Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/Up-hcKb0qy-0Orevcir0Ds-RYB8.roa
File: Up-hcKb0qy-0Orevcir0Ds-RYB8.roa (raw, json)
Hash identifier: LKMyY5dA1fWLTC7WOs5Dllzm762KYgUwIk9YulzxEjk=
Subject key identifier: 52:9F:A1:70:A6:F4:AB:2F:B4:3A:B7:AF:72:2A:F4:0E:CF:91:60:1F
Certificate issuer: /CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Certificate serial: 018571FA0916E2ED263F5918394594136D39
Authority key identifier: D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/Up-hcKb0qy-0Orevcir0Ds-RYB8.roa
Signing time: Mon 02 Jan 2023 10:14:49 +0000
ROA not before: Mon 02 Jan 2023 10:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13101
IP address blocks: 193.143.2.0/23 maxlen: 23
193.143.6.0/23 maxlen: 23
199.175.220.0/22 maxlen: 22
103.204.204.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:09:16:e2:ed:26:3f:59:18:39:45:94:13:6d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Validity
Not Before: Jan 2 10:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=529fa170a6f4ab2fb43ab7af722af40ecf91601f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:d5:e7:5c:b3:16:e2:b8:79:80:d8:37:01:
2f:73:ad:cf:72:c8:d9:b5:86:9b:28:d7:14:f7:1a:
c9:72:09:34:b7:7b:1f:43:47:b7:47:47:ff:d5:7f:
8d:fd:75:31:ee:8d:9b:8c:89:cb:b5:d1:12:91:35:
77:e7:d7:ce:c0:6e:a3:0d:85:94:16:29:4e:f1:07:
4d:0a:c6:be:30:02:5a:df:8a:92:36:c9:ca:63:60:
d4:70:01:b2:fb:e2:7f:31:5b:2c:6b:73:d5:e2:93:
03:58:9f:47:38:b0:ed:ad:04:a9:f2:4e:d6:31:68:
4f:e6:2b:ff:88:28:11:59:97:80:66:31:51:79:1f:
3f:2e:08:a7:79:8e:ac:25:be:7a:d1:dc:4a:82:e6:
37:8c:3f:de:a4:02:c8:80:56:9a:bf:1e:f2:54:65:
ec:ad:f2:83:eb:80:ad:4a:3d:b8:0a:84:57:1f:4a:
d3:e0:e1:bb:ec:2c:06:66:f8:2b:5d:46:28:84:8c:
41:bb:ac:b1:84:8b:7c:3b:52:b2:f8:c6:1e:c2:b0:
08:45:23:f8:79:b1:1c:9b:ef:4f:c0:2a:c9:89:50:
e5:c4:46:a7:d5:e9:24:b4:f4:cd:4b:df:d9:1e:0d:
13:db:97:17:02:01:18:30:bd:63:3a:55:d3:d5:4d:
1a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9F:A1:70:A6:F4:AB:2F:B4:3A:B7:AF:72:2A:F4:0E:CF:91:60:1F
X509v3 Authority Key Identifier:
keyid:D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/Up-hcKb0qy-0Orevcir0Ds-RYB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.204.204.0/22
193.143.2.0/23
193.143.6.0/23
199.175.220.0/22
Signature Algorithm: sha256WithRSAEncryption
07:9a:07:a6:5f:df:b4:a1:7d:14:23:23:e6:d8:71:76:b7:9b:
88:90:dd:8a:90:ac:99:04:85:cd:81:d5:09:70:c6:ca:7c:d0:
1a:03:9e:54:6f:c1:55:1c:5f:16:2c:6d:42:74:47:21:22:1b:
05:b8:24:06:3a:0b:f0:18:ce:0d:c0:e0:eb:9b:ef:6a:e2:59:
34:4c:d9:01:8f:5f:cb:ad:d0:77:3e:8a:cc:97:93:f9:c6:14:
c5:64:8f:72:ec:c9:70:4a:a0:41:cd:c2:61:81:a8:3d:8b:93:
85:81:a4:38:b2:f4:7d:28:14:ce:ef:d7:c6:08:28:02:7b:e8:
68:5a:ff:08:d4:49:b8:54:75:05:73:40:6d:80:3e:20:32:7f:
45:a9:cb:23:4f:df:91:0e:a2:84:d3:1c:ce:ff:c4:41:99:f8:
07:cf:ff:e1:f6:ea:3f:29:3b:7b:4a:eb:59:31:ef:c9:7a:ba:
fa:9f:67:06:08:b5:d4:72:ae:87:a9:00:54:1e:ed:e3:63:71:
2c:8d:79:66:3b:c2:c7:47:f2:80:d4:95:21:f2:3a:a0:69:86:
c6:ce:26:1d:41:7e:4a:0e:5b:22:17:ab:e6:0a:35:ab:2c:3b:
fb:a1:2b:0b:5a:e7:5f:c1:17:07:09:f2:4e:98:67:8b:e4:13:
63:a7:24:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVx+gkW4u0mP1kYOUWUE205MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGQyNjgxNTE0YWVmZWU5ZDNjODZlMWVhZTM1NzM2Yzg0
ZDFjMDkwHhcNMjMwMTAyMTAxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjlmYTE3MGE2ZjRhYjJmYjQzYWI3YWY3MjJhZjQwZWNmOTE2MDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1PV51yzFuK4eYDYNwEvc63PcsjZ
tYabKNcU9xrJcgk0t3sfQ0e3R0f/1X+N/XUx7o2bjInLtdESkTV359fOwG6jDYWU
FilO8QdNCsa+MAJa34qSNsnKY2DUcAGy++J/MVssa3PV4pMDWJ9HOLDtrQSp8k7W
MWhP5iv/iCgRWZeAZjFReR8/LgineY6sJb560dxKguY3jD/epALIgFaavx7yVGXs
rfKD64CtSj24CoRXH0rT4OG77CwGZvgrXUYohIxBu6yxhIt8O1Ky+MYewrAIRSP4
ebEcm+9PwCrJiVDlxEan1ekktPTNS9/ZHg0T25cXAgEYML1jOlXT1U0aRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFKfoXCm9KsvtDq3r3Iq9A7PkWAfMB8GA1UdIwQY
MBaAFNkNJoFRSu/unTyG4erjVzbITRwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMGQ5NTYtN2I4Ny00ZWRkLWI5NDQt
MWQwZjI5YjRiOTdmLzEvVXAtaGNLYjBxeS0wT3JldmNpcjBEcy1SWUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMGQ5NTYtN2I4Ny00ZWRkLWI5NDQtMWQwZjI5YjRiOTdm
LzEvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCZ8zMAwQB
wY8CAwQBwY8GAwQCx6/cMA0GCSqGSIb3DQEBCwUAA4IBAQAHmgemX9+0oX0UIyPm
2HF2t5uIkN2KkKyZBIXNgdUJcMbKfNAaA55Ub8FVHF8WLG1CdEchIhsFuCQGOgvw
GM4NwODrm+9q4lk0TNkBj1/LrdB3PorMl5P5xhTFZI9y7MlwSqBBzcJhgag9i5OF
gaQ4svR9KBTO79fGCCgCe+hoWv8I1Em4VHUFc0BtgD4gMn9FqcsjT9+RDqKE0xzO
/8RBmfgHz//h9uo/KTt7SutZMe/Jerr6n2cGCLXUcq6HqQBUHu3jY3EsjXlmO8LH
R/KA1JUh8jqgaYbGziYdQX5KDlsiF6vmCjWrLDv7oSsLWudfwRcHCfJOmGeL5BNj
pyTe
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:54 2024 by rpki-client on console-fra.rpki-client.org