Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/uq68Es-CSIbsh8fhOyuzrodgdnU.roa
File: uq68Es-CSIbsh8fhOyuzrodgdnU.roa (raw, json)
Hash identifier: 8ZGvLKigp0vWkNJuGudd/AaLu6n2B/P2gXgQQYqEEVU=
Subject key identifier: BA:AE:BC:12:CF:82:48:86:EC:87:C7:E1:3B:2B:B3:AE:87:60:76:75
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 018836F5489745DFA617179499ED5E794C90
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/uq68Es-CSIbsh8fhOyuzrodgdnU.roa
Signing time: Sat 20 May 2023 02:20:24 +0000
ROA not before: Sat 20 May 2023 02:20:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.119.0/24 maxlen: 24
91.147.122.0/24 maxlen: 24
91.147.121.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:36:f5:48:97:45:df:a6:17:17:94:99:ed:5e:79:4c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: May 20 02:20:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baaebc12cf824886ec87c7e13b2bb3ae87607675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5f:84:e8:61:ec:d7:2f:36:3e:16:a2:b6:58:
08:a8:2c:e9:d9:8f:16:de:ac:d1:30:6a:eb:84:09:
4c:8e:5e:b4:28:27:59:a4:48:ea:b8:98:55:30:d7:
65:59:e2:3d:2e:8b:d5:a6:0c:9a:01:21:4d:92:f7:
98:74:db:5c:a1:29:3f:76:02:6d:a7:e7:32:72:ff:
a1:ad:66:c9:be:b8:ae:ec:1d:67:ed:7b:b1:48:61:
25:ed:86:f0:7a:0d:a9:b0:d8:0a:13:2f:44:a4:d5:
e6:f8:0e:58:13:e0:11:e9:8f:ea:75:ca:9d:a9:ea:
f6:ea:a9:94:d3:7d:72:93:7f:a3:1a:47:ea:d6:fa:
75:8b:7d:a2:0d:49:24:03:31:9c:40:46:d3:c3:69:
4b:86:af:1a:47:6c:5d:0f:30:19:2d:39:58:15:b1:
74:db:96:9f:e9:cc:d9:c7:6e:79:cb:0e:22:f8:29:
44:e6:6e:57:57:00:87:42:f1:f0:8f:32:3a:8e:05:
5f:c0:00:d1:c2:3f:f5:f7:fd:90:7b:44:6f:b1:37:
89:e3:a2:19:5d:39:eb:8c:af:3c:ae:23:3f:61:45:
53:cc:d8:2c:e6:c2:e2:36:ec:a2:a0:1f:31:7b:d6:
60:d9:b4:ec:2e:f3:4d:c4:ac:3b:a8:72:3c:48:1e:
a3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AE:BC:12:CF:82:48:86:EC:87:C7:E1:3B:2B:B3:AE:87:60:76:75
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/uq68Es-CSIbsh8fhOyuzrodgdnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.119.0/24
91.147.121.0-91.147.123.255
91.147.126.0/23
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
66:55:9f:bb:27:66:e1:f5:bf:51:50:51:72:f9:5b:70:76:d0:
fb:98:bf:6e:cd:30:a3:63:06:16:65:e0:e9:5f:a8:e5:45:db:
e6:0c:95:77:46:7e:07:3c:31:4a:26:ea:1f:aa:31:5d:8e:9e:
95:57:6e:2e:29:78:f4:cc:68:08:a7:9d:9e:f3:ce:2d:37:e9:
02:55:71:67:37:84:3e:c9:6d:b3:2d:d4:35:df:96:62:4a:e1:
7f:46:86:70:75:4a:84:54:62:8c:71:5c:34:f9:53:7e:ec:9a:
75:b4:d8:b1:b0:3f:43:c8:1d:b2:c1:60:84:b9:43:70:1c:31:
02:61:4b:ab:dd:70:cd:47:e5:8d:70:9a:2b:cc:eb:06:09:36:
a4:6b:11:de:22:47:e1:ed:b8:fd:0f:91:b8:06:ca:84:8f:5d:
8c:e5:22:73:2b:51:00:c8:6b:dc:9c:b5:aa:66:c6:e5:0f:75:
4e:4f:64:88:57:76:9c:2a:8a:ac:24:5c:0d:5e:6d:14:45:4f:
9b:02:c0:65:1d:18:d3:f9:0b:3c:d5:cb:02:d0:61:62:97:9b:
b8:6a:3d:d3:63:21:17:84:5e:35:f3:78:91:27:f2:c2:a3:ae:
7a:32:44:b2:7d:eb:dd:1b:cc:6b:21:40:92:93:69:e8:39:7d:
34:32:5d:a5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYg29UiXRd+mFxeUme1eeUyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwNTIwMDIyMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFlYmMxMmNmODI0ODg2ZWM4N2M3ZTEzYjJiYjNhZTg3NjA3Njc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1+E6GHs1y82PhaitlgIqCzp2Y8W
3qzRMGrrhAlMjl60KCdZpEjquJhVMNdlWeI9LovVpgyaASFNkveYdNtcoSk/dgJt
p+cycv+hrWbJvriu7B1n7XuxSGEl7Ybweg2psNgKEy9EpNXm+A5YE+AR6Y/qdcqd
qer26qmU031yk3+jGkfq1vp1i32iDUkkAzGcQEbTw2lLhq8aR2xdDzAZLTlYFbF0
25af6czZx255yw4i+ClE5m5XVwCHQvHwjzI6jgVfwADRwj/19/2Qe0RvsTeJ46IZ
XTnrjK88riM/YUVTzNgs5sLiNuyioB8xe9Zg2bTsLvNNxKw7qHI8SB6jxwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLquvBLPgkiG7IfH4Tsrs66HYHZ1MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvdXE2OEVzLUNTSWJzaDhmaE95dXpyb2RnZG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW5N3MAwD
BABbk3kDBAJbk3gDBAFbk34DBADUdPQDBADUdPYwDQYJKoZIhvcNAQELBQADggEB
AGZVn7snZuH1v1FQUXL5W3B20PuYv27NMKNjBhZl4OlfqOVF2+YMlXdGfgc8MUom
6h+qMV2OnpVXbi4pePTMaAinnZ7zzi036QJVcWc3hD7JbbMt1DXflmJK4X9GhnB1
SoRUYoxxXDT5U37smnW02LGwP0PIHbLBYIS5Q3AcMQJhS6vdcM1H5Y1wmivM6wYJ
NqRrEd4iR+HtuP0PkbgGyoSPXYzlInMrUQDIa9yctapmxuUPdU5PZIhXdpwqiqwk
XA1ebRRFT5sCwGUdGNP5CzzVywLQYWKXm7hqPdNjIReEXjXzeJEn8sKjrnoyRLJ9
690bzGshQJKTaeg5fTQyXaU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:52 2023 by rpki-client on console-ams.rpki-client.org