Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/1uBKfuytoNfqyOZHvU7_GbugIJ8.roa
File: 1uBKfuytoNfqyOZHvU7_GbugIJ8.roa (raw, json)
Hash identifier: 3kbVQRVpZGNrN6ulYJzC9nuppom5cEPbD3StqdO4Uew=
Subject key identifier: D6:E0:4A:7E:EC:AD:A0:D7:EA:C8:E6:47:BD:4E:FF:19:BB:A0:20:9F
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 01856E0B0F5BCD2CEB7D483C2F8476F0BE0F
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/1uBKfuytoNfqyOZHvU7_GbugIJ8.roa
Signing time: Sun 01 Jan 2023 15:54:56 +0000
ROA not before: Sun 01 Jan 2023 15:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49074
IP address blocks: 193.242.196.0/22 maxlen: 22
109.166.32.0/22 maxlen: 22
91.228.140.0/22 maxlen: 22
194.40.204.0/22 maxlen: 22
91.234.56.0/22 maxlen: 22
151.248.64.0/24 maxlen: 24
151.248.65.0/24 maxlen: 24
151.248.66.0/24 maxlen: 24
151.248.67.0/24 maxlen: 24
151.248.95.0/24 maxlen: 24
176.113.104.0/22 maxlen: 22
176.113.108.0/22 maxlen: 22
2a04:2043::/32 maxlen: 32
2a04:2047::/32 maxlen: 32
2a04:2041::/32 maxlen: 32
2a04:2045::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Sep 2023 14:53:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:0f:5b:cd:2c:eb:7d:48:3c:2f:84:76:f0:be:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6e04a7eecada0d7eac8e647bd4eff19bba0209f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:99:69:6b:82:62:6a:e0:23:2c:18:f9:24:5f:
40:01:46:7a:18:34:9c:dd:33:17:03:0c:c0:6d:5c:
d6:a9:58:af:32:c9:28:70:38:62:c8:ee:94:ac:06:
da:ca:d1:47:1e:ce:3f:47:d5:8c:0e:15:34:06:5d:
92:c4:8c:eb:c3:1e:f5:eb:d8:eb:17:78:ae:7c:e9:
ca:26:96:cb:fb:c0:c5:e7:39:89:59:36:fa:b3:8c:
e0:e1:c6:e5:8e:41:1d:ed:79:73:08:2f:f0:5f:44:
18:2a:8b:42:74:13:0f:06:66:8e:46:24:e9:6a:7c:
da:4d:01:c1:23:9b:86:b1:b9:23:d1:dc:98:82:6b:
00:32:68:fb:34:12:40:a6:2c:ad:45:2c:16:ef:28:
65:88:19:7a:10:c8:0c:7c:86:be:c0:34:7a:1a:10:
d8:3c:25:f1:cd:82:a0:83:fc:ec:32:bb:96:16:bd:
a7:fd:cc:d2:de:19:62:2f:f7:c2:fa:b0:34:af:91:
c5:1b:e4:5e:1e:b6:5b:79:f6:87:24:ef:5b:fa:3f:
58:94:44:bf:2f:e7:ba:c0:7c:cb:ec:93:cd:52:11:
40:b0:93:58:75:ae:73:e4:52:ca:f8:51:6f:5d:46:
c1:78:3a:9b:d1:32:39:95:8d:5d:6c:3e:92:61:c6:
c2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E0:4A:7E:EC:AD:A0:D7:EA:C8:E6:47:BD:4E:FF:19:BB:A0:20:9F
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/1uBKfuytoNfqyOZHvU7_GbugIJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.140.0/22
91.234.56.0/22
109.166.32.0/22
151.248.64.0/22
151.248.95.0/24
176.113.104.0/21
193.242.196.0/22
194.40.204.0/22
IPv6:
2a04:2041::/32
2a04:2043::/32
2a04:2045::/32
2a04:2047::/32
Signature Algorithm: sha256WithRSAEncryption
29:b6:ea:ab:12:c8:27:e3:f4:0a:3a:93:5c:3e:4e:ca:3c:f0:
2c:dd:d9:1f:c7:f9:4e:e6:5b:1b:2e:c2:27:86:c7:0f:ed:6a:
ff:e7:2f:0f:68:ef:d8:84:44:48:1a:0d:1d:51:da:48:83:cb:
05:d0:6f:b4:36:de:b7:20:02:d5:87:36:7c:2c:bf:8c:45:25:
11:f9:3e:ea:0f:77:05:16:13:51:25:35:a4:f3:69:3c:15:9a:
18:55:b7:8a:f0:90:34:1e:da:ba:18:df:16:19:42:5d:d8:ea:
f4:2c:6f:83:0d:57:64:ff:e3:cf:8d:28:34:d3:36:bd:b4:3b:
ad:fc:c6:6b:1b:ee:9c:c5:53:87:6b:9f:a1:13:f4:fa:4f:3f:
e6:38:e9:d8:7b:58:2f:82:cb:48:25:40:d3:a3:2a:ef:42:8e:
25:d5:21:43:42:05:cd:f5:34:f1:8f:ea:09:c9:bb:18:73:15:
cf:9f:9d:c1:c7:07:de:d3:d1:14:44:bf:e9:09:fb:8d:74:e2:
70:3f:fc:74:7b:6a:62:0c:79:f8:b9:27:35:8f:f5:3d:07:f3:
69:4d:8d:9f:f8:9f:a3:e9:a9:6b:40:de:b2:af:af:0d:79:5d:
eb:ba:b8:15:72:5b:30:49:57:06:4b:16:85:b2:9d:e4:f0:1a:
8f:08:32:27
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVuCw9bzSzrfUg8L4R28L4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwMTAxMTU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmUwNGE3ZWVjYWRhMGQ3ZWFjOGU2NDdiZDRlZmYxOWJiYTAyMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJlpa4JiauAjLBj5JF9AAUZ6GDSc
3TMXAwzAbVzWqVivMskocDhiyO6UrAbaytFHHs4/R9WMDhU0Bl2SxIzrwx7169jr
F3iufOnKJpbL+8DF5zmJWTb6s4zg4cbljkEd7XlzCC/wX0QYKotCdBMPBmaORiTp
anzaTQHBI5uGsbkj0dyYgmsAMmj7NBJApiytRSwW7yhliBl6EMgMfIa+wDR6GhDY
PCXxzYKgg/zsMruWFr2n/czS3hliL/fC+rA0r5HFG+ReHrZbefaHJO9b+j9YlES/
L+e6wHzL7JPNUhFAsJNYda5z5FLK+FFvXUbBeDqb0TI5lY1dbD6SYcbCIQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNbgSn7sraDX6sjmR71O/xm7oCCfMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvMXVCS2Z1eXRvTmZxeU9aSHZVN19HYnVnSUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQCW+SMAwQC
W+o4AwQCbaYgAwQCl/hAAwQAl/hfAwQDsHFoAwQCwfLEAwQCwijMMCIEAgACMBwD
BQAqBCBBAwUAKgQgQwMFACoEIEUDBQAqBCBHMA0GCSqGSIb3DQEBCwUAA4IBAQAp
tuqrEsgn4/QKOpNcPk7KPPAs3dkfx/lO5lsbLsInhscP7Wr/5y8PaO/YhERIGg0d
UdpIg8sF0G+0Nt63IALVhzZ8LL+MRSUR+T7qD3cFFhNRJTWk82k8FZoYVbeK8JA0
Htq6GN8WGUJd2Or0LG+DDVdk/+PPjSg00za9tDut/MZrG+6cxVOHa5+hE/T6Tz/m
OOnYe1gvgstIJUDToyrvQo4l1SFDQgXN9TTxj+oJybsYcxXPn53Bxwfe09EURL/p
CfuNdOJwP/x0e2piDHn4uSc1j/U9B/NpTY2f+J+j6alrQN6yr68NeV3rurgVclsw
SVcGSxaFsp3k8BqPCDIn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org