Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/UD36UYu4-s8ShzA_RNgOt81b9Vo.roa
File: UD36UYu4-s8ShzA_RNgOt81b9Vo.roa (raw, json)
Hash identifier: Ou8bqsNSTVvbx57CMeLAGEVPC5ZvUcV9kMl/yYpLFlE=
Subject key identifier: 50:3D:FA:51:8B:B8:FA:CF:12:87:30:3F:44:D8:0E:B7:CD:5B:F5:5A
Certificate issuer: /CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Certificate serial: 018AEF4040508123E7153ED34BD8EEB0936D
Authority key identifier: F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/UD36UYu4-s8ShzA_RNgOt81b9Vo.roa
Signing time: Mon 02 Oct 2023 07:17:59 +0000
ROA not before: Mon 02 Oct 2023 07:17:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208537
IP address blocks: 213.159.24.0/23 maxlen: 23
94.101.104.0/24 maxlen: 24
194.102.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 19:25:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:40:40:50:81:23:e7:15:3e:d3:4b:d8:ee:b0:93:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Validity
Not Before: Oct 2 07:17:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=503dfa518bb8facf1287303f44d80eb7cd5bf55a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:87:41:c9:55:b2:25:1f:8f:02:c3:33:e3:7e:
51:27:01:e5:96:7d:4d:5c:3a:37:ba:65:12:45:1b:
80:30:81:cb:9e:4d:ea:59:cd:d8:45:59:94:5e:a3:
37:76:d2:ec:9c:e5:81:76:3d:2b:bc:c1:5a:9b:16:
a9:df:c1:81:a5:c2:98:45:5c:c4:e6:64:9c:2b:78:
bf:db:25:7e:d6:f4:f5:86:dc:eb:de:c6:28:b6:4d:
39:b3:08:6a:e5:a4:1d:49:e4:aa:47:51:42:c6:f0:
95:e8:a4:30:ba:52:31:78:d1:d4:f0:c6:d6:e0:08:
6f:cd:a3:10:71:d9:2e:58:f8:99:c2:28:03:7e:06:
42:6c:5f:e8:a9:e8:6c:8a:0f:27:fa:28:a0:ad:f2:
7c:7f:6b:25:59:94:c6:79:cc:95:6c:e0:8d:e9:e1:
d6:3e:e6:d9:5e:52:2b:e1:2d:41:44:b8:ba:05:c3:
09:39:b4:1f:83:28:4a:70:57:49:3f:2b:10:b5:c2:
1e:19:15:fa:27:c3:f0:25:bc:ce:09:56:82:3d:9a:
bb:63:d8:14:f7:29:07:f6:7e:3e:c0:0f:63:e6:d5:
5b:b9:3e:a9:34:e7:90:43:96:d1:6b:57:71:d0:05:
8f:66:ff:0d:ee:03:52:0e:e9:19:1a:d6:72:0b:0f:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3D:FA:51:8B:B8:FA:CF:12:87:30:3F:44:D8:0E:B7:CD:5B:F5:5A
X509v3 Authority Key Identifier:
keyid:F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/UD36UYu4-s8ShzA_RNgOt81b9Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/9q2iC9mLq990w9Vs14raZu2HoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.104.0/24
194.102.239.0/24
213.159.24.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:44:41:56:9c:cc:f7:7c:2f:34:c0:67:ad:aa:74:d1:87:35:
42:11:ec:d4:bd:d3:a3:26:06:64:5c:da:5b:21:45:7d:bd:15:
21:1d:48:2e:b8:c0:9a:ce:f9:3b:69:72:8c:46:f0:ff:ed:aa:
e6:7b:71:46:53:fb:28:47:d7:3d:02:4e:bd:bd:38:0b:1a:20:
14:c1:7a:b8:cf:ee:02:34:1a:53:cb:34:5b:c8:fe:66:99:e1:
41:92:06:db:35:39:6c:34:d6:4b:67:a7:20:77:a3:df:7d:71:
9b:3d:1d:96:26:44:22:29:b6:de:aa:38:f4:10:71:7b:ea:0d:
e9:74:e3:9f:73:9d:d8:96:5b:9b:dd:02:da:c2:8a:25:a3:70:
f1:f8:ea:9e:41:03:aa:5e:b8:1c:3a:3e:4d:fa:2e:7a:88:fc:
83:da:33:25:81:f7:2a:7d:52:d1:1a:2a:27:f9:75:37:a7:d5:
42:ba:40:a0:4d:dc:72:29:ff:e9:e0:b7:7b:f1:0d:4b:0b:0c:
6b:75:b5:90:f7:1e:ca:fd:09:bc:f8:cc:05:f1:eb:1c:41:65:
a8:3b:05:f0:bd:f3:73:d3:03:72:33:73:37:27:6f:8f:50:67:
b9:0c:89:dd:e4:96:2d:ef:15:67:fc:a0:cd:f9:f5:39:fc:26:
e5:64:8f:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrvQEBQgSPnFT7TS9jusJNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWRhMjBiZDk4YmFiZGY3NGMzZDU2Y2Q3OGFkYTY2ZWQ4
N2ExNDgwHhcNMjMxMDAyMDcxNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDNkZmE1MThiYjhmYWNmMTI4NzMwM2Y0NGQ4MGViN2NkNWJmNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4dByVWyJR+PAsMz435RJwHlln1N
XDo3umUSRRuAMIHLnk3qWc3YRVmUXqM3dtLsnOWBdj0rvMFamxap38GBpcKYRVzE
5mScK3i/2yV+1vT1htzr3sYotk05swhq5aQdSeSqR1FCxvCV6KQwulIxeNHU8MbW
4AhvzaMQcdkuWPiZwigDfgZCbF/oqehsig8n+iigrfJ8f2slWZTGecyVbOCN6eHW
PubZXlIr4S1BRLi6BcMJObQfgyhKcFdJPysQtcIeGRX6J8PwJbzOCVaCPZq7Y9gU
9ykH9n4+wA9j5tVbuT6pNOeQQ5bRa1dx0AWPZv8N7gNSDukZGtZyCw8J8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFA9+lGLuPrPEocwP0TYDrfNW/VaMB8GA1UdIwQY
MBaAFPatogvZi6vfdMPVbNeK2mbth6FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzkt
OWRiMTdhNWRlNDYzLzEvVUQzNlVZdTQtczhTaHpBX1JOZ090ODFiOVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzktOWRiMTdhNWRlNDYz
LzEvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXmVoAwQA
wmbvAwQB1Z8YMA0GCSqGSIb3DQEBCwUAA4IBAQCMREFWnMz3fC80wGetqnTRhzVC
EezUvdOjJgZkXNpbIUV9vRUhHUguuMCazvk7aXKMRvD/7arme3FGU/soR9c9Ak69
vTgLGiAUwXq4z+4CNBpTyzRbyP5mmeFBkgbbNTlsNNZLZ6cgd6PffXGbPR2WJkQi
Kbbeqjj0EHF76g3pdOOfc53Yllub3QLawoolo3Dx+OqeQQOqXrgcOj5N+i56iPyD
2jMlgfcqfVLRGion+XU3p9VCukCgTdxyKf/p4Ld78Q1LCwxrdbWQ9x7K/Qm8+MwF
8escQWWoOwXwvfNz0wNyM3M3J2+PUGe5DInd5JYt7xVn/KDN+fU5/CblZI84
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:36 2024 by rpki-client on console-fra.rpki-client.org