Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9UbtGp1FCJW0DeFiDeGDTBfBJ9Y.roa
File: 9UbtGp1FCJW0DeFiDeGDTBfBJ9Y.roa (raw, json)
Hash identifier: WwAhKHKNi/pasF0oJBpqAizqGD2zFJootKysdzY3iaM=
Subject key identifier: F5:46:ED:1A:9D:45:08:95:B4:0D:E1:62:0D:E1:83:4C:17:C1:27:D6
Certificate issuer: /CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Certificate serial: 01856B933B6650610F89871C2B4D6BF11AAE
Authority key identifier: F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9UbtGp1FCJW0DeFiDeGDTBfBJ9Y.roa
Signing time: Sun 01 Jan 2023 04:24:49 +0000
ROA not before: Sun 01 Jan 2023 04:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201791
IP address blocks: 195.35.114.0/23 maxlen: 24
185.103.76.0/22 maxlen: 22
2a06:2a80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 May 2023 14:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:3b:66:50:61:0f:89:87:1c:2b:4d:6b:f1:1a:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Validity
Not Before: Jan 1 04:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f546ed1a9d450895b40de1620de1834c17c127d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b8:29:7b:74:1e:a7:c8:2c:72:6e:b5:76:41:
ae:03:e9:6a:b0:bc:69:f0:8e:2f:86:1d:d6:5a:f3:
4b:f8:5c:35:71:f1:d5:a2:81:c5:5e:c8:8e:7b:c3:
95:49:78:0e:04:ac:4b:ac:5e:0d:7f:b7:5e:82:f1:
c6:ba:67:ba:dc:82:19:50:62:e2:91:64:ff:70:b4:
13:61:a2:2f:4b:8f:ac:af:83:f1:25:5e:28:21:dc:
4c:24:24:65:29:1d:42:ef:89:07:91:58:3d:6b:60:
38:ca:fd:a1:1a:78:54:ea:34:4d:20:b8:d4:f3:97:
f0:a9:c7:3f:e3:44:2b:ff:0c:5a:2f:00:74:72:fd:
08:c4:2d:79:9a:88:05:6b:32:7d:4d:d8:de:19:08:
07:6a:05:32:52:51:6f:71:96:cd:d2:e0:ec:2a:87:
87:cb:cc:ac:6d:19:ff:7c:f7:86:06:bb:d0:ed:b6:
32:19:60:a0:7a:cf:96:ef:73:b1:5b:43:b1:19:7c:
a2:6c:a4:a4:e4:b5:38:af:45:90:00:d6:95:9e:91:
a1:25:66:74:b1:ce:b2:ff:17:d3:54:65:38:f4:5b:
37:40:b2:e4:57:cf:54:99:82:c0:29:5e:40:12:bf:
82:3c:a8:38:d9:7e:ab:07:ff:be:80:58:af:19:f0:
90:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:46:ED:1A:9D:45:08:95:B4:0D:E1:62:0D:E1:83:4C:17:C1:27:D6
X509v3 Authority Key Identifier:
keyid:F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9UbtGp1FCJW0DeFiDeGDTBfBJ9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.76.0/22
195.35.114.0/23
IPv6:
2a06:2a80::/29
Signature Algorithm: sha256WithRSAEncryption
6c:b8:d8:4b:22:d2:12:d8:72:19:85:58:73:1a:a4:49:80:c6:
9f:5a:7c:9f:6d:f1:dc:f2:6c:f5:f3:3b:95:dd:d1:04:cb:e8:
b3:ed:e8:ec:a0:09:81:c4:2d:c7:22:13:be:6b:f9:81:3e:a0:
8f:7d:a5:dc:00:a0:aa:f5:54:06:86:d6:8e:7d:b0:18:1c:c3:
ec:2e:18:09:d9:55:02:f3:1d:aa:58:ba:ef:4a:8e:c2:97:86:
b6:d9:55:60:67:7c:39:ac:1d:34:39:70:cc:37:74:7f:d6:b4:
6f:2b:9c:c1:50:ec:48:ba:87:0f:b3:14:29:87:59:47:3c:e1:
63:fb:52:ca:25:b3:ac:a5:19:5c:a0:27:91:36:48:b7:21:eb:
c6:e7:26:87:27:3e:2b:49:d8:d2:f3:80:4c:21:bb:31:86:f4:
4a:01:c0:5b:46:ce:a7:da:ef:1c:d8:e3:99:4e:3c:e8:e7:60:
19:e6:8d:24:bd:7a:0b:e2:27:6a:29:2b:87:4f:70:f4:c4:f4:
46:b5:8a:f0:47:bf:0d:7e:f1:95:8f:76:f8:ce:2a:82:e4:52:
8f:2e:1c:e2:91:f5:33:7f:b3:34:ba:b7:7a:7c:83:a2:d0:8f:
1b:5b:16:2d:17:c1:56:06:eb:37:91:47:86:db:a1:ca:de:69:
c4:3a:72:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrkztmUGEPiYccK01r8RquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NmIyMDQ5YjNhOWFhNmYyMzY4ZTZlZWI0YmZjZDE2Nzk1
M2E1ZTkwHhcNMjMwMTAxMDQyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTQ2ZWQxYTlkNDUwODk1YjQwZGUxNjIwZGUxODM0YzE3YzEyN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibgpe3Qep8gscm61dkGuA+lqsLxp
8I4vhh3WWvNL+Fw1cfHVooHFXsiOe8OVSXgOBKxLrF4Nf7degvHGume63IIZUGLi
kWT/cLQTYaIvS4+sr4PxJV4oIdxMJCRlKR1C74kHkVg9a2A4yv2hGnhU6jRNILjU
85fwqcc/40Qr/wxaLwB0cv0IxC15mogFazJ9TdjeGQgHagUyUlFvcZbN0uDsKoeH
y8ysbRn/fPeGBrvQ7bYyGWCges+W73OxW0OxGXyibKSk5LU4r0WQANaVnpGhJWZ0
sc6y/xfTVGU49Fs3QLLkV89UmYLAKV5AEr+CPKg42X6rB/++gFivGfCQ2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPVG7RqdRQiVtA3hYg3hg0wXwSfWMB8GA1UdIwQY
MBaAFPVrIEmzqapvI2jm7rS/zRZ5U6XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdzZ1NiT3BxbThqYU9idXRMX05GbmxUcGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kMWE3MWMtYjhmOC00MTJkLTlkYTEt
MjQwMWI3NDIwNmYzLzEvOVVidEdwMUZDSlcwRGVGaURlR0RUQmZCSjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kMWE3MWMtYjhmOC00MTJkLTlkYTEtMjQwMWI3NDIwNmYz
LzEvOVdzZ1NiT3BxbThqYU9idXRMX05GbmxUcGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWdMAwQB
wyNyMA0EAgACMAcDBQMqBiqAMA0GCSqGSIb3DQEBCwUAA4IBAQBsuNhLItIS2HIZ
hVhzGqRJgMafWnyfbfHc8mz18zuV3dEEy+iz7ejsoAmBxC3HIhO+a/mBPqCPfaXc
AKCq9VQGhtaOfbAYHMPsLhgJ2VUC8x2qWLrvSo7Cl4a22VVgZ3w5rB00OXDMN3R/
1rRvK5zBUOxIuocPsxQph1lHPOFj+1LKJbOspRlcoCeRNki3IevG5yaHJz4rSdjS
84BMIbsxhvRKAcBbRs6n2u8c2OOZTjzo52AZ5o0kvXoL4idqKSuHT3D0xPRGtYrw
R78NfvGVj3b4ziqC5FKPLhzikfUzf7M0urd6fIOi0I8bWxYtF8FWBus3kUeG26HK
3mnEOnJ9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:07 2024 by rpki-client on console-fra.rpki-client.org