Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UubPS-Ryhf_IfgGXnILxO-PaWQw.roa
File: UubPS-Ryhf_IfgGXnILxO-PaWQw.roa (raw, json)
Hash identifier: wI+6wws+6L/cy4Ml1o7sBT2zf8URZ65OehpI+16KxRg=
Subject key identifier: 52:E6:CF:4B:E4:72:85:FF:C8:7E:01:97:9C:82:F1:3B:E3:DA:59:0C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018804CE9E1FF13DA2ACF51D5AC1FC0ECE8E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UubPS-Ryhf_IfgGXnILxO-PaWQw.roa
Signing time: Wed 10 May 2023 08:37:09 +0000
ROA not before: Wed 10 May 2023 08:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62068
IP address blocks: 84.32.70.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.9.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 05:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:ce:9e:1f:f1:3d:a2:ac:f5:1d:5a:c1:fc:0e:ce:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 10 08:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52e6cf4be47285ffc87e01979c82f13be3da590c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:60:2d:3e:47:bb:78:b5:ef:a1:82:c3:f7:0d:
7a:d1:33:a8:4e:4b:c8:5a:47:a7:04:9b:78:bc:85:
87:51:b7:e0:35:03:00:12:16:61:7b:ea:a8:ab:0c:
b4:29:17:9e:0c:96:23:70:d9:6c:88:4a:c5:05:c5:
28:e7:5a:44:52:69:a0:98:8d:c3:f4:8b:af:ed:fb:
8b:4b:9b:f6:48:8e:d7:be:10:29:6d:12:63:86:52:
23:c7:a9:89:62:bc:23:07:21:38:dd:54:77:14:d6:
8f:c7:88:cd:c4:9d:fc:58:2b:50:0d:2d:40:a5:e8:
ac:18:dd:17:a4:28:52:9c:79:1f:6a:9c:4a:96:b3:
84:81:81:33:0c:9a:54:93:1c:0d:c3:14:bb:4c:fe:
01:9d:7c:e9:8b:d3:9d:7b:b0:a9:b3:b6:b8:ba:a6:
0d:a2:6d:2a:9a:41:dd:19:0e:ea:8f:e2:99:f4:af:
bf:2a:b1:f2:d0:22:eb:de:48:96:25:ba:f3:fc:af:
ee:3c:f5:06:07:40:71:5a:d1:73:17:52:8a:4c:d9:
4b:73:27:ae:63:e1:20:ed:2d:db:4f:2e:20:f9:40:
b0:85:30:34:7b:6b:66:ed:bd:57:60:93:fd:7b:8c:
75:ed:ba:3b:c9:cb:4a:ce:ae:50:ec:98:ca:7e:7b:
36:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E6:CF:4B:E4:72:85:FF:C8:7E:01:97:9C:82:F1:3B:E3:DA:59:0C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UubPS-Ryhf_IfgGXnILxO-PaWQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.14.0/24
84.32.48.0/24
84.32.70.0/24
84.32.89.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:0c:88:ce:c4:a5:8f:0d:56:da:e3:7a:96:87:6a:d9:54:77:
43:87:2d:61:ae:cb:b9:61:43:a7:67:89:31:37:cd:84:3e:27:
2f:82:d1:f1:ab:32:9a:a4:ee:7e:f6:5f:5c:f2:2c:38:15:9e:
a8:9f:de:32:e4:75:a7:f9:3e:57:94:56:79:31:f7:f4:48:c5:
9f:6c:7f:03:2e:87:a2:1e:26:ee:e3:e9:21:bd:66:f4:b5:2c:
28:4d:6f:74:83:0b:d5:72:b9:3f:b7:a0:8a:2e:8c:82:a9:87:
4b:57:13:f7:76:ff:5c:cf:bf:b1:5f:b4:97:e2:cf:a7:23:c7:
93:5a:64:36:4a:33:11:2d:00:5d:77:d0:36:41:33:6d:c9:46:
d2:06:6e:01:36:a4:ad:75:df:6f:de:63:81:3e:26:25:b5:a0:
f2:32:fb:e5:28:52:9b:69:bb:b8:72:fa:17:dd:9d:d9:78:6c:
11:30:4c:2d:e2:12:fa:7d:2d:00:c7:55:53:6c:a2:4a:af:be:
4a:fc:f8:4f:fc:f5:35:c7:d5:70:03:e2:dd:b6:90:fc:56:0b:
df:22:bd:27:9a:ce:66:54:9f:b4:e2:aa:28:4a:1c:0c:98:20:
66:e2:fc:22:db:1e:86:0d:4a:63:5c:92:86:8f:8a:b8:15:d5:
e8:4e:1b:44
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgEzp4f8T2irPUdWsH8Ds6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTEwMDgzNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU2Y2Y0YmU0NzI4NWZmYzg3ZTAxOTc5YzgyZjEzYmUzZGE1OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGAtPke7eLXvoYLD9w160TOoTkvI
WkenBJt4vIWHUbfgNQMAEhZhe+qoqwy0KReeDJYjcNlsiErFBcUo51pEUmmgmI3D
9Iuv7fuLS5v2SI7XvhApbRJjhlIjx6mJYrwjByE43VR3FNaPx4jNxJ38WCtQDS1A
peisGN0XpChSnHkfapxKlrOEgYEzDJpUkxwNwxS7TP4BnXzpi9Ode7Cps7a4uqYN
om0qmkHdGQ7qj+KZ9K+/KrHy0CLr3kiWJbrz/K/uPPUGB0BxWtFzF1KKTNlLcyeu
Y+Eg7S3bTy4g+UCwhTA0e2tm7b1XYJP9e4x17bo7yctKzq5Q7JjKfns2+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFLmz0vkcoX/yH4Bl5yC8Tvj2lkMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVXViUFMtUnloZl9JZmdHWG5JTHhPLVBhV1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAJAwQA
VCAOAwQAVCAwAwQAVCBGAwQAVCBZMA0GCSqGSIb3DQEBCwUAA4IBAQAaDIjOxKWP
DVba43qWh2rZVHdDhy1hrsu5YUOnZ4kxN82EPicvgtHxqzKapO5+9l9c8iw4FZ6o
n94y5HWn+T5XlFZ5Mff0SMWfbH8DLoeiHibu4+khvWb0tSwoTW90gwvVcrk/t6CK
LoyCqYdLVxP3dv9cz7+xX7SX4s+nI8eTWmQ2SjMRLQBdd9A2QTNtyUbSBm4BNqSt
dd9v3mOBPiYltaDyMvvlKFKbabu4cvoX3Z3ZeGwRMEwt4hL6fS0Ax1VTbKJKr75K
/PhP/PU1x9VwA+LdtpD8VgvfIr0nms5mVJ+04qooShwMmCBm4vwi2x6GDUpjXJKG
j4q4FdXoThtE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org