Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8ed018-08f3-4777-9dd4-de245af4facb/1/uWsSNjikxhezPzNcpDG2l7FfqG0.roa
File: uWsSNjikxhezPzNcpDG2l7FfqG0.roa (raw, json)
Hash identifier: mddnzKyIP+xTr+xmr43wAzSp+balByjphu3cbrnZkOQ=
Subject key identifier: B9:6B:12:36:38:A4:C6:17:B3:3F:33:5C:A4:31:B6:97:B1:5F:A8:6D
Certificate issuer: /CN=d10c88d82d2fac82203d42a242d6eb763d13bbf8
Certificate serial: 01856EAFF149058E21BEEA439CD856D434E1
Authority key identifier: D1:0C:88:D8:2D:2F:AC:82:20:3D:42:A2:42:D6:EB:76:3D:13:BB:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QyI2C0vrIIgPUKiQtbrdj0Tu_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8ed018-08f3-4777-9dd4-de245af4facb/1/uWsSNjikxhezPzNcpDG2l7FfqG0.roa
Signing time: Sun 01 Jan 2023 18:55:02 +0000
ROA not before: Sun 01 Jan 2023 18:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200742
IP address blocks: 185.97.125.0/24 maxlen: 24
185.97.124.0/22 maxlen: 22
185.97.124.0/24 maxlen: 24
185.97.127.0/24 maxlen: 24
185.97.126.0/24 maxlen: 24
2a06:600::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f1:49:05:8e:21:be:ea:43:9c:d8:56:d4:34:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10c88d82d2fac82203d42a242d6eb763d13bbf8
Validity
Not Before: Jan 1 18:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b96b123638a4c617b33f335ca431b697b15fa86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b1:cc:c8:69:78:bd:19:c9:97:73:23:a9:78:
04:9b:e9:af:cd:0f:d2:da:6e:a2:c3:39:e6:1e:b8:
60:4f:3d:42:63:df:ea:80:d1:b4:c1:09:40:60:5d:
e0:8a:c1:37:45:27:f3:e9:d2:59:41:f4:d6:06:c0:
d9:3a:c0:eb:c7:ea:fd:6a:df:8c:db:88:f5:6c:e4:
33:2c:17:14:9d:5f:34:ab:64:e2:e3:a1:08:09:66:
56:c3:46:b3:00:ee:64:c0:c2:b1:73:90:3d:60:24:
12:08:bc:71:b1:32:52:bf:51:ac:c1:95:3f:77:19:
35:ab:75:2c:73:7e:24:e8:36:72:0b:65:ee:2a:81:
1d:05:e7:46:99:ab:bd:90:48:79:70:cf:8c:67:0a:
b6:23:aa:b0:25:2c:7d:84:9c:ef:8e:f9:0d:91:78:
04:cd:3d:10:9b:09:6f:dd:3f:66:2b:ff:34:8d:13:
46:2d:61:14:01:d6:bd:cf:3c:ed:76:04:c3:32:89:
b8:01:7d:df:d5:32:a0:ab:25:d7:7c:4c:43:90:ca:
c5:d4:01:9a:c4:78:5a:99:d1:2a:31:b6:d0:4f:29:
ae:8a:b6:87:da:16:51:63:9e:5a:4c:da:af:bf:8c:
fd:3a:6f:46:d2:10:88:40:51:2e:b6:e6:39:42:21:
d7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6B:12:36:38:A4:C6:17:B3:3F:33:5C:A4:31:B6:97:B1:5F:A8:6D
X509v3 Authority Key Identifier:
keyid:D1:0C:88:D8:2D:2F:AC:82:20:3D:42:A2:42:D6:EB:76:3D:13:BB:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QyI2C0vrIIgPUKiQtbrdj0Tu_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8ed018-08f3-4777-9dd4-de245af4facb/1/uWsSNjikxhezPzNcpDG2l7FfqG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8ed018-08f3-4777-9dd4-de245af4facb/1/0QyI2C0vrIIgPUKiQtbrdj0Tu_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.124.0/22
IPv6:
2a06:600::/29
Signature Algorithm: sha256WithRSAEncryption
88:2b:29:52:ef:15:8d:83:b2:75:00:72:bd:9e:2f:15:cb:aa:
0a:cc:6d:90:3e:2f:13:28:83:4c:2c:0c:8b:89:26:1b:f3:93:
0f:5c:54:41:2b:ab:67:49:fb:9b:74:de:24:7f:c8:14:21:fb:
fe:c6:29:5b:c8:ac:2e:3b:cf:37:85:5c:15:46:6e:30:39:aa:
7c:b7:c5:df:4f:49:a9:04:09:92:56:7e:4b:da:95:77:62:66:
9e:8d:f6:a0:c6:51:90:30:c4:e1:ed:ae:78:c5:ff:3d:4e:dc:
11:3e:e7:00:8a:e6:a1:13:1c:8d:a5:50:bc:fb:25:bb:a7:e0:
0a:ae:d7:23:57:83:e8:3c:f2:f5:cd:81:c5:9d:58:50:67:86:
f5:eb:8b:90:f9:9b:ea:b8:09:c6:22:85:11:8f:2f:1f:0e:5e:
71:e5:35:e6:63:86:47:db:1d:80:c2:cf:ce:72:d5:a6:ba:af:
5d:f4:84:60:7f:4e:9b:65:73:34:2a:4f:3f:f4:1a:cf:59:07:
c4:81:0f:6a:9c:16:7a:a0:8c:f9:eb:2b:0f:71:81:7f:05:89:
b7:5d:d6:fb:d7:3b:ab:d5:fa:48:ea:78:a3:ec:f8:16:5f:89:
41:d1:e5:e6:bb:fd:b8:54:3a:fb:88:07:ff:76:86:3b:e0:6b:
4d:c4:af:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVur/FJBY4hvupDnNhW1DThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMGM4OGQ4MmQyZmFjODIyMDNkNDJhMjQyZDZlYjc2M2Qx
M2JiZjgwHhcNMjMwMTAxMTg1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTZiMTIzNjM4YTRjNjE3YjMzZjMzNWNhNDMxYjY5N2IxNWZhODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbHMyGl4vRnJl3MjqXgEm+mvzQ/S
2m6iwznmHrhgTz1CY9/qgNG0wQlAYF3gisE3RSfz6dJZQfTWBsDZOsDrx+r9at+M
24j1bOQzLBcUnV80q2Ti46EICWZWw0azAO5kwMKxc5A9YCQSCLxxsTJSv1GswZU/
dxk1q3Usc34k6DZyC2XuKoEdBedGmau9kEh5cM+MZwq2I6qwJSx9hJzvjvkNkXgE
zT0Qmwlv3T9mK/80jRNGLWEUAda9zzztdgTDMom4AX3f1TKgqyXXfExDkMrF1AGa
xHhamdEqMbbQTymuiraH2hZRY55aTNqvv4z9Om9G0hCIQFEutuY5QiHXSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLlrEjY4pMYXsz8zXKQxtpexX6htMB8GA1UdIwQY
MBaAFNEMiNgtL6yCID1CokLW63Y9E7v4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFF5STJDMHZySUlnUFVLaVF0YnJkajBUdV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84ZWQwMTgtMDhmMy00Nzc3LTlkZDQt
ZGUyNDVhZjRmYWNiLzEvdVdzU05qaWt4aGV6UHpOY3BERzJsN0ZmcUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS84ZWQwMTgtMDhmMy00Nzc3LTlkZDQtZGUyNDVhZjRmYWNi
LzEvMFF5STJDMHZySUlnUFVLaVF0YnJkajBUdV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWF8MA0E
AgACMAcDBQMqBgYAMA0GCSqGSIb3DQEBCwUAA4IBAQCIKylS7xWNg7J1AHK9ni8V
y6oKzG2QPi8TKINMLAyLiSYb85MPXFRBK6tnSfubdN4kf8gUIfv+xilbyKwuO883
hVwVRm4wOap8t8XfT0mpBAmSVn5L2pV3YmaejfagxlGQMMTh7a54xf89TtwRPucA
iuahExyNpVC8+yW7p+AKrtcjV4PoPPL1zYHFnVhQZ4b164uQ+ZvquAnGIoURjy8f
Dl5x5TXmY4ZH2x2Aws/OctWmuq9d9IRgf06bZXM0Kk8/9BrPWQfEgQ9qnBZ6oIz5
6ysPcYF/BYm3Xdb71zur1fpI6nij7PgWX4lB0eXmu/24VDr7iAf/doY74GtNxK8p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:16 2024 by rpki-client on console-ams.rpki-client.org