Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/uNguDNVz-44QfL2rfM1fYcdeF80.roa
File: uNguDNVz-44QfL2rfM1fYcdeF80.roa (raw, json)
Hash identifier: JGQfjvHMZymKC160IxutOmX/er4rPMDvLFebE4t15Bc=
Subject key identifier: B8:D8:2E:0C:D5:73:FB:8E:10:7C:BD:AB:7C:CD:5F:61:C7:5E:17:CD
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018C87A1356CCDF33A2871AD241CF939F13E
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/uNguDNVz-44QfL2rfM1fYcdeF80.roa
Signing time: Wed 20 Dec 2023 14:28:58 +0000
ROA not before: Wed 20 Dec 2023 14:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 192.53.136.0/21 maxlen: 21
192.53.64.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:a1:35:6c:cd:f3:3a:28:71:ad:24:1c:f9:39:f1:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Dec 20 14:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8d82e0cd573fb8e107cbdab7ccd5f61c75e17cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f5:8c:3d:c8:f8:dd:4e:60:d2:02:89:da:09:
54:88:26:8a:75:90:2b:07:83:cb:be:2c:4a:4c:2e:
40:6e:4c:56:82:bf:c8:68:a6:7a:39:fa:a9:41:71:
ea:92:71:1f:12:4e:7b:92:9c:88:17:12:33:9e:db:
3c:34:de:93:bc:28:c9:fd:62:07:4c:e8:a2:08:bf:
07:c6:d1:55:8f:04:9f:e9:12:27:d1:d8:9e:40:32:
6f:6c:9b:18:64:89:61:cc:52:5e:b2:25:86:d5:fe:
0b:b7:e0:c2:e4:c4:b0:b1:c1:f1:97:fe:4d:31:a7:
9f:c0:18:b1:8c:b9:48:40:53:55:5b:3d:0c:20:0a:
d3:b4:e9:b6:89:1a:4e:01:72:8c:db:dc:e7:2b:78:
fb:d2:48:ce:78:8c:98:a1:3b:c2:32:81:01:47:33:
e0:a7:cc:1c:76:b9:39:ce:d0:1c:a1:42:94:14:1e:
02:71:66:58:cd:a8:42:72:04:bc:21:ff:2b:2c:4d:
c2:5b:42:12:2c:8e:7e:f1:4e:e5:96:2a:3c:32:c6:
f9:8e:82:75:59:f8:4f:66:68:e3:fc:b5:e5:30:7b:
1d:c0:1e:81:b8:e7:fc:9d:35:e7:30:da:c2:89:dd:
a5:20:22:90:17:dc:b6:f8:c4:99:29:aa:4c:aa:82:
78:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D8:2E:0C:D5:73:FB:8E:10:7C:BD:AB:7C:CD:5F:61:C7:5E:17:CD
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/uNguDNVz-44QfL2rfM1fYcdeF80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.53.64.0/21
192.53.136.0/21
Signature Algorithm: sha256WithRSAEncryption
67:9a:7c:30:4a:3d:1a:9a:63:88:82:0f:d8:e2:5a:90:8f:f8:
49:50:db:74:60:c8:e1:2e:85:80:00:5f:1e:a9:48:a3:38:74:
dd:22:ac:c6:50:72:09:65:b4:f7:d7:91:cd:54:61:9b:f4:83:
0b:30:47:df:d8:8d:24:65:d3:07:36:2c:b3:8e:8c:ae:a1:19:
ec:cf:73:f7:c9:2b:c4:94:bf:ba:10:25:77:d4:49:e9:5e:bd:
ac:f8:ff:a5:9d:cd:cb:b4:1b:0d:82:fb:4d:3c:c0:60:cf:88:
62:8c:68:7c:34:de:e7:81:2f:4a:ea:9c:a8:59:b4:f6:67:12:
ec:b7:55:0a:07:3d:26:1f:89:ce:13:c8:d9:a0:26:98:34:3c:
ef:55:20:74:f2:29:7c:3e:4f:66:4f:76:04:0f:18:2b:76:df:
ab:0c:ed:46:50:9e:41:24:0a:8a:49:0f:4f:61:18:be:f9:e3:
35:41:bb:60:3a:72:ec:80:b3:65:f1:b7:9f:41:07:47:50:3b:
f7:66:21:36:2c:7b:73:bf:6e:d7:7c:07:20:60:e0:3d:2a:6c:
c8:e2:27:24:dc:d9:22:53:48:35:79:0c:3a:de:6b:d2:29:ce:
9b:7b:7d:9e:6b:73:6e:73:11:d8:46:d0:31:20:35:fb:61:5b:
91:09:8f:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyHoTVszfM6KHGtJBz5OfE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMxMjIwMTQyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ4MmUwY2Q1NzNmYjhlMTA3Y2JkYWI3Y2NkNWY2MWM3NWUxN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPWMPcj43U5g0gKJ2glUiCaKdZAr
B4PLvixKTC5AbkxWgr/IaKZ6OfqpQXHqknEfEk57kpyIFxIznts8NN6TvCjJ/WIH
TOiiCL8HxtFVjwSf6RIn0dieQDJvbJsYZIlhzFJesiWG1f4Lt+DC5MSwscHxl/5N
MaefwBixjLlIQFNVWz0MIArTtOm2iRpOAXKM29znK3j70kjOeIyYoTvCMoEBRzPg
p8wcdrk5ztAcoUKUFB4CcWZYzahCcgS8If8rLE3CW0ISLI5+8U7llio8Msb5joJ1
WfhPZmjj/LXlMHsdwB6BuOf8nTXnMNrCid2lICKQF9y2+MSZKapMqoJ4aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLjYLgzVc/uOEHy9q3zNX2HHXhfNMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvdU5ndUROVnotNDRRZkwycmZNMWZZY2RlRjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDwDVAAwQD
wDWIMA0GCSqGSIb3DQEBCwUAA4IBAQBnmnwwSj0ammOIgg/Y4lqQj/hJUNt0YMjh
LoWAAF8eqUijOHTdIqzGUHIJZbT315HNVGGb9IMLMEff2I0kZdMHNiyzjoyuoRns
z3P3ySvElL+6ECV31EnpXr2s+P+lnc3LtBsNgvtNPMBgz4hijGh8NN7ngS9K6pyo
WbT2ZxLst1UKBz0mH4nOE8jZoCaYNDzvVSB08il8Pk9mT3YEDxgrdt+rDO1GUJ5B
JAqKSQ9PYRi++eM1QbtgOnLsgLNl8befQQdHUDv3ZiE2LHtzv27XfAcgYOA9KmzI
4ick3NkiU0g1eQw63mvSKc6be32ea3NucxHYRtAxIDX7YVuRCY+O
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:17 2024 by rpki-client on console-fra.rpki-client.org