Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/ujYV7HNifC5ZhRtvBqLEKOIvxOA.roa
File: ujYV7HNifC5ZhRtvBqLEKOIvxOA.roa (raw, json)
Hash identifier: ENdI3k+BCXIa+ZnSs6maIfgG5fch+K5knuKFAzbvTdU=
Subject key identifier: BA:36:15:EC:73:62:7C:2E:59:85:1B:6F:06:A2:C4:28:E2:2F:C4:E0
Certificate issuer: /CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Certificate serial: 01856EA687A589D76E6ED83E3B23D58EC2BA
Authority key identifier: 97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/ujYV7HNifC5ZhRtvBqLEKOIvxOA.roa
Signing time: Sun 01 Jan 2023 18:44:45 +0000
ROA not before: Sun 01 Jan 2023 18:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48851
IP address blocks: 141.226.252.0/22 maxlen: 24
185.139.240.0/22 maxlen: 24
2a07:1980::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:87:a5:89:d7:6e:6e:d8:3e:3b:23:d5:8e:c2:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Validity
Not Before: Jan 1 18:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba3615ec73627c2e59851b6f06a2c428e22fc4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1a:f8:08:5b:f3:4b:aa:63:d1:ac:e1:e1:fa:
84:09:9f:ad:0d:80:c8:be:dc:ca:7f:cf:50:cd:6a:
65:b6:92:02:8a:57:08:93:a1:47:62:45:36:4e:e2:
2b:52:10:d3:67:55:6a:3d:c6:35:be:3a:c0:d6:70:
08:20:b3:0b:5d:a0:9b:e6:7a:c6:c3:04:a7:c0:50:
ac:c1:13:de:b0:be:45:ce:10:0f:95:48:2e:48:6d:
2b:61:25:19:56:13:03:6a:71:02:89:13:8d:fd:1c:
85:ed:1c:b3:16:35:bb:10:81:1e:f8:e5:08:b1:2b:
b8:62:02:80:38:29:d6:b2:59:77:53:c9:54:66:e5:
30:06:33:a6:47:56:de:65:35:c6:55:db:32:dc:3f:
db:56:56:d7:c6:b6:ac:3a:e3:91:8c:c0:b4:d7:ae:
27:51:8d:28:02:e3:a4:cd:00:32:bd:f3:e9:78:34:
fb:4c:c0:1d:66:6d:cb:aa:8b:ee:49:ea:1e:72:0e:
d5:f3:fa:68:4b:79:c6:26:fb:17:3d:81:ac:1c:a6:
30:82:0c:9b:9d:b4:d3:f9:10:cd:f2:cf:27:6e:8d:
e9:88:50:a0:d5:f1:9e:c1:15:af:a6:22:08:e4:91:
b3:f5:1c:a2:c1:75:22:a6:1f:ef:e4:10:b9:d9:5a:
2f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:36:15:EC:73:62:7C:2E:59:85:1B:6F:06:A2:C4:28:E2:2F:C4:E0
X509v3 Authority Key Identifier:
keyid:97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/ujYV7HNifC5ZhRtvBqLEKOIvxOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.252.0/22
185.139.240.0/22
IPv6:
2a07:1980::/29
Signature Algorithm: sha256WithRSAEncryption
90:8f:dc:8c:60:0d:46:f7:8b:69:3f:ab:0a:e4:4b:a2:1e:58:
79:17:5a:b2:8f:23:d5:4b:77:2a:49:a4:0b:cd:6d:29:93:7d:
58:da:1a:d5:2b:6a:e7:0b:0e:a9:96:23:5a:84:4b:55:e1:2f:
68:2a:a7:05:44:91:98:4b:5c:46:29:da:be:61:31:12:27:c5:
28:78:3c:2d:15:99:75:a1:d5:70:2f:a9:11:c7:b2:e8:07:aa:
31:43:0a:77:e9:4d:f8:54:da:e9:c0:e8:98:df:11:e0:9f:7c:
9a:b2:95:0b:c7:b8:9c:5a:cf:57:5a:c5:80:84:16:e3:05:c9:
79:47:cf:e6:22:bc:84:33:33:db:c0:3e:1d:09:b7:61:94:28:
04:ec:ca:92:bf:f7:4b:fe:44:dc:49:2c:da:7e:60:9e:41:9c:
e2:25:25:97:bd:c0:f1:43:16:55:c2:86:1b:32:9e:d3:ee:10:
5d:86:e1:3f:d7:af:e2:84:e6:f7:be:62:3f:6d:e9:11:ab:f6:
79:59:4c:eb:c7:f7:e0:fb:a7:91:9d:bb:f3:73:a5:39:9f:bc:
f3:e0:4b:58:a0:02:f1:be:b0:58:ba:62:33:39:9f:b1:fd:84:
84:82:4c:3b:3b:f8:af:35:50:e0:64:6a:3e:20:ef:ce:19:0c:
26:f5:54:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVupoeliddubtg+OyPVjsK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmQ5Yjg2NTMxZTU0NGFmYTAzMDlkOGJlMmE3YmE2OTE2
M2Y5YWQwHhcNMjMwMTAxMTg0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTM2MTVlYzczNjI3YzJlNTk4NTFiNmYwNmEyYzQyOGUyMmZjNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRr4CFvzS6pj0azh4fqECZ+tDYDI
vtzKf89QzWpltpICilcIk6FHYkU2TuIrUhDTZ1VqPcY1vjrA1nAIILMLXaCb5nrG
wwSnwFCswRPesL5FzhAPlUguSG0rYSUZVhMDanECiRON/RyF7RyzFjW7EIEe+OUI
sSu4YgKAOCnWsll3U8lUZuUwBjOmR1beZTXGVdsy3D/bVlbXxrasOuORjMC0164n
UY0oAuOkzQAyvfPpeDT7TMAdZm3LqovuSeoecg7V8/poS3nGJvsXPYGsHKYwggyb
nbTT+RDN8s8nbo3piFCg1fGewRWvpiII5JGz9RyiwXUiph/v5BC52VovtQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLo2FexzYnwuWYUbbwaixCjiL8TgMB8GA1UdIwQY
MBaAFJe9m4ZTHlRK+gMJ2L4qe6aRY/mtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjIt
MzQ2MGNjMjY0ODBiLzEvdWpZVjdITmlmQzVaaFJ0dkJxTEVLT0l2eE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjItMzQ2MGNjMjY0ODBi
LzEvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCjeL8AwQC
uYvwMA0EAgACMAcDBQMqBxmAMA0GCSqGSIb3DQEBCwUAA4IBAQCQj9yMYA1G94tp
P6sK5EuiHlh5F1qyjyPVS3cqSaQLzW0pk31Y2hrVK2rnCw6pliNahEtV4S9oKqcF
RJGYS1xGKdq+YTESJ8UoeDwtFZl1odVwL6kRx7LoB6oxQwp36U34VNrpwOiY3xHg
n3yaspULx7icWs9XWsWAhBbjBcl5R8/mIryEMzPbwD4dCbdhlCgE7MqSv/dL/kTc
SSzafmCeQZziJSWXvcDxQxZVwoYbMp7T7hBdhuE/16/ihOb3vmI/bekRq/Z5WUzr
x/fg+6eRnbvzc6U5n7zz4EtYoALxvrBYumIzOZ+x/YSEgkw7O/ivNVDgZGo+IO/O
GQwm9VRU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:33 2024 by rpki-client on console-ams.rpki-client.org