Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cukqDFWx3wuNzV3ZKQYGot5ZOWY.roa
File: cukqDFWx3wuNzV3ZKQYGot5ZOWY.roa (raw, json)
Hash identifier: /Ws7f0aM5y30vPQqdqYW0aAqV8mjDDnUcFcu8UPy+yk=
Subject key identifier: 72:E9:2A:0C:55:B1:DF:0B:8D:CD:5D:D9:29:06:06:A2:DE:59:39:66
Certificate issuer: /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial: 0188AFE5ADCFA7FDE1B1B4618CC1012A44E1
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cukqDFWx3wuNzV3ZKQYGot5ZOWY.roa
Signing time: Mon 12 Jun 2023 13:57:24 +0000
ROA not before: Mon 12 Jun 2023 13:57:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 86.62.28.0/24 maxlen: 24
86.62.29.0/24 maxlen: 24
86.62.30.0/24 maxlen: 24
194.36.32.0/23 maxlen: 23
45.80.30.0/24 maxlen: 24
45.80.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Jun 2023 14:53:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:e5:ad:cf:a7:fd:e1:b1:b4:61:8c:c1:01:2a:44:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Validity
Not Before: Jun 12 13:57:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72e92a0c55b1df0b8dcd5dd9290606a2de593966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:64:d3:dd:58:55:4a:5d:7c:a3:5d:01:f4:1b:
7b:45:9a:73:7b:94:a0:cc:b9:e0:90:64:be:51:92:
ab:e5:49:5b:86:6d:15:6b:68:1f:3f:0a:dc:0f:87:
32:f7:ec:da:38:10:e0:d3:81:68:e7:97:d0:0b:8d:
9c:4a:29:55:42:00:94:c4:a4:ff:c6:e7:ff:20:5b:
f1:79:10:5e:9b:46:c1:87:b8:c3:bd:70:de:82:cb:
59:50:4e:b5:82:7e:2c:3c:52:90:d8:03:1e:37:c7:
43:fd:9a:5c:72:92:7c:96:10:bb:c0:27:25:d6:a9:
37:f0:05:7f:6d:0d:23:01:5b:5f:2b:28:9e:eb:dd:
93:5f:46:d9:e6:07:17:80:55:ef:98:76:c2:09:74:
f5:a6:54:2e:3d:8e:e7:45:3d:ab:e4:6e:b5:1e:76:
33:4f:ee:94:ac:5b:38:92:08:95:c2:20:78:b9:00:
94:03:01:7f:86:37:6d:38:0f:ac:0c:99:fa:61:62:
db:18:da:61:06:4d:87:7c:f1:20:f6:71:60:a3:39:
90:ba:de:ca:c4:e4:6a:1e:69:2a:49:70:ac:ba:64:
6e:69:31:9c:0a:56:14:07:32:56:08:dd:b6:83:19:
13:de:f8:1f:0b:10:5d:94:35:79:8e:d9:2a:40:af:
23:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E9:2A:0C:55:B1:DF:0B:8D:CD:5D:D9:29:06:06:A2:DE:59:39:66
X509v3 Authority Key Identifier:
keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/cukqDFWx3wuNzV3ZKQYGot5ZOWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.30.0/23
86.62.28.0-86.62.30.255
194.36.32.0/23
Signature Algorithm: sha256WithRSAEncryption
74:25:0a:35:e6:0b:b6:43:0a:b1:0c:66:d5:b5:13:0d:7e:06:
4b:55:ca:db:1a:6a:3e:49:92:65:ba:d3:58:9b:52:d3:b9:3d:
ec:56:d1:0d:c9:d3:f7:0c:b1:78:fb:53:d4:cb:93:d8:a1:36:
b4:f9:12:49:e1:ef:4f:19:4c:77:48:62:5e:29:38:c8:9a:86:
62:47:b4:19:a4:e1:b8:16:bc:3e:2b:34:15:65:d2:fe:e1:38:
8e:f3:63:d5:b4:96:55:87:d5:43:5f:ca:9d:ee:1f:24:bd:b6:
48:a5:1e:e5:4e:32:05:39:9b:ab:1b:8e:50:e2:4d:25:6b:97:
7c:a6:ee:4b:01:2a:c4:10:7f:c3:85:95:34:fb:bb:70:3f:10:
a6:03:91:28:ca:2f:13:7f:12:ad:d6:73:a8:b5:c2:8d:fc:8b:
63:e1:30:f8:b1:99:55:c4:a5:94:2b:be:15:3e:90:0b:fd:99:
8a:28:d8:ba:57:5f:19:aa:04:76:14:1c:d2:92:9b:2a:91:d2:
cf:98:15:68:d3:75:2b:8d:95:fa:29:93:f3:84:0e:77:31:67:
85:a6:0c:08:87:a5:83:5f:53:c9:61:bf:07:39:90:5e:81:f0:
f0:82:1e:21:df:5d:bc:18:86:cd:58:2f:a6:f2:ac:65:35:a2:
88:cf:a5:fc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYiv5a3Pp/3hsbRhjMEBKkThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMwNjEyMTM1NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmU5MmEwYzU1YjFkZjBiOGRjZDVkZDkyOTA2MDZhMmRlNTkzOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2TT3VhVSl18o10B9Bt7RZpze5Sg
zLngkGS+UZKr5Ulbhm0Va2gfPwrcD4cy9+zaOBDg04Fo55fQC42cSilVQgCUxKT/
xuf/IFvxeRBem0bBh7jDvXDegstZUE61gn4sPFKQ2AMeN8dD/ZpccpJ8lhC7wCcl
1qk38AV/bQ0jAVtfKyie692TX0bZ5gcXgFXvmHbCCXT1plQuPY7nRT2r5G61HnYz
T+6UrFs4kgiVwiB4uQCUAwF/hjdtOA+sDJn6YWLbGNphBk2HfPEg9nFgozmQut7K
xORqHmkqSXCsumRuaTGcClYUBzJWCN22gxkT3vgfCxBdlDV5jtkqQK8jFwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHLpKgxVsd8Ljc1d2SkGBqLeWTlmMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvY3VrcURGV3gzd3VOelYzWktRWUdvdDVaT1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLVAeMAwD
BAJWPhwDBABWPh4DBAHCJCAwDQYJKoZIhvcNAQELBQADggEBAHQlCjXmC7ZDCrEM
ZtW1Ew1+BktVytsaaj5JkmW601ibUtO5PexW0Q3J0/cMsXj7U9TLk9ihNrT5Eknh
708ZTHdIYl4pOMiahmJHtBmk4bgWvD4rNBVl0v7hOI7zY9W0llWH1UNfyp3uHyS9
tkilHuVOMgU5m6sbjlDiTSVrl3ym7ksBKsQQf8OFlTT7u3A/EKYDkSjKLxN/Eq3W
c6i1wo38i2PhMPixmVXEpZQrvhU+kAv9mYoo2LpXXxmqBHYUHNKSmyqR0s+YFWjT
dSuNlfopk/OEDncxZ4WmDAiHpYNfU8lhvwc5kF6B8PCCHiHfXbwYhs1YL6byrGU1
oojPpfw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org