Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/1aHZzoRPm6NVKKVmOWCMPWBq25w.roa
File: 1aHZzoRPm6NVKKVmOWCMPWBq25w.roa (raw, json)
Hash identifier: Uw2d/dpqM9Od7axxS8tQkoAMWjIR95OIuSxAba2E+Wg=
Subject key identifier: D5:A1:D9:CE:84:4F:9B:A3:55:28:A5:66:39:60:8C:3D:60:6A:DB:9C
Certificate issuer: /CN=50182bee9aa010c1ffd2d804f6aa7b14bddb91f7
Certificate serial: 01857295C800505976AEF1717874DB321E32
Authority key identifier: 50:18:2B:EE:9A:A0:10:C1:FF:D2:D8:04:F6:AA:7B:14:BD:DB:91:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/1aHZzoRPm6NVKKVmOWCMPWBq25w.roa
Signing time: Mon 02 Jan 2023 13:04:56 +0000
ROA not before: Mon 02 Jan 2023 13:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29165
IP address blocks: 81.199.116.0/23 maxlen: 24
81.199.120.0/22 maxlen: 24
81.199.252.0/22 maxlen: 24
81.199.250.0/23 maxlen: 24
62.56.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:c8:00:50:59:76:ae:f1:71:78:74:db:32:1e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50182bee9aa010c1ffd2d804f6aa7b14bddb91f7
Validity
Not Before: Jan 2 13:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5a1d9ce844f9ba35528a56639608c3d606adb9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3f:7f:b7:82:42:f5:a1:54:b4:a0:a6:fd:9e:
90:0a:04:d4:87:be:27:00:68:25:71:73:83:b2:de:
16:a0:a6:fa:f1:48:b8:48:1c:54:32:29:6f:81:79:
1f:4e:13:bc:a8:b9:b5:45:16:ec:4b:32:e7:1f:3a:
c2:38:8a:82:33:9b:e9:82:9c:28:66:86:89:dd:b5:
ab:eb:88:71:1c:40:c3:27:7a:3d:2d:ff:ce:7f:00:
1c:ac:4c:76:a3:2b:4d:5e:d7:e0:ec:d3:09:ed:44:
2e:e2:46:65:09:28:a7:62:59:70:cb:ae:ef:ce:ab:
1b:0b:6d:13:13:b3:d6:45:eb:06:16:03:6a:17:84:
26:e6:cd:20:49:91:69:36:ce:89:d5:da:4a:c5:a7:
8e:4f:7a:81:52:b0:50:fc:ed:85:5d:14:d2:8d:45:
41:b4:b6:f6:2c:b0:df:a2:f3:cb:62:aa:b5:dd:ab:
fb:29:f4:48:84:76:ba:49:88:9c:ae:9a:01:83:db:
56:6c:37:30:f3:d8:2d:95:a6:1c:8d:d9:b2:41:90:
bf:38:51:0a:37:05:6a:e5:90:4f:e7:e5:97:9d:ec:
c7:a2:2b:c6:80:2c:4c:88:ca:d3:22:b4:66:93:b5:
69:8d:85:1a:5d:5f:86:95:76:3d:7a:83:68:e4:28:
88:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A1:D9:CE:84:4F:9B:A3:55:28:A5:66:39:60:8C:3D:60:6A:DB:9C
X509v3 Authority Key Identifier:
keyid:50:18:2B:EE:9A:A0:10:C1:FF:D2:D8:04:F6:AA:7B:14:BD:DB:91:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/1aHZzoRPm6NVKKVmOWCMPWBq25w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/UBgr7pqgEMH_0tgE9qp7FL3bkfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.56.252.0/22
81.199.116.0/23
81.199.120.0/22
81.199.250.0-81.199.255.255
Signature Algorithm: sha256WithRSAEncryption
31:dd:31:42:3c:05:11:8a:82:7c:48:9d:06:fc:25:78:b6:d4:
05:07:d3:1b:5d:28:1c:1d:29:9b:8f:54:c5:e1:39:0c:53:02:
29:d7:fb:e2:96:18:e0:a2:64:5f:f7:00:a1:cd:c3:c5:82:90:
a4:2b:83:a9:5e:1a:e3:4d:1f:a0:86:f3:17:0f:fb:e0:01:c7:
aa:4d:54:0a:bc:55:e3:54:37:bb:7a:b1:89:41:a5:f8:f7:77:
1f:a8:a2:1c:fe:41:85:22:3a:07:94:31:76:49:6f:94:5c:54:
9b:8a:be:bf:d8:d5:7a:6b:c9:76:f0:a7:ed:d0:b5:7f:f2:6c:
60:5e:5f:02:bc:97:b3:df:e0:9d:d5:74:09:5a:32:34:60:ae:
f8:e0:d2:a4:58:37:b9:9e:62:06:ec:fe:86:9a:3e:cb:72:69:
37:5c:80:92:d9:36:c8:81:a1:27:2f:32:79:d5:da:94:f9:25:
d8:01:8e:c4:02:04:f8:15:01:c8:99:12:1c:b5:c3:25:f0:06:
51:55:42:ae:48:05:be:cb:56:04:82:d0:fe:b9:97:bb:67:a1:
ac:c6:56:4a:45:ee:f9:d4:0b:bf:df:7d:1e:34:87:1e:bd:78:
9f:e5:74:ee:8b:a5:fb:82:60:36:3e:d5:1c:1e:0a:d2:8c:25:
3c:fe:8d:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVylcgAUFl2rvFxeHTbMh4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMTgyYmVlOWFhMDEwYzFmZmQyZDgwNGY2YWE3YjE0YmRk
YjkxZjcwHhcNMjMwMTAyMTMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWExZDljZTg0NGY5YmEzNTUyOGE1NjYzOTYwOGMzZDYwNmFkYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj9/t4JC9aFUtKCm/Z6QCgTUh74n
AGglcXODst4WoKb68Ui4SBxUMilvgXkfThO8qLm1RRbsSzLnHzrCOIqCM5vpgpwo
ZoaJ3bWr64hxHEDDJ3o9Lf/OfwAcrEx2oytNXtfg7NMJ7UQu4kZlCSinYllwy67v
zqsbC20TE7PWResGFgNqF4Qm5s0gSZFpNs6J1dpKxaeOT3qBUrBQ/O2FXRTSjUVB
tLb2LLDfovPLYqq13av7KfRIhHa6SYicrpoBg9tWbDcw89gtlaYcjdmyQZC/OFEK
NwVq5ZBP5+WXnezHoivGgCxMiMrTIrRmk7VpjYUaXV+GlXY9eoNo5CiIlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWh2c6ET5ujVSilZjlgjD1gatucMB8GA1UdIwQY
MBaAFFAYK+6aoBDB/9LYBPaqexS925H3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJncjdwcWdFTUhfMHRnRTlxcDdGTDNia2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iZDQ1NjYtYWMyNy00NmY4LTk0Zjkt
MTlkMWJiNjFkOWE3LzEvMWFIWnpvUlBtNk5WS0tWbU9XQ01QV0JxMjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iZDQ1NjYtYWMyNy00NmY4LTk0ZjktMTlkMWJiNjFkOWE3
LzEvVUJncjdwcWdFTUhfMHRnRTlxcDdGTDNia2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwQCPjj8AwQB
Ucd0AwQCUcd4MAsDBAFRx/oDAwNRwDANBgkqhkiG9w0BAQsFAAOCAQEAMd0xQjwF
EYqCfEidBvwleLbUBQfTG10oHB0pm49UxeE5DFMCKdf74pYY4KJkX/cAoc3DxYKQ
pCuDqV4a400foIbzFw/74AHHqk1UCrxV41Q3u3qxiUGl+Pd3H6iiHP5BhSI6B5Qx
dklvlFxUm4q+v9jVemvJdvCn7dC1f/JsYF5fAryXs9/gndV0CVoyNGCu+ODSpFg3
uZ5iBuz+hpo+y3JpN1yAktk2yIGhJy8yedXalPkl2AGOxAIE+BUByJkSHLXDJfAG
UVVCrkgFvstWBILQ/rmXu2ehrMZWSkXu+dQLv999HjSHHr14n+V07oul+4JgNj7V
HB4K0owlPP6NVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:50 2024 by rpki-client on console-ams.rpki-client.org