Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/ufYme4g7wn9GuI-wOC628EurkcY.roa
File: ufYme4g7wn9GuI-wOC628EurkcY.roa (raw, json)
Hash identifier: O70vJdzZkWkwI/ztqKS6VGutN1wrecsKAelgtovwv/Y=
Subject key identifier: B9:F6:26:7B:88:3B:C2:7F:46:B8:8F:B0:38:2E:B6:F0:4B:AB:91:C6
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 018C017878B0B5EB02A754D903A65E96ACDF
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/ufYme4g7wn9GuI-wOC628EurkcY.roa
Signing time: Fri 24 Nov 2023 13:15:21 +0000
ROA not before: Fri 24 Nov 2023 13:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43647
IP address blocks: 82.148.0.0/21 maxlen: 24
185.76.12.0/22 maxlen: 24
89.232.184.0/22 maxlen: 24
213.232.225.0/24 maxlen: 24
213.232.245.0/24 maxlen: 24
185.228.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:01:78:78:b0:b5:eb:02:a7:54:d9:03:a6:5e:96:ac:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Nov 24 13:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9f6267b883bc27f46b88fb0382eb6f04bab91c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:1f:7c:91:87:75:96:52:5f:38:dc:7a:e8:
27:d5:bc:89:1c:04:37:4d:6b:ce:1e:5d:c7:9e:23:
ca:41:ef:41:00:ae:72:f3:1d:57:53:14:d8:94:01:
eb:a9:a1:2f:77:22:40:2b:8f:48:28:0c:75:9f:81:
ea:6e:de:ae:4d:21:3b:58:e5:78:f7:a0:f7:f6:6e:
a4:9a:e0:48:6f:b3:1b:33:c9:18:fa:f4:e5:cc:13:
b5:c4:4e:8e:30:41:1b:14:f0:23:dd:e5:64:33:17:
9c:76:d8:c9:65:de:1b:ba:a7:96:70:be:3d:dd:1b:
ba:e2:7d:ce:b5:22:f0:15:92:11:e8:84:d8:56:ef:
7f:2c:b5:71:96:6f:e7:5e:9a:bc:ee:18:96:14:66:
1e:03:c4:ba:37:f2:08:7d:36:0d:80:0f:15:e0:3d:
a8:80:d9:78:e5:3b:be:2d:5c:2d:f2:e6:31:8e:fa:
62:80:b0:89:ed:30:3f:05:8e:94:f6:d6:8a:ab:00:
ed:9b:8d:c7:67:50:eb:ea:9f:97:21:b2:53:f6:03:
67:18:ee:52:95:a4:d8:5f:6a:27:aa:5e:20:66:52:
d0:83:c3:94:08:ae:b2:cc:a8:d2:74:ea:bf:b2:00:
d8:fb:ea:5d:07:e6:f3:6d:26:fc:65:a8:a8:3c:c0:
8d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F6:26:7B:88:3B:C2:7F:46:B8:8F:B0:38:2E:B6:F0:4B:AB:91:C6
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/ufYme4g7wn9GuI-wOC628EurkcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.0.0/21
89.232.184.0/22
185.76.12.0/22
185.228.88.0/22
213.232.225.0/24
213.232.245.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ea:1c:38:31:10:da:d8:f4:75:af:71:f8:17:d1:c8:69:a5:
41:3f:14:d3:b5:2e:1f:f2:0c:7c:3e:81:bd:c1:fd:26:28:6e:
de:17:c1:c9:ee:39:4e:82:cc:27:6c:03:92:f6:79:41:24:dd:
f0:97:b1:c1:f5:b4:41:9e:e3:f9:e2:c4:1a:a0:f2:88:70:9f:
4f:57:40:8f:9a:c9:e5:66:3e:85:f7:31:3d:43:05:bf:77:0b:
16:16:5b:e4:64:55:39:bb:bb:19:6c:72:fb:2a:81:2d:a4:83:
ef:ff:3d:34:a2:cf:7a:3c:79:82:5c:cb:46:4e:c9:46:79:b8:
e2:7b:a4:ed:6b:83:af:7f:06:46:e2:9f:be:40:e4:1d:98:3a:
2c:05:5e:c5:65:05:0d:89:db:bb:3c:41:3e:32:16:94:da:71:
3e:d1:3b:1e:7f:45:3a:1d:b4:22:b3:53:80:cd:36:34:8c:e1:
c0:d5:10:f4:2d:4c:a7:fe:42:96:7a:af:90:0a:ff:14:9e:1d:
8b:5a:9b:26:b6:67:95:9b:03:14:77:f5:e4:01:ec:1e:97:a9:
01:6e:a4:f5:1a:2d:89:e4:1a:2f:e8:65:f3:f8:0d:c7:4a:61:
00:c5:6f:b8:84:32:97:a0:55:34:a0:d2:de:ca:22:bb:81:3f:
3d:3a:c2:25
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwBeHiwtesCp1TZA6ZelqzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjMxMTI0MTMxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWY2MjY3Yjg4M2JjMjdmNDZiODhmYjAzODJlYjZmMDRiYWI5MWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF0ffJGHdZZSXzjceugn1byJHAQ3
TWvOHl3HniPKQe9BAK5y8x1XUxTYlAHrqaEvdyJAK49IKAx1n4Hqbt6uTSE7WOV4
96D39m6kmuBIb7MbM8kY+vTlzBO1xE6OMEEbFPAj3eVkMxecdtjJZd4buqeWcL49
3Ru64n3OtSLwFZIR6ITYVu9/LLVxlm/nXpq87hiWFGYeA8S6N/IIfTYNgA8V4D2o
gNl45Tu+LVwt8uYxjvpigLCJ7TA/BY6U9taKqwDtm43HZ1Dr6p+XIbJT9gNnGO5S
laTYX2onql4gZlLQg8OUCK6yzKjSdOq/sgDY++pdB+bzbSb8ZaioPMCNnwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLn2JnuIO8J/RriPsDgutvBLq5HGMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvdWZZbWU0Zzd3bjlHdUktd09DNjI4RXVya2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDUpQAAwQC
Wei4AwQCuUwMAwQCueRYAwQA1ejhAwQA1ej1MA0GCSqGSIb3DQEBCwUAA4IBAQAO
6hw4MRDa2PR1r3H4F9HIaaVBPxTTtS4f8gx8PoG9wf0mKG7eF8HJ7jlOgswnbAOS
9nlBJN3wl7HB9bRBnuP54sQaoPKIcJ9PV0CPmsnlZj6F9zE9QwW/dwsWFlvkZFU5
u7sZbHL7KoEtpIPv/z00os96PHmCXMtGTslGebjie6Tta4OvfwZG4p++QOQdmDos
BV7FZQUNidu7PEE+MhaU2nE+0Tsef0U6HbQis1OAzTY0jOHA1RD0LUyn/kKWeq+Q
Cv8Unh2LWpsmtmeVmwMUd/XkAewel6kBbqT1Gi2J5Bov6GXz+A3HSmEAxW+4hDKX
oFU0oNLeyiK7gT89OsIl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:37 2024 by rpki-client on console-fra.rpki-client.org