Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/UqhsS9Gz93KASGxQGpC79kaN6_I.roa
File: UqhsS9Gz93KASGxQGpC79kaN6_I.roa (raw, json)
Hash identifier: vu4+LVqHGKVZIU7viih9w/PjxbNP3/g5zePhC7ay7GA=
Subject key identifier: 52:A8:6C:4B:D1:B3:F7:72:80:48:6C:50:1A:90:BB:F6:46:8D:EB:F2
Certificate issuer: /CN=64b31dcd6bb5308029c4273230514f726b1b86ba
Certificate serial: 018570799E68905BEBE0D5A91EC0B59C1228
Authority key identifier: 64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/UqhsS9Gz93KASGxQGpC79kaN6_I.roa
Signing time: Mon 02 Jan 2023 03:14:56 +0000
ROA not before: Mon 02 Jan 2023 03:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135391
IP address blocks: 185.232.56.0/24 maxlen: 24
185.232.58.0/24 maxlen: 24
185.232.57.0/24 maxlen: 24
185.232.59.0/24 maxlen: 24
2a0d:5300:300::/40 maxlen: 40
2a0d:5300::/40 maxlen: 40
2a0d:5300:100::/40 maxlen: 40
2a0d:5300:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:9e:68:90:5b:eb:e0:d5:a9:1e:c0:b5:9c:12:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b31dcd6bb5308029c4273230514f726b1b86ba
Validity
Not Before: Jan 2 03:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52a86c4bd1b3f77280486c501a90bbf6468debf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4f:e9:72:e9:b6:c1:df:ec:2d:d9:af:00:79:
22:1f:d3:5d:0f:0d:d2:0f:96:25:57:7c:4e:8c:04:
aa:85:e9:3a:62:db:64:57:cb:d5:dd:34:51:d1:41:
cd:9d:a4:73:e4:33:35:06:e0:d8:a7:69:b9:40:c8:
7d:64:e0:cb:73:2f:7f:24:ee:e9:96:6b:e1:a2:94:
bd:2c:67:76:dd:10:a9:d8:e3:ea:ad:e0:42:a9:af:
14:93:db:ef:ab:ed:22:ea:5b:aa:a4:30:95:9c:d3:
6c:d4:21:7a:e9:59:85:11:0c:a1:74:2e:d5:7d:4c:
03:47:f2:22:e1:b6:1b:e7:2b:45:a6:c3:44:86:46:
c3:71:76:25:37:23:9e:a9:4c:5b:f3:c1:6c:e7:71:
05:62:1a:9e:ff:01:d7:49:e1:18:88:af:a2:74:2a:
41:9b:86:32:08:72:de:9c:5f:f3:32:5a:3b:05:4f:
38:7f:67:41:74:c5:38:fb:55:8a:f2:07:db:f4:1e:
08:ec:5e:6b:7b:e3:8b:de:53:33:3a:2e:1b:6e:89:
81:77:1e:aa:29:6c:38:57:ea:6d:32:2b:1c:a8:56:
db:7e:36:90:f0:1a:3f:18:f0:40:de:55:d1:20:08:
04:4d:f3:f0:26:b8:af:81:32:f4:87:5b:87:06:31:
68:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A8:6C:4B:D1:B3:F7:72:80:48:6C:50:1A:90:BB:F6:46:8D:EB:F2
X509v3 Authority Key Identifier:
keyid:64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/UqhsS9Gz93KASGxQGpC79kaN6_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.56.0/22
IPv6:
2a0d:5300::/38
Signature Algorithm: sha256WithRSAEncryption
3e:ba:75:b7:58:4c:8d:f4:05:a4:3f:95:10:f0:d7:84:f2:3b:
50:37:41:88:3c:ae:b3:ac:39:bb:c0:7b:4b:b0:96:eb:d2:5e:
cd:6d:3a:9a:ab:b0:03:36:e0:82:1f:28:09:7b:f5:05:6f:2e:
96:5f:36:20:b6:99:71:83:e6:67:ee:50:e8:d8:96:12:27:ea:
7a:3e:3a:1c:8c:94:dd:15:61:25:ae:5f:78:0c:a2:51:4b:e0:
41:00:ba:4c:b7:2d:67:0b:95:b7:a0:1d:b9:9e:a9:c6:b7:f1:
8d:18:ee:bf:5d:f9:1c:0b:17:44:ae:b4:09:35:17:77:3f:2b:
71:2f:8b:73:6d:ae:c6:14:e4:ce:7d:db:60:9b:b7:fc:ce:ee:
1a:c0:0e:5d:f7:1b:3d:bd:ae:3e:0d:7f:c7:6e:d1:33:9b:b9:
f9:cb:97:4e:e3:1e:2f:c2:b1:f6:bc:32:2c:0d:31:a4:d0:2b:
ad:32:8c:51:d6:38:c3:aa:e4:8f:51:60:96:d5:d6:d7:54:8e:
ba:7c:a3:a1:b9:5a:f5:e5:15:b5:ba:b1:cf:92:58:ae:5e:ef:
f4:8e:85:32:5c:07:56:b7:30:9f:03:41:ea:14:2b:88:56:d8:
84:19:cb:9e:2a:c4:28:29:1a:75:7b:18:3e:a4:2e:5f:08:65:
0f:d4:9a:02
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVweZ5okFvr4NWpHsC1nBIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjMxZGNkNmJiNTMwODAyOWM0MjczMjMwNTE0ZjcyNmIx
Yjg2YmEwHhcNMjMwMTAyMDMxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmE4NmM0YmQxYjNmNzcyODA0ODZjNTAxYTkwYmJmNjQ2OGRlYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE/pcum2wd/sLdmvAHkiH9NdDw3S
D5YlV3xOjASqhek6YttkV8vV3TRR0UHNnaRz5DM1BuDYp2m5QMh9ZODLcy9/JO7p
lmvhopS9LGd23RCp2OPqreBCqa8Uk9vvq+0i6luqpDCVnNNs1CF66VmFEQyhdC7V
fUwDR/Ii4bYb5ytFpsNEhkbDcXYlNyOeqUxb88Fs53EFYhqe/wHXSeEYiK+idCpB
m4YyCHLenF/zMlo7BU84f2dBdMU4+1WK8gfb9B4I7F5re+OL3lMzOi4bbomBdx6q
KWw4V+ptMiscqFbbfjaQ8Bo/GPBA3lXRIAgETfPwJrivgTL0h1uHBjFozwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFKobEvRs/dygEhsUBqQu/ZGjevyMB8GA1UdIwQY
MBaAFGSzHc1rtTCAKcQnMjBRT3JrG4a6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxNZHpXdTFNSUFweENjeU1GRlBjbXNiaHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85ODBkNmUtOGE5OS00MjYwLTgwNjQt
NDRhYjY4OWUxZDRkLzEvVXFoc1M5R3o5M0tBU0d4UUdwQzc5a2FONl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85ODBkNmUtOGE5OS00MjYwLTgwNjQtNDRhYjY4OWUxZDRk
LzEvWkxNZHpXdTFNSUFweENjeU1GRlBjbXNiaHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCueg4MA4E
AgACMAgDBgIqDVMAADANBgkqhkiG9w0BAQsFAAOCAQEAPrp1t1hMjfQFpD+VEPDX
hPI7UDdBiDyus6w5u8B7S7CW69JezW06mquwAzbggh8oCXv1BW8ull82ILaZcYPm
Z+5Q6NiWEifqej46HIyU3RVhJa5feAyiUUvgQQC6TLctZwuVt6AduZ6pxrfxjRju
v135HAsXRK60CTUXdz8rcS+Lc22uxhTkzn3bYJu3/M7uGsAOXfcbPb2uPg1/x27R
M5u5+cuXTuMeL8Kx9rwyLA0xpNArrTKMUdY4w6rkj1FgltXW11SOunyjobla9eUV
tbqxz5JYrl7v9I6FMlwHVrcwnwNB6hQriFbYhBnLnirEKCkadXsYPqQuXwhlD9Sa
Ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:20 2024 by rpki-client on console-fra.rpki-client.org