Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/uqvsfQNG1woQkWICWOUvBFdW48A.roa
File: uqvsfQNG1woQkWICWOUvBFdW48A.roa (raw, json)
Hash identifier: xkaWds/LUHoImvejOSNhgfsXQ5T61d3vSs4BzWTS/GA=
Subject key identifier: BA:AB:EC:7D:03:46:D7:0A:10:91:62:02:58:E5:2F:04:57:56:E3:C0
Certificate issuer: /CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Certificate serial: 018572D5B3D30468DF094EAC11F641439D4C
Authority key identifier: DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/uqvsfQNG1woQkWICWOUvBFdW48A.roa
Signing time: Mon 02 Jan 2023 14:14:45 +0000
ROA not before: Mon 02 Jan 2023 14:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44356
IP address blocks: 79.99.192.0/21 maxlen: 24
31.13.152.0/21 maxlen: 24
2a00:1538::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:b3:d3:04:68:df:09:4e:ac:11:f6:41:43:9d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Validity
Not Before: Jan 2 14:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baabec7d0346d70a1091620258e52f045756e3c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:70:51:37:a7:ee:3b:89:5e:ff:10:73:93:5a:
c9:84:1b:48:d6:d4:db:82:1a:4e:f7:d8:68:a0:7f:
18:53:24:4e:c0:43:1a:a8:23:e2:a9:c0:f0:ea:bf:
2f:5c:e6:2a:8c:09:d9:70:ad:d1:77:f3:cd:b6:6e:
41:ce:20:4e:ff:15:31:ca:24:3d:ff:0c:fa:32:a9:
41:53:f5:4e:04:22:0e:17:f5:9b:7a:e1:d8:f8:a0:
11:04:f6:7a:7a:1d:39:1e:df:a7:71:25:b6:b5:39:
64:71:1f:c2:ce:53:ff:50:6b:ad:f9:60:9d:8d:01:
85:72:ae:43:70:cc:52:fd:63:be:aa:09:3c:ed:d3:
67:da:73:15:11:a5:1b:ce:41:eb:3d:60:df:12:1c:
4d:e9:4e:8e:81:1b:dc:10:b8:b6:4e:ae:65:4c:95:
64:a1:0e:55:27:19:95:92:20:61:4e:e4:e0:e9:39:
ef:5f:95:c4:b6:d2:be:ce:55:0c:8d:ce:94:c3:44:
57:ec:ea:a3:7b:e3:8c:af:8e:c3:cc:27:e9:93:44:
a3:f7:f1:44:dc:40:07:a5:bd:b8:c7:d0:d0:ff:c1:
6d:5f:50:ce:f3:a4:d4:aa:d1:24:50:5c:8e:dd:8b:
12:c8:47:96:52:4d:6e:8f:7a:df:69:86:f3:ae:94:
72:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AB:EC:7D:03:46:D7:0A:10:91:62:02:58:E5:2F:04:57:56:E3:C0
X509v3 Authority Key Identifier:
keyid:DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/uqvsfQNG1woQkWICWOUvBFdW48A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.152.0/21
79.99.192.0/21
IPv6:
2a00:1538::/32
Signature Algorithm: sha256WithRSAEncryption
63:e2:51:2d:95:77:cb:00:49:71:8f:b0:2e:cf:1e:07:9c:ad:
9b:97:d4:4f:e8:e1:66:d6:95:06:11:e1:02:2d:98:56:bc:64:
e8:07:ca:34:88:18:8a:b7:69:29:2e:5b:fd:b5:43:b0:17:f2:
34:6b:92:fd:71:2e:be:e8:2a:d4:c8:89:51:2a:7c:fe:f6:fc:
06:08:54:73:46:c7:51:db:73:41:f9:20:2a:71:72:a5:4d:49:
85:7e:6f:2b:15:3b:ca:2f:46:07:f1:06:c0:54:2e:07:cc:6c:
6f:d4:f6:22:84:97:e4:85:81:dc:27:0b:ee:7f:b7:dc:4e:fd:
0f:2c:dd:2e:f3:d3:e0:5b:15:e8:72:63:ec:62:5c:fe:6a:ae:
16:dc:77:c1:af:21:3c:59:93:00:2c:76:ee:8d:5d:3d:21:02:
85:fa:f8:11:f7:87:60:4b:9c:63:bb:da:e9:38:ce:12:38:56:
0b:3d:57:40:b5:d2:47:f8:14:ec:b0:4f:03:46:13:5d:48:c3:
a6:53:64:3e:e4:39:67:99:de:83:60:63:f2:bc:85:ff:18:9c:
fb:7e:a9:01:a1:f7:41:74:7c:22:41:50:be:21:e4:fb:dc:72:
8c:57:51:5f:a9:bf:a4:a8:e8:7c:f7:0f:11:5a:09:20:06:91:
96:37:44:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVy1bPTBGjfCU6sEfZBQ51MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOTA0MTU1ZWUzYWNmZTNmZWE4YmJmZWU4NmU5N2M1OGM4
OTkxZjQwHhcNMjMwMTAyMTQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFiZWM3ZDAzNDZkNzBhMTA5MTYyMDI1OGU1MmYwNDU3NTZlM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonBRN6fuO4le/xBzk1rJhBtI1tTb
ghpO99hooH8YUyROwEMaqCPiqcDw6r8vXOYqjAnZcK3Rd/PNtm5BziBO/xUxyiQ9
/wz6MqlBU/VOBCIOF/WbeuHY+KARBPZ6eh05Ht+ncSW2tTlkcR/CzlP/UGut+WCd
jQGFcq5DcMxS/WO+qgk87dNn2nMVEaUbzkHrPWDfEhxN6U6OgRvcELi2Tq5lTJVk
oQ5VJxmVkiBhTuTg6TnvX5XEttK+zlUMjc6Uw0RX7Oqje+OMr47DzCfpk0Sj9/FE
3EAHpb24x9DQ/8FtX1DO86TUqtEkUFyO3YsSyEeWUk1uj3rfaYbzrpRy3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLqr7H0DRtcKEJFiAljlLwRXVuPAMB8GA1UdIwQY
MBaAFN+QQVXuOs/j/qi7/uhul8WMiZH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQt
NjQ2N2Y0NGI0M2JmLzEvdXF2c2ZRTkcxd29Ra1dJQ1dPVXZCRmRXNDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQtNjQ2N2Y0NGI0M2Jm
LzEvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHw2YAwQD
T2PAMA0EAgACMAcDBQAqABU4MA0GCSqGSIb3DQEBCwUAA4IBAQBj4lEtlXfLAElx
j7Auzx4HnK2bl9RP6OFm1pUGEeECLZhWvGToB8o0iBiKt2kpLlv9tUOwF/I0a5L9
cS6+6CrUyIlRKnz+9vwGCFRzRsdR23NB+SAqcXKlTUmFfm8rFTvKL0YH8QbAVC4H
zGxv1PYihJfkhYHcJwvuf7fcTv0PLN0u89PgWxXocmPsYlz+aq4W3HfBryE8WZMA
LHbujV09IQKF+vgR94dgS5xju9rpOM4SOFYLPVdAtdJH+BTssE8DRhNdSMOmU2Q+
5Dlnmd6DYGPyvIX/GJz7fqkBofdBdHwiQVC+IeT73HKMV1Ffqb+kqOh89w8RWgkg
BpGWN0SC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-ams.rpki-client.org