Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lU1ZubWMQTlbGX4-BUZbpWr5ax4.roa
File: lU1ZubWMQTlbGX4-BUZbpWr5ax4.roa (raw, json)
Hash identifier: /zEFLzFKkglVk5VazoGc3xrleTHH+gngBJchJgph6uw=
Subject key identifier: 95:4D:59:B9:B5:8C:41:39:5B:19:7E:3E:05:46:5B:A5:6A:F9:6B:1E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188FDC4DEF38B2D1400583BCFB648E3F430
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lU1ZubWMQTlbGX4-BUZbpWr5ax4.roa
Signing time: Tue 27 Jun 2023 16:51:57 +0000
ROA not before: Tue 27 Jun 2023 16:51:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 04 Aug 2023 22:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fd:c4:de:f3:8b:2d:14:00:58:3b:cf:b6:48:e3:f4:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 27 16:51:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=954d59b9b58c41395b197e3e05465ba56af96b1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f5:db:3c:20:23:c2:b9:1a:43:13:9a:b0:03:
0d:b0:80:03:55:c0:a7:f8:2e:a4:bb:56:89:ea:43:
15:24:d7:06:1b:27:c0:a1:d6:bb:b9:86:c2:03:f9:
3c:0e:2a:87:2a:1f:5f:f0:4b:b9:aa:33:b3:65:b1:
3b:2d:82:31:8e:89:b8:3f:e3:f7:d0:eb:eb:4f:07:
20:39:10:29:37:c7:74:1d:d6:03:2e:54:e4:93:40:
c7:5e:f7:40:9e:02:2e:b7:4c:97:e8:93:a8:78:c7:
a1:06:1e:5c:19:cc:61:bb:27:84:64:1f:b3:47:2e:
f8:7c:0a:f4:25:ac:e9:ee:b5:ec:e9:94:d8:e5:2f:
45:7a:41:29:3b:0b:e4:b8:2b:0a:28:dc:ef:69:aa:
65:31:1e:36:b8:58:45:fa:27:f6:15:ad:0d:fa:7d:
f6:a2:26:01:b6:04:57:a7:d3:66:a2:aa:33:14:45:
b0:32:f6:b5:7b:a4:4a:2a:4b:94:83:ee:5f:2a:a2:
42:2b:35:82:0c:ce:b6:54:11:58:8a:33:36:8b:fb:
42:e9:52:9b:19:a0:08:9d:90:77:3e:31:3b:62:2d:
8f:d4:96:08:37:39:83:82:92:3b:a6:b8:11:c7:02:
0d:50:39:89:cb:02:36:21:8f:80:fc:36:83:2e:ff:
6e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4D:59:B9:B5:8C:41:39:5B:19:7E:3E:05:46:5B:A5:6A:F9:6B:1E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lU1ZubWMQTlbGX4-BUZbpWr5ax4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
08:59:2a:d9:60:b8:2c:e1:e7:40:ff:a2:60:30:52:98:4d:df:
d7:0e:95:81:7d:df:4a:f6:56:c1:15:aa:e5:7e:6b:2d:cf:99:
ee:24:00:dc:a2:35:fa:b9:2e:35:72:17:68:2a:59:3e:4c:10:
90:59:5d:47:c6:14:1c:4f:b0:d4:cd:9a:56:1d:f5:fb:ea:1f:
d6:2d:36:2e:7a:7d:ce:7f:15:36:5f:8b:36:fa:f0:56:b8:57:
41:33:c2:d1:62:39:e3:54:95:6e:01:fc:6b:c1:ca:a3:08:9e:
8c:78:c1:73:4d:f8:18:32:3f:b6:58:07:56:35:de:f7:f4:61:
0b:04:5e:35:ad:6a:c2:eb:7e:36:17:c9:fa:a1:e8:68:bc:64:
04:d0:e8:02:de:9b:94:f1:bb:1d:e6:e6:32:b0:b3:3b:dc:9f:
f8:9a:99:df:18:48:e0:8e:de:fd:b4:46:73:7b:a5:92:eb:3c:
5a:70:b1:aa:f2:5e:cc:11:04:1d:24:05:78:b7:df:a9:2e:28:
28:c9:8e:57:50:d1:1f:a5:0f:ed:9f:64:8b:a6:8e:0e:1f:20:
d2:ce:0c:cb:b0:e7:ad:42:90:9c:89:53:9c:80:cc:5d:30:ed:
8e:ba:84:ef:70:a2:52:30:58:87:90:e6:6c:6b:21:e5:56:68:
25:8c:0f:b7
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYj9xN7ziy0UAFg7z7ZI4/QwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjI3MTY1MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRkNTliOWI1OGM0MTM5NWIxOTdlM2UwNTQ2NWJhNTZhZjk2YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvXbPCAjwrkaQxOasAMNsIADVcCn
+C6ku1aJ6kMVJNcGGyfAoda7uYbCA/k8DiqHKh9f8Eu5qjOzZbE7LYIxjom4P+P3
0OvrTwcgORApN8d0HdYDLlTkk0DHXvdAngIut0yX6JOoeMehBh5cGcxhuyeEZB+z
Ry74fAr0Jazp7rXs6ZTY5S9FekEpOwvkuCsKKNzvaaplMR42uFhF+if2Fa0N+n32
oiYBtgRXp9NmoqozFEWwMva1e6RKKkuUg+5fKqJCKzWCDM62VBFYijM2i/tC6VKb
GaAInZB3PjE7Yi2P1JYINzmDgpI7prgRxwINUDmJywI2IY+A/DaDLv9u0QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJVNWbm1jEE5Wxl+PgVGW6Vq+WseMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbFUxWnViV01RVGxiR1g0LUJVWmJwV3I1YXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAMBAIAATAGAwQAwjJvMDEE
AgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDMQAHQAwcEKhDMQQEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAIWSrZYLgs4edA/6JgMFKYTd/XDpWBfd9K9lbB
Farlfmstz5nuJADcojX6uS41chdoKlk+TBCQWV1HxhQcT7DUzZpWHfX76h/WLTYu
en3OfxU2X4s2+vBWuFdBM8LRYjnjVJVuAfxrwcqjCJ6MeMFzTfgYMj+2WAdWNd73
9GELBF41rWrC6342F8n6oehovGQE0OgC3puU8bsd5uYysLM73J/4mpnfGEjgjt79
tEZze6WS6zxacLGq8l7MEQQdJAV4t9+pLigoyY5XUNEfpQ/tn2SLpo4OHyDSzgzL
sOetQpCciVOcgMxdMO2OuoTvcKJSMFiHkOZsayHlVmgljA+3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org