Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/UP8hCUUnJ3oQzqLgQYl1VGCAyqU.roa
File: UP8hCUUnJ3oQzqLgQYl1VGCAyqU.roa (raw, json)
Hash identifier: +DdJhxBV8+SPavyXohprtw35FLGultEOt9uiNM8uDH4=
Subject key identifier: 50:FF:21:09:45:27:27:7A:10:CE:A2:E0:41:89:75:54:60:80:CA:A5
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 018C888D6B0B50D40106D92864EDF6ADD833
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/UP8hCUUnJ3oQzqLgQYl1VGCAyqU.roa
Signing time: Wed 20 Dec 2023 18:46:58 +0000
ROA not before: Wed 20 Dec 2023 18:46:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202777
IP address blocks: 185.235.141.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:88:8d:6b:0b:50:d4:01:06:d9:28:64:ed:f6:ad:d8:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Dec 20 18:46:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50ff21094527277a10cea2e0418975546080caa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:eb:c7:8e:d7:5e:33:bc:59:7c:e8:ff:da:d9:
3e:3e:c3:78:6a:d9:6f:88:a0:62:64:25:e6:d2:51:
97:95:95:22:18:4d:27:2e:86:5b:98:ea:56:33:fe:
3c:36:d9:85:98:67:6c:01:ee:fb:6c:56:43:30:f5:
f8:e2:d6:a9:2e:b1:8e:63:8b:0e:3d:25:5e:a3:35:
a4:88:17:8c:02:27:f1:08:db:27:8e:f5:71:22:49:
49:09:35:b0:b7:fe:7a:14:b8:a8:19:ae:8a:47:d8:
1b:fe:66:ff:28:98:a5:ad:da:c7:77:6c:72:93:d7:
b5:28:62:e8:20:73:75:e8:85:dc:58:1b:8c:f6:25:
7e:6c:65:4e:76:7f:63:8b:0e:5e:4f:9f:18:b4:6d:
43:ba:d6:8a:5e:95:fc:35:8f:40:f0:6f:93:be:b4:
33:90:17:6d:51:96:9d:ef:69:26:85:1a:cc:48:7d:
77:5b:6c:d4:a5:37:71:1f:c5:43:86:47:ac:ac:23:
65:44:b7:22:66:bd:ea:37:66:c7:1f:8d:74:7e:b5:
d3:04:fa:a9:f8:7b:05:47:bb:2b:f6:0e:15:ec:29:
82:ea:04:96:aa:57:03:0f:45:4e:86:38:f4:97:89:
44:fc:06:bd:a3:46:3c:c7:00:2d:b2:b5:e2:ef:e8:
83:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FF:21:09:45:27:27:7A:10:CE:A2:E0:41:89:75:54:60:80:CA:A5
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/UP8hCUUnJ3oQzqLgQYl1VGCAyqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.141.0/24
Signature Algorithm: sha256WithRSAEncryption
99:e8:55:9f:05:dc:08:8b:7c:50:36:d0:a1:26:79:ef:53:c4:
8c:7a:71:89:08:0c:95:43:04:b5:2a:d0:98:19:bb:1c:4e:05:
ad:54:c9:6b:c6:de:e4:e9:8a:7d:21:54:be:a9:11:77:35:49:
26:71:a2:bf:2a:1d:9f:45:c7:66:31:7b:06:69:48:12:dc:a1:
09:17:d9:9b:3b:96:17:3f:ed:97:92:e8:70:bd:68:25:81:01:
78:a1:f0:24:6c:2e:23:ac:68:de:d3:3b:ff:b2:b0:a3:7a:5a:
33:3d:d5:f4:1b:01:05:92:23:27:05:01:c0:76:43:56:88:48:
15:30:6f:39:52:93:ef:0f:ea:bf:66:85:8e:3d:a5:cd:10:29:
ba:ea:bb:f1:51:c2:a1:0e:b2:89:0e:60:a9:09:f3:a9:47:44:
0a:3f:7f:a8:39:14:b1:c8:08:83:87:a6:ca:aa:ee:df:bd:5d:
63:a1:b1:e9:26:64:02:5b:55:b7:4f:04:ca:2e:58:12:1f:41:
d0:46:0a:f5:c9:b2:56:fe:4d:08:bb:d7:b9:86:d4:d4:1c:35:
14:47:56:8d:e6:9e:4b:f2:16:a2:38:ec:24:84:7d:2a:b6:2a:
4e:a2:21:37:f5:76:a1:be:12:81:de:e9:21:a6:5e:c3:4d:88:
8e:3c:e8:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyIjWsLUNQBBtkoZO32rdgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjMxMjIwMTg0NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZmMjEwOTQ1MjcyNzdhMTBjZWEyZTA0MTg5NzU1NDYwODBjYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOvHjtdeM7xZfOj/2tk+PsN4atlv
iKBiZCXm0lGXlZUiGE0nLoZbmOpWM/48NtmFmGdsAe77bFZDMPX44tapLrGOY4sO
PSVeozWkiBeMAifxCNsnjvVxIklJCTWwt/56FLioGa6KR9gb/mb/KJilrdrHd2xy
k9e1KGLoIHN16IXcWBuM9iV+bGVOdn9jiw5eT58YtG1DutaKXpX8NY9A8G+TvrQz
kBdtUZad72kmhRrMSH13W2zUpTdxH8VDhkesrCNlRLciZr3qN2bHH410frXTBPqp
+HsFR7sr9g4V7CmC6gSWqlcDD0VOhjj0l4lE/Aa9o0Y8xwAtsrXi7+iDXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFD/IQlFJyd6EM6i4EGJdVRggMqlMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvVVA4aENVVW5KM29RenFMZ1FZbDFWR0NBeXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueuNMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ6FWfBdwIi3xQNtChJnnvU8SMenGJCAyVQwS1KtCY
GbscTgWtVMlrxt7k6Yp9IVS+qRF3NUkmcaK/Kh2fRcdmMXsGaUgS3KEJF9mbO5YX
P+2XkuhwvWglgQF4ofAkbC4jrGje0zv/srCjelozPdX0GwEFkiMnBQHAdkNWiEgV
MG85UpPvD+q/ZoWOPaXNECm66rvxUcKhDrKJDmCpCfOpR0QKP3+oORSxyAiDh6bK
qu7fvV1jobHpJmQCW1W3TwTKLlgSH0HQRgr1ybJW/k0Iu9e5htTUHDUUR1aN5p5L
8haiOOwkhH0qtipOoiE39XahvhKB3ukhpl7DTYiOPOiT
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:05 2024 by rpki-client on console-ams.rpki-client.org