Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/AUJhqgXZNB5CTYScENP5ioLS9uM.roa
File: AUJhqgXZNB5CTYScENP5ioLS9uM.roa (raw, json)
Hash identifier: z/uqCExduqzATNJycJGlqctZShWObZ2Wts6SXck+7gY=
Subject key identifier: 01:42:61:AA:05:D9:34:1E:42:4D:84:9C:10:D3:F9:8A:82:D2:F6:E3
Certificate issuer: /CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Certificate serial: 01883656E67BBD5A2A0EB08B3E94F6A49A5A
Authority key identifier: 58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/AUJhqgXZNB5CTYScENP5ioLS9uM.roa
Signing time: Fri 19 May 2023 23:27:24 +0000
ROA not before: Fri 19 May 2023 23:27:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208041
IP address blocks: 193.160.10.0/23 maxlen: 23
193.160.14.0/23 maxlen: 23
109.197.32.0/23 maxlen: 23
185.222.5.0/24 maxlen: 24
185.222.6.0/24 maxlen: 24
2a0f:d181::/32 maxlen: 32
2a0c:8440::/48 maxlen: 48
2a0f:d180::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:36:56:e6:7b:bd:5a:2a:0e:b0:8b:3e:94:f6:a4:9a:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Validity
Not Before: May 19 23:27:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=014261aa05d9341e424d849c10d3f98a82d2f6e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8d:de:d7:f8:d2:af:16:32:64:15:ec:9c:3d:
57:36:72:05:a3:ee:6e:3c:6c:4b:b3:31:98:5e:fc:
e4:fb:4c:26:d4:1e:89:98:a3:2d:e3:6f:74:1c:61:
b6:64:05:ee:06:f2:2b:df:88:bb:0a:bc:e5:a8:03:
90:68:1f:7a:1d:40:22:bf:dd:24:5e:d6:f6:5a:b4:
bc:b9:56:9c:bd:2f:d4:e6:e2:0f:6d:b4:9d:f2:21:
b7:c8:e2:3d:bd:7f:eb:4a:f3:af:08:9b:fc:3d:74:
eb:c3:09:e9:30:98:47:eb:5a:51:3e:3e:ae:82:11:
7e:4f:9e:38:5a:8f:86:b7:95:1e:6b:34:35:06:13:
6c:31:69:fe:8e:02:91:7f:68:9c:6c:3a:1e:ec:dc:
26:03:c7:cc:ba:bd:29:e5:0e:5c:a6:e2:5b:e3:e2:
30:98:47:dd:48:1a:e3:4d:78:99:f2:d1:03:ee:82:
2b:ef:6e:0a:6c:ab:92:3f:be:98:bb:8a:08:78:af:
7a:13:4a:1c:87:f0:1a:ba:27:ac:3c:be:55:8a:5d:
37:a6:a5:9f:95:8d:43:ea:8a:69:0a:cb:f6:8b:ca:
64:f8:68:47:53:ce:ae:ea:4b:a5:44:a3:b4:ce:63:
af:33:03:ef:60:2c:0f:51:81:f9:39:09:8c:62:8e:
0a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:42:61:AA:05:D9:34:1E:42:4D:84:9C:10:D3:F9:8A:82:D2:F6:E3
X509v3 Authority Key Identifier:
keyid:58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/AUJhqgXZNB5CTYScENP5ioLS9uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.32.0/23
185.222.5.0-185.222.6.255
193.160.10.0/23
193.160.14.0/23
IPv6:
2a0c:8440::/48
2a0f:d180::/31
Signature Algorithm: sha256WithRSAEncryption
6a:6f:22:a1:06:38:c2:cf:da:61:73:c8:10:a3:b0:db:03:7a:
92:17:2c:fb:65:72:0a:14:99:19:b2:49:49:24:17:b4:5a:72:
04:dc:ed:6f:90:90:f4:4f:6a:07:b5:06:4d:2a:d1:24:3c:6d:
64:86:bf:ad:4c:c0:a4:92:18:23:cd:90:e5:d8:c3:73:88:50:
72:55:98:90:02:93:6a:78:f9:1d:c9:be:8c:d8:8b:4d:98:dc:
13:63:ff:71:f0:17:8f:72:a9:24:ba:f8:17:8c:bc:38:01:cf:
36:bd:82:33:93:fc:07:b1:df:db:eb:c1:3f:37:fe:e1:90:d5:
10:b5:68:1f:dc:69:ed:a8:ba:5c:bc:61:ec:af:b2:81:b2:71:
7b:42:97:42:15:9e:74:2d:65:69:76:52:2f:0e:19:44:53:67:
03:98:62:2e:3e:16:9e:2a:b3:ce:fb:1b:54:f7:92:6f:8a:75:
a5:96:23:42:ce:01:8c:df:c6:92:15:4d:f9:73:d0:21:68:ae:
36:40:18:6c:43:5f:09:f9:20:33:f9:cc:50:e0:c7:8e:6f:f5:
26:ef:38:fc:b0:22:b5:91:15:7e:da:a1:87:3e:2f:88:fc:70:
3a:18:c0:19:72:24:7d:c2:86:86:5e:f7:61:51:d5:37:fb:23:
bb:63:7e:10
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYg2VuZ7vVoqDrCLPpT2pJpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MWVjYzFhNzRjZjkyYWI2MTljNWY3MTAxMjM5MzdjZTUw
ZDljNDMwHhcNMjMwNTE5MjMyNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQyNjFhYTA1ZDkzNDFlNDI0ZDg0OWMxMGQzZjk4YTgyZDJmNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5o3e1/jSrxYyZBXsnD1XNnIFo+5u
PGxLszGYXvzk+0wm1B6JmKMt4290HGG2ZAXuBvIr34i7CrzlqAOQaB96HUAiv90k
Xtb2WrS8uVacvS/U5uIPbbSd8iG3yOI9vX/rSvOvCJv8PXTrwwnpMJhH61pRPj6u
ghF+T544Wo+Gt5UeazQ1BhNsMWn+jgKRf2icbDoe7NwmA8fMur0p5Q5cpuJb4+Iw
mEfdSBrjTXiZ8tED7oIr724KbKuSP76Yu4oIeK96E0och/AauiesPL5Vil03pqWf
lY1D6oppCsv2i8pk+GhHU86u6kulRKO0zmOvMwPvYCwPUYH5OQmMYo4KXQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAFCYaoF2TQeQk2EnBDT+YqC0vbjMB8GA1UdIwQY
MBaAFFgezBp0z5KrYZxfcQEjk3zlDZxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYt
ZGE4OGI2YmRiMzE2LzEvQVVKaHFnWFpOQjVDVFlTY0VOUDVpb0xTOXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYtZGE4OGI2YmRiMzE2
LzEvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgAwQBbcUgMAwD
BAC53gUDBAC53gYDBAHBoAoDBAHBoA4wFgQCAAIwEAMHACoMhEAAAAMFASoP0YAw
DQYJKoZIhvcNAQELBQADggEBAGpvIqEGOMLP2mFzyBCjsNsDepIXLPtlcgoUmRmy
SUkkF7RacgTc7W+QkPRPage1Bk0q0SQ8bWSGv61MwKSSGCPNkOXYw3OIUHJVmJAC
k2p4+R3JvozYi02Y3BNj/3HwF49yqSS6+BeMvDgBzza9gjOT/Aex39vrwT83/uGQ
1RC1aB/cae2ouly8YeyvsoGycXtCl0IVnnQtZWl2Ui8OGURTZwOYYi4+Fp4qs877
G1T3km+KdaWWI0LOAYzfxpIVTflz0CForjZAGGxDXwn5IDP5zFDgx45v9SbvOPyw
IrWRFX7aoYc+L4j8cDoYwBlyJH3ChoZe92FR1Tf7I7tjfhA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:56 2024 by rpki-client on console-ams.rpki-client.org