Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/upu3mQHaGB6VNPHoEqNDbRe0724.roa
File: upu3mQHaGB6VNPHoEqNDbRe0724.roa (raw, json)
Hash identifier: Ks/rKT78c5RB1a9BlMoFmUGmyzOv0bl0yjQqNBnKpnE=
Subject key identifier: BA:9B:B7:99:01:DA:18:1E:95:34:F1:E8:12:A3:43:6D:17:B4:EF:6E
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 01856F390684770E54A0E8DE742ABE6461A5
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/upu3mQHaGB6VNPHoEqNDbRe0724.roa
Signing time: Sun 01 Jan 2023 21:24:46 +0000
ROA not before: Sun 01 Jan 2023 21:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202105
IP address blocks: 185.82.116.0/24 maxlen: 24
185.82.117.0/24 maxlen: 24
185.82.118.0/24 maxlen: 24
185.51.205.0/24 maxlen: 24
185.51.206.0/24 maxlen: 24
185.51.204.0/24 maxlen: 24
185.51.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Mar 2023 01:15:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:06:84:77:0e:54:a0:e8:de:74:2a:be:64:61:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: Jan 1 21:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba9bb79901da181e9534f1e812a3436d17b4ef6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9d:19:84:bb:e3:3f:47:c2:8b:70:bb:d4:d2:
9e:c8:e4:4d:62:18:ce:61:af:ab:23:40:6e:4b:a6:
76:8b:e1:34:3d:9b:dc:b1:b8:65:b4:4f:a9:85:f1:
24:3b:41:7f:64:8b:db:78:ac:46:a4:f8:46:ec:a4:
c1:89:af:be:05:71:f2:ca:39:59:e5:6b:d1:77:5a:
c5:0a:e0:fd:a2:53:c5:c6:05:91:c5:f1:6b:02:ea:
aa:ac:3a:3c:d9:48:41:53:e8:bd:d5:54:e3:6f:6c:
f9:66:55:14:b8:49:ec:2a:ef:ca:3b:fa:48:c6:a2:
fa:08:c6:1a:83:40:24:dc:5f:b6:e6:0c:c8:5e:f2:
1b:23:e7:e6:ad:8b:4b:8b:de:93:86:12:02:7a:70:
13:48:d4:d7:cf:17:5d:1e:c6:ae:6d:7e:12:09:ee:
82:22:58:0b:c9:73:74:d9:3d:62:ea:e6:e5:40:03:
f0:31:ad:44:db:94:9c:f4:2a:80:2e:a2:34:76:2f:
e0:f0:05:80:62:de:f9:75:fd:0d:d4:d6:26:08:8c:
a1:b0:d6:93:30:43:d4:67:81:5f:ce:e5:18:51:50:
fd:cc:b8:f8:9c:e3:1c:2c:15:9c:a8:ce:f3:23:4a:
76:19:7a:82:e2:6b:f2:08:40:c1:1f:f1:2e:91:32:
e8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9B:B7:99:01:DA:18:1E:95:34:F1:E8:12:A3:43:6D:17:B4:EF:6E
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/upu3mQHaGB6VNPHoEqNDbRe0724.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.204.0/22
185.82.116.0-185.82.118.255
Signature Algorithm: sha256WithRSAEncryption
30:c8:6e:1c:6f:ac:53:4e:66:ca:db:d0:4e:06:d6:d0:0a:fc:
84:d4:fa:b0:c2:6f:da:fb:49:5e:4b:54:74:10:a8:77:7b:3a:
5b:2f:57:b1:a8:84:1d:6a:1d:04:a2:ff:38:fc:51:c9:5a:46:
04:a0:98:f2:1d:79:4d:29:7d:f8:1b:81:c0:6e:00:4e:7c:6f:
bc:91:0c:57:10:d1:90:1c:1c:8c:3a:a3:be:83:a7:db:35:0f:
b6:66:ee:75:a3:53:4d:58:9c:94:7a:9d:a2:a4:f4:c8:a5:d1:
67:f4:0a:e8:7d:a7:c9:6d:80:94:ec:e6:32:15:37:bc:9f:08:
ea:bd:01:1a:54:3d:6d:96:61:07:c5:87:9d:31:1f:fb:fb:fd:
0b:e8:f3:d5:6b:bf:9b:f9:10:de:8f:2a:9f:47:d2:25:69:1b:
55:1d:30:48:e4:99:3c:49:65:08:f0:34:17:5e:a0:8e:44:3a:
e4:cb:33:ae:aa:81:ca:e8:05:36:c5:b4:ca:f3:6c:40:77:7e:
38:1f:bd:46:73:6e:5e:d2:42:03:cc:57:68:ef:cc:16:0d:28:
08:b2:52:d6:ae:f9:ae:e5:24:06:f0:90:4f:4c:0a:bf:9e:00:
af:4b:70:2b:6d:89:09:2b:49:95:5d:48:2e:64:4c:23:29:35:
4e:89:ef:fc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvOQaEdw5UoOjedCq+ZGGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OWVmZTZlZjk3NzI4YTQyODJhZTJjN2IwNWEyNDA1MDY1
NzFmMWMwHhcNMjMwMTAxMjEyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTliYjc5OTAxZGExODFlOTUzNGYxZTgxMmEzNDM2ZDE3YjRlZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp0ZhLvjP0fCi3C71NKeyORNYhjO
Ya+rI0BuS6Z2i+E0PZvcsbhltE+phfEkO0F/ZIvbeKxGpPhG7KTBia++BXHyyjlZ
5WvRd1rFCuD9olPFxgWRxfFrAuqqrDo82UhBU+i91VTjb2z5ZlUUuEnsKu/KO/pI
xqL6CMYag0Ak3F+25gzIXvIbI+fmrYtLi96ThhICenATSNTXzxddHsaubX4SCe6C
IlgLyXN02T1i6ublQAPwMa1E25Sc9CqALqI0di/g8AWAYt75df0N1NYmCIyhsNaT
MEPUZ4FfzuUYUVD9zLj4nOMcLBWcqM7zI0p2GXqC4mvyCEDBH/EukTLoCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLqbt5kB2hgelTTx6BKjQ20XtO9uMB8GA1UdIwQY
MBaAFJWe/m75dyikKCrix7BaJAUGVx8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUt
YTA5MjY2YmI0ZDhjLzEvdXB1M21RSGFHQjZWTlBIb0VxTkRiUmUwNzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUtYTA5MjY2YmI0ZDhj
LzEvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuTPMMAwD
BAK5UnQDBAC5UnYwDQYJKoZIhvcNAQELBQADggEBADDIbhxvrFNOZsrb0E4G1tAK
/ITU+rDCb9r7SV5LVHQQqHd7OlsvV7GohB1qHQSi/zj8UclaRgSgmPIdeU0pffgb
gcBuAE58b7yRDFcQ0ZAcHIw6o76Dp9s1D7Zm7nWjU01YnJR6naKk9Mil0Wf0Cuh9
p8ltgJTs5jIVN7yfCOq9ARpUPW2WYQfFh50xH/v7/Qvo89Vrv5v5EN6PKp9H0iVp
G1UdMEjkmTxJZQjwNBdeoI5EOuTLM66qgcroBTbFtMrzbEB3fjgfvUZzbl7SQgPM
V2jvzBYNKAiyUtau+a7lJAbwkE9MCr+eAK9LcCttiQkrSZVdSC5kTCMpNU6J7/w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:54 2024 by rpki-client on console-ams.rpki-client.org