Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/UslyYxi7NYtZTeQTTRtuLWokvo0.roa
File: UslyYxi7NYtZTeQTTRtuLWokvo0.roa (raw, json)
Hash identifier: HD0IMbZFyAZWZ2lmFjyJqvFEQfAQu/QUNP/k8NQT+20=
Subject key identifier: 52:C9:72:63:18:BB:35:8B:59:4D:E4:13:4D:1B:6E:2D:6A:24:BE:8D
Certificate issuer: /CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Certificate serial: 01877C49C33E1BCA4ACD9916DC77B753EE1C
Authority key identifier: AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/UslyYxi7NYtZTeQTTRtuLWokvo0.roa
Signing time: Thu 13 Apr 2023 20:23:41 +0000
ROA not before: Thu 13 Apr 2023 20:23:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21119
IP address blocks: 193.169.42.0/23 maxlen: 24
185.36.28.0/22 maxlen: 24
89.233.96.0/21 maxlen: 24
2a03:6240::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 17 Apr 2023 11:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7c:49:c3:3e:1b:ca:4a:cd:99:16:dc:77:b7:53:ee:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Validity
Not Before: Apr 13 20:23:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52c9726318bb358b594de4134d1b6e2d6a24be8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d9:a6:13:59:46:0e:4b:40:b5:3d:c1:e8:15:
1f:d1:93:74:64:0b:13:b3:d1:b1:bc:e2:8b:c0:7e:
08:b0:c4:1e:d7:98:18:32:f5:b6:4d:7b:b1:92:b8:
a5:35:21:3f:1a:ee:27:c8:d6:59:04:a9:01:10:4c:
f4:60:1e:f2:24:e8:40:25:44:20:8a:04:37:a1:db:
d9:73:83:02:c0:23:0f:85:2c:a7:5a:39:6c:0a:59:
72:c0:68:80:b0:39:45:59:27:51:9b:1a:90:fd:cd:
26:34:b6:b8:80:c8:86:0e:89:62:75:10:5e:f6:06:
64:3e:17:db:58:aa:d5:ef:f6:81:04:79:a0:b3:e2:
27:97:be:2f:e4:e0:71:c2:5f:79:41:c8:00:95:f4:
4d:0a:71:e8:3a:00:39:0f:43:1f:65:10:b3:20:b8:
0c:ab:57:50:16:40:eb:b4:b7:aa:c3:94:ff:9f:36:
a2:64:86:62:8e:2b:45:b6:72:aa:32:2c:38:c6:75:
38:a2:e9:20:75:ff:b5:69:94:65:f0:84:e8:06:5d:
27:f4:5b:a1:f0:68:70:c3:5b:7a:bd:d2:f0:54:19:
28:4a:0a:63:eb:b7:c7:8b:36:3d:c5:92:6d:0e:7c:
2f:c7:75:c9:a6:85:de:5d:be:45:ad:e7:02:45:36:
70:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C9:72:63:18:BB:35:8B:59:4D:E4:13:4D:1B:6E:2D:6A:24:BE:8D
X509v3 Authority Key Identifier:
keyid:AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/UslyYxi7NYtZTeQTTRtuLWokvo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/rQt55LWcX82kk6IK0Y6UVYWdAxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.233.96.0/21
185.36.28.0/22
193.169.42.0/23
IPv6:
2a03:6240::/32
Signature Algorithm: sha256WithRSAEncryption
14:c0:36:85:ce:2d:aa:84:8b:e0:b3:4d:c7:8b:cd:df:49:33:
70:3e:c3:b5:5d:83:79:3e:53:c6:0b:48:f3:77:9f:3c:18:1b:
86:00:7f:03:36:2a:16:f9:c3:7d:5c:7f:db:79:73:6e:97:6e:
dd:7f:73:9f:e0:84:0a:0e:7a:8f:c9:c4:f4:f4:39:51:7e:73:
55:37:b2:c4:1a:24:ea:64:54:fa:f7:c7:d1:3b:bb:2d:47:7f:
50:9f:c0:d8:5b:27:9a:9f:c4:67:d9:bc:bc:23:df:ab:b8:8d:
8f:fd:62:ee:16:23:be:09:66:b4:5c:25:10:be:32:69:b4:28:
fa:d6:57:32:09:4c:70:b1:7a:f1:69:ad:9d:53:92:3d:e1:c9:
cb:94:6a:05:87:6e:50:70:a4:4e:53:d8:e8:30:9a:1c:92:86:
d9:a7:90:22:f4:90:3e:a9:61:32:13:d1:48:bd:92:e4:1d:3e:
44:cc:ef:76:0b:59:8b:13:dc:9a:c5:02:55:6d:26:52:bd:2d:
31:b4:4a:4f:2f:b8:f5:42:d9:31:b4:ac:99:98:7c:7b:23:b8:
02:79:38:58:c5:9e:79:a4:96:14:7e:9f:68:21:04:7b:f9:40:
0d:33:1a:30:1b:c9:f6:b6:15:40:ba:10:61:48:88:ec:38:5f:
7b:72:1e:9a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYd8ScM+G8pKzZkW3He3U+4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGI3OWU0YjU5YzVmY2RhNDkzYTIwYWQxOGU5NDU1ODU5
ZDAzMWIwHhcNMjMwNDEzMjAyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmM5NzI2MzE4YmIzNThiNTk0ZGU0MTM0ZDFiNmUyZDZhMjRiZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtmmE1lGDktAtT3B6BUf0ZN0ZAsT
s9GxvOKLwH4IsMQe15gYMvW2TXuxkrilNSE/Gu4nyNZZBKkBEEz0YB7yJOhAJUQg
igQ3odvZc4MCwCMPhSynWjlsCllywGiAsDlFWSdRmxqQ/c0mNLa4gMiGDolidRBe
9gZkPhfbWKrV7/aBBHmgs+Inl74v5OBxwl95QcgAlfRNCnHoOgA5D0MfZRCzILgM
q1dQFkDrtLeqw5T/nzaiZIZijitFtnKqMiw4xnU4oukgdf+1aZRl8IToBl0n9Fuh
8Ghww1t6vdLwVBkoSgpj67fHizY9xZJtDnwvx3XJpoXeXb5FrecCRTZw8wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFLJcmMYuzWLWU3kE00bbi1qJL6NMB8GA1UdIwQY
MBaAFK0LeeS1nF/NpJOiCtGOlFWFnQMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQt
ZTNlYjRlOGEzOGRiLzEvVXNseVl4aTdOWXRaVGVRVFRSdHVMV29rdm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQtZTNlYjRlOGEzOGRi
LzEvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDWelgAwQC
uSQcAwQBwakqMA0EAgACMAcDBQAqA2JAMA0GCSqGSIb3DQEBCwUAA4IBAQAUwDaF
zi2qhIvgs03Hi83fSTNwPsO1XYN5PlPGC0jzd588GBuGAH8DNioW+cN9XH/beXNu
l27df3Of4IQKDnqPycT09DlRfnNVN7LEGiTqZFT698fRO7stR39Qn8DYWyean8Rn
2by8I9+ruI2P/WLuFiO+CWa0XCUQvjJptCj61lcyCUxwsXrxaa2dU5I94cnLlGoF
h25QcKROU9joMJockobZp5Ai9JA+qWEyE9FIvZLkHT5EzO92C1mLE9yaxQJVbSZS
vS0xtEpPL7j1QtkxtKyZmHx7I7gCeThYxZ55pJYUfp9oIQR7+UANMxowG8n2thVA
uhBhSIjsOF97ch6a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:23 2024 by rpki-client on console-fra.rpki-client.org