Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/ed1594-2b3f-4962-acab-ceb21b8e832b/1/UPLZbLCacBragCJ_dXXUWtGGKoQ.roa
File: UPLZbLCacBragCJ_dXXUWtGGKoQ.roa (raw, json)
Hash identifier: kncPHdi9vf/b7Xtz3Q+Z7epihqOAgitzCQtBf42AbFU=
Subject key identifier: 50:F2:D9:6C:B0:9A:70:1A:DA:80:22:7F:75:75:D4:5A:D1:86:2A:84
Certificate issuer: /CN=72a3c6ca435ebdbf96fffa4c5d98e4600828f712
Certificate serial: 018570E7438F7CAC592292E1E502551CA431
Authority key identifier: 72:A3:C6:CA:43:5E:BD:BF:96:FF:FA:4C:5D:98:E4:60:08:28:F7:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cqPGykNevb-W__pMXZjkYAgo9xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/ed1594-2b3f-4962-acab-ceb21b8e832b/1/UPLZbLCacBragCJ_dXXUWtGGKoQ.roa
Signing time: Mon 02 Jan 2023 05:14:42 +0000
ROA not before: Mon 02 Jan 2023 05:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48642
IP address blocks: 91.211.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:43:8f:7c:ac:59:22:92:e1:e5:02:55:1c:a4:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72a3c6ca435ebdbf96fffa4c5d98e4600828f712
Validity
Not Before: Jan 2 05:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50f2d96cb09a701ada80227f7575d45ad1862a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:56:ff:95:c4:d1:02:70:59:a6:f5:d1:43:
8e:f9:30:21:0a:a3:88:5e:49:08:b5:f6:40:e7:f0:
99:a3:ac:80:4e:45:a4:3f:cf:66:0a:8f:79:60:45:
68:3f:a3:14:9d:ca:93:82:5c:50:64:c7:4c:e0:60:
ff:ef:9c:88:3a:da:7e:0f:b1:87:5e:92:7a:52:7c:
9e:5f:38:a3:1a:de:39:1c:3c:a9:d1:3d:37:b9:f6:
cb:4a:62:b4:30:7f:75:c1:b6:a1:08:bc:6a:59:16:
45:e8:46:5b:9d:7c:c9:2c:b6:8e:74:c2:76:36:13:
b0:96:57:3c:2a:3a:59:bf:da:e2:24:dc:61:8f:11:
5c:1d:dc:fd:30:72:27:44:3a:e6:19:4c:01:a5:76:
e6:ec:ec:00:2f:a6:d9:20:56:d6:71:1b:56:2d:f5:
33:82:a3:6a:e9:dd:df:14:12:00:90:c5:55:0d:f8:
ce:d5:8f:47:bd:22:4e:d2:60:96:64:8a:4f:50:0b:
fc:a9:a3:b4:8b:7a:a0:e9:0d:96:3b:48:39:98:eb:
97:99:b8:7e:4a:14:22:0a:9e:06:dc:cb:dc:4f:5f:
ea:20:bb:1f:07:33:be:fc:df:15:6d:10:55:2d:c1:
0b:99:e4:74:64:66:d7:d0:66:86:b3:18:f0:0a:4f:
84:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F2:D9:6C:B0:9A:70:1A:DA:80:22:7F:75:75:D4:5A:D1:86:2A:84
X509v3 Authority Key Identifier:
keyid:72:A3:C6:CA:43:5E:BD:BF:96:FF:FA:4C:5D:98:E4:60:08:28:F7:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cqPGykNevb-W__pMXZjkYAgo9xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/ed1594-2b3f-4962-acab-ceb21b8e832b/1/UPLZbLCacBragCJ_dXXUWtGGKoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/ed1594-2b3f-4962-acab-ceb21b8e832b/1/cqPGykNevb-W__pMXZjkYAgo9xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.20.0/22
Signature Algorithm: sha256WithRSAEncryption
29:09:4d:0f:7c:a4:9f:10:a6:9d:7e:34:a0:34:26:d8:b8:fd:
07:8a:08:02:62:2e:7b:08:5f:e4:b7:5b:57:d0:b2:3b:02:2d:
a3:7d:9f:3b:89:a6:ba:90:67:58:ff:8d:95:16:ed:c1:fd:ff:
be:d9:41:ae:0d:28:de:bd:45:e9:3a:c9:20:e8:80:b2:96:b6:
2a:ad:63:ae:94:b7:0d:3f:55:d5:5b:b4:d6:cf:be:0b:de:2f:
91:e6:3c:06:17:66:ed:6b:cd:2b:66:72:57:6f:32:ab:e6:1d:
5a:2e:07:40:21:91:b3:09:87:1c:ec:1f:2a:16:21:73:20:dc:
5c:da:d6:a9:7c:62:0c:3c:da:d0:a4:8a:36:1e:2c:74:1f:4b:
e2:5d:f2:2e:bc:73:66:25:c9:74:26:04:68:47:08:82:2c:8b:
5e:52:de:80:c6:ee:10:70:5c:25:d2:ed:ef:c7:8a:8c:d5:0e:
21:87:c9:63:ac:40:e7:fa:3b:35:ad:9b:bf:9f:16:61:b8:de:
12:d6:1b:bc:08:73:18:59:28:cc:a2:60:8d:1d:10:0c:e7:4e:
da:a3:c2:04:1b:5c:fa:e0:0a:29:8f:3e:27:3e:52:cb:74:64:
ba:e2:77:d2:be:d4:02:36:56:9f:a3:14:92:66:be:8d:d6:ce:
ee:87:eb:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw50OPfKxZIpLh5QJVHKQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYTNjNmNhNDM1ZWJkYmY5NmZmZmE0YzVkOThlNDYwMDgy
OGY3MTIwHhcNMjMwMTAyMDUxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGYyZDk2Y2IwOWE3MDFhZGE4MDIyN2Y3NTc1ZDQ1YWQxODYyYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqdW/5XE0QJwWab10UOO+TAhCqOI
XkkItfZA5/CZo6yATkWkP89mCo95YEVoP6MUncqTglxQZMdM4GD/75yIOtp+D7GH
XpJ6UnyeXzijGt45HDyp0T03ufbLSmK0MH91wbahCLxqWRZF6EZbnXzJLLaOdMJ2
NhOwllc8KjpZv9riJNxhjxFcHdz9MHInRDrmGUwBpXbm7OwAL6bZIFbWcRtWLfUz
gqNq6d3fFBIAkMVVDfjO1Y9HvSJO0mCWZIpPUAv8qaO0i3qg6Q2WO0g5mOuXmbh+
ShQiCp4G3MvcT1/qILsfBzO+/N8VbRBVLcELmeR0ZGbX0GaGsxjwCk+EPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDy2WywmnAa2oAif3V11FrRhiqEMB8GA1UdIwQY
MBaAFHKjxspDXr2/lv/6TF2Y5GAIKPcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3FQR3lrTmV2Yi1XX19wTVhaamtZQWdvOXhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9lZDE1OTQtMmIzZi00OTYyLWFjYWIt
Y2ViMjFiOGU4MzJiLzEvVVBMWmJMQ2FjQnJhZ0NKX2RYWFVXdEdHS29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9lZDE1OTQtMmIzZi00OTYyLWFjYWItY2ViMjFiOGU4MzJi
LzEvY3FQR3lrTmV2Yi1XX19wTVhaamtZQWdvOXhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9MUMA0G
CSqGSIb3DQEBCwUAA4IBAQApCU0PfKSfEKadfjSgNCbYuP0HiggCYi57CF/kt1tX
0LI7Ai2jfZ87iaa6kGdY/42VFu3B/f++2UGuDSjevUXpOskg6ICylrYqrWOulLcN
P1XVW7TWz74L3i+R5jwGF2bta80rZnJXbzKr5h1aLgdAIZGzCYcc7B8qFiFzINxc
2tapfGIMPNrQpIo2Hix0H0viXfIuvHNmJcl0JgRoRwiCLIteUt6Axu4QcFwl0u3v
x4qM1Q4hh8ljrEDn+js1rZu/nxZhuN4S1hu8CHMYWSjMomCNHRAM507ao8IEG1z6
4Aopjz4nPlLLdGS64nfSvtQCNlafoxSSZr6N1s7uh+ti
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:25 2024 by rpki-client on console-ams.rpki-client.org