Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/UCSPfxAEHYEUPCUmjvTlSP8pFHs.roa
File: UCSPfxAEHYEUPCUmjvTlSP8pFHs.roa (raw, json)
Hash identifier: awffKNgRNMtSUMweae86k0HD2xi12K/wF4Yp2G1g9yE=
Subject key identifier: 50:24:8F:7F:10:04:1D:81:14:3C:25:26:8E:F4:E5:48:FF:29:14:7B
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 01856E0B1283887D2389CC4C119B6874EB84
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/UCSPfxAEHYEUPCUmjvTlSP8pFHs.roa
Signing time: Sun 01 Jan 2023 15:54:57 +0000
ROA not before: Sun 01 Jan 2023 15:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212212
IP address blocks: 151.248.70.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:12:83:88:7d:23:89:cc:4c:11:9b:68:74:eb:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50248f7f10041d81143c25268ef4e548ff29147b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:99:85:c5:5e:3d:a7:13:95:e7:89:18:09:39:
df:9d:61:de:f3:2c:88:bc:d9:ff:f9:44:b6:f6:a1:
21:d5:7c:23:d3:a8:92:d9:ec:b2:ac:c5:a5:75:26:
ea:be:2a:e2:8d:b5:d4:e3:94:51:73:51:da:b9:12:
50:ad:7f:fc:b9:2f:64:50:32:26:59:c5:2b:3f:77:
19:2d:14:bf:1e:06:63:0d:68:a3:51:67:b7:b1:84:
4d:ab:d6:9d:9c:95:fb:97:19:4e:45:8c:e8:08:e1:
d9:b2:ee:7d:2a:18:87:8f:25:e7:68:b3:1c:8e:c0:
3d:6a:53:ea:37:fa:d2:a1:80:8b:ad:0c:e1:fa:dc:
d9:9d:76:a9:ed:95:98:2a:87:c8:a7:8d:86:8e:ad:
9f:2a:fd:2e:45:fa:29:11:70:05:d3:36:c8:61:d3:
54:ca:7c:35:ec:18:34:e7:f2:7b:d8:98:5b:33:92:
5f:59:a1:2d:f7:7f:a4:18:78:e4:2d:44:f7:06:92:
ec:58:ed:9f:8f:12:85:48:37:a1:44:32:42:da:25:
de:8c:fe:ef:29:43:a5:87:17:ef:dc:94:cb:b7:89:
44:c0:2e:88:6e:fa:45:ea:97:35:c8:4f:fe:a6:d3:
f6:5f:f2:4e:6d:29:9d:49:07:cf:18:44:3e:39:d3:
55:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:24:8F:7F:10:04:1D:81:14:3C:25:26:8E:F4:E5:48:FF:29:14:7B
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/UCSPfxAEHYEUPCUmjvTlSP8pFHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.70.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:eb:11:7f:4f:05:ab:2d:9a:8b:77:2c:2c:d9:eb:61:42:bc:
c6:fd:a3:43:73:61:f8:d9:14:d3:97:cd:db:89:af:09:7b:3e:
b3:31:79:24:a5:1c:ac:cd:02:7d:2f:70:27:20:8f:7d:6c:61:
fc:db:78:77:56:72:70:b7:ff:b4:af:80:fa:52:ef:a2:e8:91:
1d:18:67:6e:b8:c0:c3:5c:33:0d:f6:b1:ff:8d:59:2c:f0:e2:
56:a7:b9:91:87:c3:53:79:ca:b3:e4:11:af:b6:91:4b:70:ba:
c3:96:40:0d:04:25:5a:71:7a:5c:b6:68:40:dc:8f:d1:82:3b:
18:2a:cf:ab:37:d3:7f:e2:4a:c7:6a:a4:da:80:84:b4:c6:f4:
52:57:e4:d4:e3:ad:44:a1:fa:9b:df:6d:54:4f:73:58:db:0e:
32:a0:c1:95:86:9c:39:9b:d7:b8:20:ea:73:ca:13:eb:0a:8e:
e3:1b:8b:e7:c9:e3:8e:2f:ab:c2:77:66:61:dc:6b:63:3f:d2:
57:7b:dc:d5:37:d3:76:39:d4:16:f5:ba:c3:4f:1b:a4:8f:f9:
f8:1f:d5:89:6a:b3:59:1d:78:71:e7:59:3c:c0:cb:15:2c:e3:
75:89:93:5a:28:2a:74:32:00:6f:9c:0a:bb:d8:c1:27:80:e1:
b2:51:5d:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuCxKDiH0jicxMEZtodOuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwMTAxMTU1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDI0OGY3ZjEwMDQxZDgxMTQzYzI1MjY4ZWY0ZTU0OGZmMjkxNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpmFxV49pxOV54kYCTnfnWHe8yyI
vNn/+US29qEh1Xwj06iS2eyyrMWldSbqvirijbXU45RRc1HauRJQrX/8uS9kUDIm
WcUrP3cZLRS/HgZjDWijUWe3sYRNq9adnJX7lxlORYzoCOHZsu59KhiHjyXnaLMc
jsA9alPqN/rSoYCLrQzh+tzZnXap7ZWYKofIp42Gjq2fKv0uRfopEXAF0zbIYdNU
ynw17Bg05/J72JhbM5JfWaEt93+kGHjkLUT3BpLsWO2fjxKFSDehRDJC2iXejP7v
KUOlhxfv3JTLt4lEwC6IbvpF6pc1yE/+ptP2X/JObSmdSQfPGEQ+OdNVdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAkj38QBB2BFDwlJo705Uj/KRR7MB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvVUNTUGZ4QUVIWUVVUENVbWp2VGxTUDhwRkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/hGMA0G
CSqGSIb3DQEBCwUAA4IBAQAt6xF/TwWrLZqLdyws2ethQrzG/aNDc2H42RTTl83b
ia8Jez6zMXkkpRyszQJ9L3AnII99bGH823h3VnJwt/+0r4D6Uu+i6JEdGGduuMDD
XDMN9rH/jVks8OJWp7mRh8NTecqz5BGvtpFLcLrDlkANBCVacXpctmhA3I/RgjsY
Ks+rN9N/4krHaqTagIS0xvRSV+TU461Eofqb321UT3NY2w4yoMGVhpw5m9e4IOpz
yhPrCo7jG4vnyeOOL6vCd2Zh3GtjP9JXe9zVN9N2OdQW9brDTxukj/n4H9WJarNZ
HXhx51k8wMsVLON1iZNaKCp0MgBvnAq72MEngOGyUV2i
-----END CERTIFICATE-----
Generated at Wed Oct 25 12:57:46 2023 by rpki-client on console-fra.rpki-client.org