Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/98c5c3-9928-4957-9448-a60138c1c046/1/UokoZ8oUo_ldmF4PIQ3XBqLUMxw.roa
File: UokoZ8oUo_ldmF4PIQ3XBqLUMxw.roa (raw, json)
Hash identifier: cumd7LI7328J7bpoGeCCqpGOgE0Fyv5xhJ+pWiZOh/Q=
Subject key identifier: 52:89:28:67:CA:14:A3:F9:5D:98:5E:0F:21:0D:D7:06:A2:D4:33:1C
Certificate issuer: /CN=0400d77ef9ea0ed2952be2f60fad3aecc2e168ac
Certificate serial: 01871101D9DE41F4AF01317A1EE8A52660E0
Authority key identifier: 04:00:D7:7E:F9:EA:0E:D2:95:2B:E2:F6:0F:AD:3A:EC:C2:E1:68:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BADXfvnqDtKVK-L2D6067MLhaKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/98c5c3-9928-4957-9448-a60138c1c046/1/UokoZ8oUo_ldmF4PIQ3XBqLUMxw.roa
Signing time: Fri 24 Mar 2023 00:25:46 +0000
ROA not before: Fri 24 Mar 2023 00:25:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59800
IP address blocks: 185.68.196.0/23 maxlen: 24
2a05:19c0::/48 maxlen: 48
2a05:19c0::/47 maxlen: 47
2a05:19c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:11:01:d9:de:41:f4:af:01:31:7a:1e:e8:a5:26:60:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0400d77ef9ea0ed2952be2f60fad3aecc2e168ac
Validity
Not Before: Mar 24 00:25:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52892867ca14a3f95d985e0f210dd706a2d4331c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:25:23:58:26:c7:28:c9:c2:02:96:1e:7e:36:
75:ac:df:05:83:98:b2:45:5d:dd:4f:c3:48:61:8e:
3b:d4:7a:65:98:27:df:62:af:e4:94:8f:24:95:4a:
10:b5:f8:16:48:b8:cc:3d:9f:3c:ff:6a:9f:30:e4:
90:e7:d8:f7:ce:88:be:b9:cd:09:c6:78:d1:76:67:
4d:a8:b5:a5:cb:b7:96:fd:8e:ea:4f:d8:23:dd:87:
94:14:6c:28:9e:f6:e1:01:27:75:77:69:57:1b:5d:
c2:68:16:9c:58:95:8c:55:9f:bb:a1:93:3a:7d:d3:
71:69:2a:ac:2d:7c:35:a4:8e:7c:c1:0f:4e:e0:0e:
e4:17:93:84:9a:ac:c2:2f:d0:ed:1b:3a:e1:74:9b:
64:0e:d5:5c:c1:c2:c4:a7:c3:63:a6:de:28:67:bc:
0a:22:78:92:67:9a:d4:c0:e1:26:8a:f9:f0:37:89:
3e:6f:61:93:15:c8:e1:cc:42:da:78:97:92:ad:05:
d9:c0:b4:ea:14:8c:48:33:46:87:fe:e4:f0:a2:db:
b9:0f:52:cd:b4:41:6a:c1:62:4f:c6:3c:ee:93:d3:
de:0b:b3:3b:cd:a4:73:0d:08:89:ff:f2:18:b9:a3:
4f:9b:b0:89:a6:13:07:56:b1:a7:81:98:41:50:98:
0f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:89:28:67:CA:14:A3:F9:5D:98:5E:0F:21:0D:D7:06:A2:D4:33:1C
X509v3 Authority Key Identifier:
keyid:04:00:D7:7E:F9:EA:0E:D2:95:2B:E2:F6:0F:AD:3A:EC:C2:E1:68:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BADXfvnqDtKVK-L2D6067MLhaKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/98c5c3-9928-4957-9448-a60138c1c046/1/UokoZ8oUo_ldmF4PIQ3XBqLUMxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/98c5c3-9928-4957-9448-a60138c1c046/1/BADXfvnqDtKVK-L2D6067MLhaKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.196.0/23
IPv6:
2a05:19c0::/47
Signature Algorithm: sha256WithRSAEncryption
8a:9a:a1:73:51:b8:a9:92:e7:90:9b:fe:ed:80:6d:42:42:c6:
46:87:68:c1:18:5e:d1:50:df:13:16:b6:b8:d8:29:fd:5a:ac:
c9:0e:48:fb:14:51:64:e0:93:b7:a2:07:c0:6f:9f:b6:9b:47:
56:08:0a:05:c2:6e:6b:42:ae:0f:56:ba:20:bf:51:8c:f5:0a:
e1:81:b3:a7:5d:ca:54:21:b2:fe:63:12:6f:20:e0:55:88:69:
c8:c7:dd:61:92:86:02:18:76:90:f9:2e:6a:c9:b2:d0:6d:f2:
35:06:da:76:ed:62:bc:d4:2d:19:5d:f0:10:9a:05:ec:f4:0e:
80:79:9f:32:38:cf:b0:27:f5:9a:bb:48:e7:b3:06:22:37:e0:
89:a9:94:81:ab:a6:05:fd:68:67:7f:29:e2:d1:ce:87:fc:20:
15:68:0c:04:02:f6:71:a3:7d:e9:03:99:5b:dc:10:c2:9d:bf:
02:1e:2e:95:74:8b:e7:d0:fb:3d:4f:1f:ef:69:4b:9c:b8:cd:
87:68:99:2e:bc:ef:c9:19:37:78:82:40:c1:f5:b1:a2:3e:9a:
63:20:7c:75:4d:97:90:ae:5f:fd:d2:50:7b:73:37:f6:b9:83:
3d:72:f9:3e:e1:1a:75:a1:4c:02:2d:01:c9:39:cb:22:4c:7a:
c7:f7:27:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcRAdneQfSvATF6HuilJmDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MDBkNzdlZjllYTBlZDI5NTJiZTJmNjBmYWQzYWVjYzJl
MTY4YWMwHhcNMjMwMzI0MDAyNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjg5Mjg2N2NhMTRhM2Y5NWQ5ODVlMGYyMTBkZDcwNmEyZDQzMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiUjWCbHKMnCApYefjZ1rN8Fg5iy
RV3dT8NIYY471HplmCffYq/klI8klUoQtfgWSLjMPZ88/2qfMOSQ59j3zoi+uc0J
xnjRdmdNqLWly7eW/Y7qT9gj3YeUFGwonvbhASd1d2lXG13CaBacWJWMVZ+7oZM6
fdNxaSqsLXw1pI58wQ9O4A7kF5OEmqzCL9DtGzrhdJtkDtVcwcLEp8Njpt4oZ7wK
IniSZ5rUwOEmivnwN4k+b2GTFcjhzELaeJeSrQXZwLTqFIxIM0aH/uTwotu5D1LN
tEFqwWJPxjzuk9PeC7M7zaRzDQiJ//IYuaNPm7CJphMHVrGngZhBUJgPhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFKJKGfKFKP5XZheDyEN1wai1DMcMB8GA1UdIwQY
MBaAFAQA13756g7SlSvi9g+tOuzC4WisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkFEWGZ2bnFEdEtWSy1MMkQ2MDY3TUxoYUt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85OGM1YzMtOTkyOC00OTU3LTk0NDgt
YTYwMTM4YzFjMDQ2LzEvVW9rb1o4b1VvX2xkbUY0UElRM1hCcUxVTXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85OGM1YzMtOTkyOC00OTU3LTk0NDgtYTYwMTM4YzFjMDQ2
LzEvQkFEWGZ2bnFEdEtWSy1MMkQ2MDY3TUxoYUt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuUTEMA8E
AgACMAkDBwEqBRnAAAAwDQYJKoZIhvcNAQELBQADggEBAIqaoXNRuKmS55Cb/u2A
bUJCxkaHaMEYXtFQ3xMWtrjYKf1arMkOSPsUUWTgk7eiB8Bvn7abR1YICgXCbmtC
rg9WuiC/UYz1CuGBs6ddylQhsv5jEm8g4FWIacjH3WGShgIYdpD5LmrJstBt8jUG
2nbtYrzULRld8BCaBez0DoB5nzI4z7An9Zq7SOezBiI34ImplIGrpgX9aGd/KeLR
zof8IBVoDAQC9nGjfekDmVvcEMKdvwIeLpV0i+fQ+z1PH+9pS5y4zYdomS6878kZ
N3iCQMH1saI+mmMgfHVNl5CuX/3SUHtzN/a5gz1y+T7hGnWhTAItAck5yyJMesf3
J/Y=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:22 2023 by rpki-client on console-ams.rpki-client.org