Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/UTg9Zq639ySUmsybh8jCAnStm7E.roa
File: UTg9Zq639ySUmsybh8jCAnStm7E.roa (raw, json)
Hash identifier: rjuyKsEGcjMoJDZZxV3gOvOtJ4EAbcZmLkmPqiEKYtA=
Subject key identifier: 51:38:3D:66:AE:B7:F7:24:94:9A:CC:9B:87:C8:C2:02:74:AD:9B:B1
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 01856E26505E84EE0219EBED5B9053DAA1C9
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/UTg9Zq639ySUmsybh8jCAnStm7E.roa
Signing time: Sun 01 Jan 2023 16:24:42 +0000
ROA not before: Sun 01 Jan 2023 16:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202468
IP address blocks: 130.185.120.0/22 maxlen: 24
185.235.40.0/22 maxlen: 24
194.5.192.0/23 maxlen: 24
194.5.206.0/23 maxlen: 24
185.204.168.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Feb 2023 09:55:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:50:5e:84:ee:02:19:eb:ed:5b:90:53:da:a1:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Jan 1 16:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51383d66aeb7f724949acc9b87c8c20274ad9bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:67:22:30:66:d0:d8:62:8f:67:d9:c9:4b:15:
9a:bf:c8:5c:e9:5a:73:1d:98:18:3f:5b:34:51:b8:
54:23:b0:19:48:5f:ef:62:6e:41:5d:27:ae:f5:c9:
01:f3:13:b7:34:cf:87:c6:b8:a9:8d:fb:88:4c:f6:
4a:08:db:ec:bd:4b:8c:ab:39:67:b8:4d:bd:0a:03:
bf:f0:70:8e:d6:5d:77:fa:0b:4a:3a:53:82:f5:0e:
50:ba:32:0d:4c:2b:87:88:15:d1:47:d8:d1:28:42:
02:60:f3:3f:41:ea:61:b9:0f:20:f1:93:10:6a:ce:
e4:af:8e:5c:3b:00:76:9b:cc:d0:a7:6e:11:79:9c:
68:36:c8:e9:bc:82:a3:94:b7:d0:76:4c:06:11:eb:
b3:8a:bf:d5:50:62:40:87:16:7d:10:5c:99:26:50:
69:d3:dc:07:91:f4:30:ea:33:18:82:6a:53:21:24:
46:a2:d5:2d:f1:be:e0:de:08:24:39:49:a0:a3:3b:
e9:dc:cd:b1:f0:91:13:89:fe:76:09:c9:19:68:08:
44:8f:68:a8:0a:e4:f9:ea:fb:47:21:21:10:9d:4b:
59:b1:c9:85:74:b1:ba:91:ad:68:1e:fc:64:d7:ba:
3b:bc:30:dc:e6:e4:13:55:ba:5d:d3:2e:09:c5:51:
64:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:38:3D:66:AE:B7:F7:24:94:9A:CC:9B:87:C8:C2:02:74:AD:9B:B1
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/UTg9Zq639ySUmsybh8jCAnStm7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
185.235.40.0/22
194.5.192.0/23
194.5.206.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:27:4f:82:a4:f3:02:6c:0b:4d:b6:6c:d6:18:71:0b:6d:c9:
96:6c:92:40:f6:5d:dd:d6:46:b7:b0:dc:24:93:40:95:55:3a:
3e:42:b5:eb:d3:99:4d:55:a3:0f:e8:d2:b2:2c:53:c3:0a:a1:
1c:2d:bc:fe:ef:b2:f4:61:a3:a0:78:fd:85:a8:29:5b:bb:45:
4a:ce:5c:4a:8c:ca:6c:c8:90:a7:06:3b:94:7f:0d:ce:63:ad:
46:30:45:b2:4d:72:f8:9a:4e:28:04:ff:3c:dd:cf:47:63:72:
3c:78:e0:1e:23:f3:cc:8e:4b:19:94:59:37:15:e3:c7:e0:42:
c6:08:d0:68:ff:46:7c:dd:ea:21:f3:16:86:8b:16:72:1e:22:
6d:72:e1:68:62:37:9e:dd:16:0b:bb:4f:b1:1f:8a:4e:41:a3:
3f:48:94:dc:20:6e:27:ac:90:84:68:98:07:10:58:62:57:8e:
d6:13:32:e9:d1:b5:51:3a:cd:32:a2:17:24:55:b6:a2:cb:83:
4f:25:47:c2:74:17:e2:ca:90:fe:ff:f9:86:dc:ef:b3:f2:c5:
b5:b1:ba:37:23:47:c5:bf:03:eb:49:70:73:4f:8c:f1:4b:28:
84:52:62:71:1b:ab:72:95:39:74:4c:b9:f0:56:36:b4:09:df:
7e:3e:ad:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVuJlBehO4CGevtW5BT2qHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjMwMTAxMTYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM4M2Q2NmFlYjdmNzI0OTQ5YWNjOWI4N2M4YzIwMjc0YWQ5YmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGciMGbQ2GKPZ9nJSxWav8hc6Vpz
HZgYP1s0UbhUI7AZSF/vYm5BXSeu9ckB8xO3NM+HxripjfuITPZKCNvsvUuMqzln
uE29CgO/8HCO1l13+gtKOlOC9Q5QujINTCuHiBXRR9jRKEICYPM/QephuQ8g8ZMQ
as7kr45cOwB2m8zQp24ReZxoNsjpvIKjlLfQdkwGEeuzir/VUGJAhxZ9EFyZJlBp
09wHkfQw6jMYgmpTISRGotUt8b7g3ggkOUmgozvp3M2x8JETif52CckZaAhEj2io
CuT56vtHISEQnUtZscmFdLG6ka1oHvxk17o7vDDc5uQTVbpd0y4JxVFkGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFE4PWaut/cklJrMm4fIwgJ0rZuxMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvVVRnOVpxNjM5eVNVbXN5Ymg4akNBblN0bTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCgrl4AwQC
ucyoAwQCuesoAwQBwgXAAwQBwgXOMA0GCSqGSIb3DQEBCwUAA4IBAQCiJ0+CpPMC
bAtNtmzWGHELbcmWbJJA9l3d1ka3sNwkk0CVVTo+QrXr05lNVaMP6NKyLFPDCqEc
Lbz+77L0YaOgeP2FqClbu0VKzlxKjMpsyJCnBjuUfw3OY61GMEWyTXL4mk4oBP88
3c9HY3I8eOAeI/PMjksZlFk3FePH4ELGCNBo/0Z83eoh8xaGixZyHiJtcuFoYjee
3RYLu0+xH4pOQaM/SJTcIG4nrJCEaJgHEFhiV47WEzLp0bVROs0yohckVbaiy4NP
JUfCdBfiypD+//mG3O+z8sW1sbo3I0fFvwPrSXBzT4zxSyiEUmJxG6tylTl0TLnw
Vja0Cd9+Pq06
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:06 2024 by rpki-client on console-fra.rpki-client.org