Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/UvtU9dsfQDuNaZ1H_GhgB93YJtg.roa
File: UvtU9dsfQDuNaZ1H_GhgB93YJtg.roa (raw, json)
Hash identifier: iFVYsgeSNHY3YAlFgImArysoY7CeeG3cysIJhqKJxUQ=
Subject key identifier: 52:FB:54:F5:DB:1F:40:3B:8D:69:9D:47:FC:68:60:07:DD:D8:26:D8
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018CC500D6D63014993B368DE46F67650FD9
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/UvtU9dsfQDuNaZ1H_GhgB93YJtg.roa
Signing time: Mon 01 Jan 2024 12:30:15 +0000
ROA not before: Mon 01 Jan 2024 12:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 217.144.176.0/22 maxlen: 32
217.144.184.0/22 maxlen: 32
185.136.32.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 22 Jan 2024 14:50:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d6:d6:30:14:99:3b:36:8d:e4:6f:67:65:0f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 1 12:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52fb54f5db1f403b8d699d47fc686007ddd826d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:74:92:c9:79:ea:a8:97:7d:b4:55:f8:ef:fb:
73:bb:89:2c:83:14:33:76:3f:b3:0a:3a:63:04:5a:
40:d0:1c:7d:4f:34:7f:f0:79:2e:9f:e8:b7:69:23:
08:09:c9:f5:4d:42:c9:3e:9f:fc:36:e2:62:5e:04:
40:4d:a1:29:34:6d:ac:03:b3:24:0a:59:a8:22:6b:
30:f7:8a:ad:b3:f4:ad:46:d7:bf:34:cc:ee:ef:08:
52:bc:06:1a:17:ee:73:33:40:c3:22:8e:9a:b8:24:
e9:5a:72:c3:40:cd:6f:9d:83:d4:cf:77:2c:48:e6:
61:f7:7e:97:7e:79:4b:36:52:30:4e:2f:75:a2:65:
47:f0:6f:3b:3f:66:ea:0f:2e:69:46:49:ca:38:c5:
00:95:68:dc:ac:9f:ad:4e:22:8d:b1:af:ad:73:d0:
09:9f:85:8a:a8:7f:c6:9f:98:82:6a:cd:be:9a:8c:
d0:02:cc:8c:02:14:21:0a:84:9a:ea:9c:c0:05:b2:
cc:7b:f3:1b:1d:bb:94:52:ae:da:11:57:4a:72:5a:
ae:ed:81:03:50:27:ba:33:fc:fb:06:f4:cb:92:5c:
79:97:29:25:ba:0b:3b:d4:c1:68:1a:bf:02:81:f1:
be:a6:81:29:28:9d:84:86:33:87:2b:64:3a:17:0d:
fb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FB:54:F5:DB:1F:40:3B:8D:69:9D:47:FC:68:60:07:DD:D8:26:D8
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/UvtU9dsfQDuNaZ1H_GhgB93YJtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.32.0/22
217.144.176.0/22
217.144.184.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:86:e8:a6:96:68:fb:60:18:3b:7a:2e:fc:1e:d2:f1:2e:61:
09:c6:e7:f3:7a:87:f5:98:46:9e:fc:72:0e:b3:d5:e4:37:43:
9c:24:b2:8d:82:79:28:86:3f:69:8c:0e:79:00:bf:d0:a4:fc:
0f:9e:ca:6c:38:96:ec:46:4c:f4:7e:e6:5e:9d:29:d9:6e:23:
44:5e:9d:87:2c:d1:c3:54:09:f6:41:61:ae:43:bc:18:1d:f4:
de:35:71:b6:87:1f:23:24:2a:e2:da:26:c2:e2:cc:89:9b:4f:
49:e0:a7:b1:39:51:0d:0f:82:18:e7:ed:48:ff:4b:9c:cc:5f:
e2:91:d9:3e:9c:73:3b:e3:59:b0:0d:88:23:d3:00:d1:26:e8:
b5:a4:d2:16:2f:06:09:42:5a:25:92:02:a7:bf:b9:b4:ee:65:
21:cf:b9:ad:25:15:01:84:b6:81:c4:91:e9:10:3a:a7:e8:79:
d2:85:6d:81:fd:dc:49:97:57:7f:62:f9:36:37:ed:fa:9c:49:
89:93:ef:0f:0e:df:8b:12:78:02:c8:8c:5a:a4:5b:c3:b4:67:
b7:58:34:fe:79:75:79:2c:c2:bd:4d:72:2c:b0:f8:ec:d1:18:
d1:5f:cc:3e:2c:99:c5:80:f6:36:3c:70:71:8e:c4:15:49:c3:
c5:d7:53:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFANbWMBSZOzaN5G9nZQ/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwMTAxMTIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmZiNTRmNWRiMWY0MDNiOGQ2OTlkNDdmYzY4NjAwN2RkZDgyNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23SSyXnqqJd9tFX47/tzu4ksgxQz
dj+zCjpjBFpA0Bx9TzR/8Hkun+i3aSMICcn1TULJPp/8NuJiXgRATaEpNG2sA7Mk
ClmoImsw94qts/StRte/NMzu7whSvAYaF+5zM0DDIo6auCTpWnLDQM1vnYPUz3cs
SOZh936XfnlLNlIwTi91omVH8G87P2bqDy5pRknKOMUAlWjcrJ+tTiKNsa+tc9AJ
n4WKqH/Gn5iCas2+mozQAsyMAhQhCoSa6pzABbLMe/MbHbuUUq7aEVdKclqu7YED
UCe6M/z7BvTLklx5lyklugs71MFoGr8CgfG+poEpKJ2EhjOHK2Q6Fw37uQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFL7VPXbH0A7jWmdR/xoYAfd2CbYMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvVXZ0VTlkc2ZRRHVOYVoxSF9HaGdCOTNZSnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYggAwQC
2ZCwAwQC2ZC4MA0GCSqGSIb3DQEBCwUAA4IBAQAfhuimlmj7YBg7ei78HtLxLmEJ
xufzeof1mEae/HIOs9XkN0OcJLKNgnkohj9pjA55AL/QpPwPnspsOJbsRkz0fuZe
nSnZbiNEXp2HLNHDVAn2QWGuQ7wYHfTeNXG2hx8jJCri2ibC4syJm09J4KexOVEN
D4IY5+1I/0uczF/ikdk+nHM741mwDYgj0wDRJui1pNIWLwYJQlolkgKnv7m07mUh
z7mtJRUBhLaBxJHpEDqn6HnShW2B/dxJl1d/Yvk2N+36nEmJk+8PDt+LEngCyIxa
pFvDtGe3WDT+eXV5LMK9TXIssPjs0RjRX8w+LJnFgPY2PHBxjsQVScPF11MR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:08 2024 by rpki-client on console-ams.rpki-client.org