Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/u-w5aRB_NX7BzjEy8YdDVzsNS3E.roa
File: u-w5aRB_NX7BzjEy8YdDVzsNS3E.roa (raw, json)
Hash identifier: IPd0Ep/nQnk+N8jPVNgNQ3omLDSgan8gSnfl3N8SPW0=
Subject key identifier: BB:EC:39:69:10:7F:35:7E:C1:CE:31:32:F1:87:43:57:3B:0D:4B:71
Certificate issuer: /CN=3ec8c20e65dcd33ff8a5e3c30a645925c5c9f95f
Certificate serial: 01856F26CF057D2C5F45C4E28C8EDC4F0A5B
Authority key identifier: 3E:C8:C2:0E:65:DC:D3:3F:F8:A5:E3:C3:0A:64:59:25:C5:C9:F9:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/u-w5aRB_NX7BzjEy8YdDVzsNS3E.roa
Signing time: Sun 01 Jan 2023 21:04:52 +0000
ROA not before: Sun 01 Jan 2023 21:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35393
IP address blocks: 185.67.152.0/22 maxlen: 24
37.0.72.0/21 maxlen: 24
62.100.128.0/19 maxlen: 24
188.130.0.0/17 maxlen: 24
91.191.144.0/20 maxlen: 24
195.114.18.0/23 maxlen: 24
94.247.176.0/21 maxlen: 24
78.41.232.0/21 maxlen: 24
46.21.192.0/20 maxlen: 24
81.93.240.0/20 maxlen: 24
195.14.0.0/24 maxlen: 24
193.47.184.0/24 maxlen: 24
2001:758::/32 maxlen: 48
2a00:cb80::/32 maxlen: 48
2001:900::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:cf:05:7d:2c:5f:45:c4:e2:8c:8e:dc:4f:0a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec8c20e65dcd33ff8a5e3c30a645925c5c9f95f
Validity
Not Before: Jan 1 21:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbec3969107f357ec1ce3132f18743573b0d4b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7a:b7:2f:24:65:66:b4:9f:e7:00:9a:2b:6b:
7a:43:a8:9e:93:30:fb:e3:7a:42:48:b0:f3:76:01:
8b:c5:12:3a:8c:e0:b9:1d:18:4e:c6:52:5e:af:f2:
e7:81:d4:0e:5f:7e:2a:43:bc:1b:d2:c2:3e:ff:88:
e9:8e:24:82:c2:a4:a1:81:eb:5e:7c:a7:0a:7e:44:
a3:d6:04:21:6b:85:aa:79:0f:02:35:09:28:00:ea:
e6:62:3b:f5:bd:87:e6:08:34:5d:58:73:97:86:16:
07:67:89:99:b3:3a:3e:71:b7:3a:84:55:eb:cb:3f:
73:ac:21:b0:38:8d:21:8d:fe:e9:e0:65:4f:e2:15:
a3:21:70:c6:9d:50:9e:15:0f:4e:b0:12:06:bf:52:
4b:01:6c:27:bc:15:0c:de:dd:00:86:08:e4:dc:f8:
3f:b2:41:4a:d4:d2:f0:58:9d:0c:ee:ed:93:97:cb:
d8:37:22:19:43:cb:7e:99:d6:80:c2:e2:02:c2:94:
f7:cc:42:6c:56:fd:78:dd:51:86:ec:42:18:42:96:
95:03:24:35:9a:6c:a4:db:06:4f:a2:ea:10:93:b0:
a3:c7:29:5b:75:7c:d2:ca:44:a7:ad:47:9e:09:ce:
03:bc:fc:4d:d8:b2:ed:70:b1:ae:e5:13:85:e1:37:
f4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EC:39:69:10:7F:35:7E:C1:CE:31:32:F1:87:43:57:3B:0D:4B:71
X509v3 Authority Key Identifier:
keyid:3E:C8:C2:0E:65:DC:D3:3F:F8:A5:E3:C3:0A:64:59:25:C5:C9:F9:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/u-w5aRB_NX7BzjEy8YdDVzsNS3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/PsjCDmXc0z_4pePDCmRZJcXJ-V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.72.0/21
46.21.192.0/20
62.100.128.0/19
78.41.232.0/21
81.93.240.0/20
91.191.144.0/20
94.247.176.0/21
185.67.152.0/22
188.130.0.0/17
193.47.184.0/24
195.14.0.0/24
195.114.18.0/23
IPv6:
2001:758::/32
2001:900::/32
2a00:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
b4:a3:12:ee:ed:71:0d:5e:c8:eb:62:0b:c5:df:d3:93:f6:2f:
53:e5:4d:fd:3e:52:33:db:fd:43:87:4c:00:3e:51:c8:0f:8a:
ab:55:61:a5:e4:fd:00:09:19:71:e9:d1:9f:67:08:c1:1b:36:
15:42:cb:d6:28:14:49:8d:c1:06:ba:92:37:b3:00:ed:cd:c7:
6a:39:a8:5b:b5:8e:21:6a:87:1a:e9:87:e9:32:a7:db:8f:e9:
9c:e9:8a:12:e0:ba:fe:2a:6d:f5:8d:bc:27:51:94:f3:9b:18:
42:45:dd:ae:a5:e2:85:85:59:23:60:b3:2e:d6:08:2b:da:25:
00:53:4b:01:ed:59:a6:d1:02:00:e9:00:02:84:4f:a3:ee:fa:
df:f5:24:e5:45:d1:ca:c4:b1:58:7e:64:71:72:23:f1:f6:2b:
a9:fa:f0:e0:cd:19:5c:98:dd:5c:66:2f:00:b3:2f:c0:65:da:
46:a3:de:44:0c:9c:f6:8e:f6:f1:c6:8d:0d:64:aa:3a:0c:91:
a9:f5:0d:1b:bc:80:6a:2b:a0:2f:7f:38:f3:ff:8e:b1:17:45:
07:f6:dd:dc:5a:a8:b0:bc:f0:9e:6b:cf:22:e2:5f:78:d9:19:
c2:2d:65:db:2c:33:00:fb:b0:46:94:8d:64:e7:31:78:02:ca:
f0:07:a4:64
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYVvJs8FfSxfRcTijI7cTwpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzhjMjBlNjVkY2QzM2ZmOGE1ZTNjMzBhNjQ1OTI1YzVj
OWY5NWYwHhcNMjMwMTAxMjEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmVjMzk2OTEwN2YzNTdlYzFjZTMxMzJmMTg3NDM1NzNiMGQ0YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3q3LyRlZrSf5wCaK2t6Q6iekzD7
43pCSLDzdgGLxRI6jOC5HRhOxlJer/LngdQOX34qQ7wb0sI+/4jpjiSCwqShgete
fKcKfkSj1gQha4WqeQ8CNQkoAOrmYjv1vYfmCDRdWHOXhhYHZ4mZszo+cbc6hFXr
yz9zrCGwOI0hjf7p4GVP4hWjIXDGnVCeFQ9OsBIGv1JLAWwnvBUM3t0Ahgjk3Pg/
skFK1NLwWJ0M7u2Tl8vYNyIZQ8t+mdaAwuICwpT3zEJsVv143VGG7EIYQpaVAyQ1
mmyk2wZPouoQk7CjxylbdXzSykSnrUeeCc4DvPxN2LLtcLGu5ROF4Tf0gwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFLvsOWkQfzV+wc4xMvGHQ1c7DUtxMB8GA1UdIwQY
MBaAFD7Iwg5l3NM/+KXjwwpkWSXFyflfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNqQ0RtWGMwel80cGVQRENtUlpKY1hKLVY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85M2Y2ZWUtMDVlYS00ZjMxLTlhZjYt
ZGZjNWNjNjRhODFlLzEvdS13NWFSQl9OWDdCempFeThZZERWenNOUzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85M2Y2ZWUtMDVlYS00ZjMxLTlhZjYtZGZjNWNjNjRhODFl
LzEvUHNqQ0RtWGMwel80cGVQRENtUlpKY1hKLVY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBOBAIAATBIAwQDJQBIAwQE
LhXAAwQFPmSAAwQDTinoAwQEUV3wAwQEW7+QAwQDXvewAwQCuUOYAwQHvIIAAwQA
wS+4AwQAww4AAwQBw3ISMBsEAgACMBUDBQAgAQdYAwUAIAEJAAMFACoAy4AwDQYJ
KoZIhvcNAQELBQADggEBALSjEu7tcQ1eyOtiC8Xf05P2L1PlTf0+UjPb/UOHTAA+
UcgPiqtVYaXk/QAJGXHp0Z9nCMEbNhVCy9YoFEmNwQa6kjezAO3Nx2o5qFu1jiFq
hxrph+kyp9uP6ZzpihLguv4qbfWNvCdRlPObGEJF3a6l4oWFWSNgsy7WCCvaJQBT
SwHtWabRAgDpAAKET6Pu+t/1JOVF0crEsVh+ZHFyI/H2K6n68ODNGVyY3VxmLwCz
L8Bl2kaj3kQMnPaO9vHGjQ1kqjoMkan1DRu8gGoroC9/OPP/jrEXRQf23dxaqLC8
8J5rzyLiX3jZGcItZdssMwD7sEaUjWTnMXgCyvAHpGQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:55 2024 by rpki-client on console-ams.rpki-client.org