40:c4:29:35:b7:5b:d9:7c:23:
72:cb:e6:9c:47:56:68:63:86:41:6e:d1:c0:06:bc:
fe:c7:0e:92:dc:c2:7d:e2:25:93:f9:95:00:64:69:
27:fd:54:65:07:39:7a:32:ef:d0:1a:a3:ab:22:0a:
55:ef:48:de:fa:68:af:9b:ab:48:87:db:e1:fd:64:
b9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:32:96:F0:5F:FE:EF:4D:83:1F:9E:37:0E:C9:16:44:BF:35:DE:D1
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/UjKW8F_-702DH543DskWRL813tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.191.0/24
Signature Algorithm: sha256WithRSAEncryption
11:07:19:6d:0f:bf:eb:f9:ad:c1:68:05:8e:c7:33:24:74:2f:
39:97:3c:53:dd:7d:a0:70:e7:93:c0:b8:5b:78:68:cf:be:46:
cb:1b:c0:2b:8c:f0:2f:96:10:8d:04:47:7d:24:68:77:7e:c9:
d3:f6:d6:85:a4:3b:79:39:81:e7:ac:bb:05:ee:c0:bb:ff:01:
95:e3:0f:c6:e9:16:ca:00:7f:34:e9:e1:02:93:1a:a9:13:f3:
57:37:4d:ed:16:9f:19:f2:ba:51:fb:50:67:ab:a5:62:ef:da:
7b:12:96:9f:d8:e1:23:e5:98:ea:95:d0:e5:5c:a6:0b:b7:68:
37:12:a3:d2:27:2c:f6:fd:bc:fc:83:21:ef:d9:40:b1:70:0c:
04:1a:da:84:f1:3e:f2:c6:2e:35:91:25:c1:fe:c8:7b:9d:58:
bf:e2:50:28:6d:36:53:66:0a:26:4e:f6:1e:3c:3f:87:08:76:
d8:3c:3e:51:e3:f3:9d:7f:78:7e:82:0b:e8:d8:be:5c:4c:7e:
1d:fc:b6:82:8f:e2:c6:22:47:49:a6:85:e4:ba:70:a6:32:82:
3a:a2:38:ec:ac:6b:91:02:89:1c:af:d1:9e:9d:6c:2c:b3:b0:
92:7f:48:44:6e:2c:8b:1c:7c:c0:8f:e6:26:37:17:45:00:80:
17:94:c7:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1L4kWY/TrAbrKsfnk7i2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjMyOTZmMDVmZmVlZjRkODMxZjllMzcwZWM5MTY0NGJmMzVkZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA55/6jWZCqtvG7uNAyipbPgElMI
gqyCKXguNLlz7S/8w0+ZIhY27t/CTQbiggd3p3bKhJSORwdnIJGNcOcPUxkf+/0o
Hz7esqGCxknqtvQiGBhWQbrEanqhWoOEUm0QVGl5hVRopmrVj0ur69LuNT0kKmWl
p26bQ/swF+ZhHn4UCCOoT8+lQBv9foQ2gy+xugm/UQ4d9KnUwv8sKhg4XADnd93P
WAyE063Ii7BjpO1X1wQ3ztHSLYxAxCk1t1vZfCNyy+acR1ZoY4ZBbtHABrz+xw6S
3MJ94iWT+ZUAZGkn/VRlBzl6Mu/QGqOrIgpV70je+mivm6tIh9vh/WS5QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIylvBf/u9Ngx+eNw7JFkS/Nd7RMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvVWpLVzhGXy03MDJESDU0M0Rza1dSTDgxM3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu/MA0G
CSqGSIb3DQEBCwUAA4IBAQARBxltD7/r+a3BaAWOxzMkdC85lzxT3X2gcOeTwLhb
eGjPvkbLG8ArjPAvlhCNBEd9JGh3fsnT9taFpDt5OYHnrLsF7sC7/wGV4w/G6RbK
AH806eECkxqpE/NXN03tFp8Z8rpR+1Bnq6Vi79p7Epaf2OEj5ZjqldDlXKYLt2g3
EqPSJyz2/bz8gyHv2UCxcAwEGtqE8T7yxi41kSXB/sh7nVi/4lAobTZTZgomTvYe
PD+HCHbYPD5R4/Odf3h+ggvo2L5cTH4d/LaCj+LGIkdJpoXkunCmMoI6ojjsrGuR
Aokcr9GenWwss7CSf0hEbiyLHHzAj+YmNxdFAIAXlMex
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:23 2024 by rpki-client on console-fra.rpki-client.org