Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/UsMDTMUQZSU4VfFM8xlGXRuxxiE.roa
File: UsMDTMUQZSU4VfFM8xlGXRuxxiE.roa (raw, json)
Hash identifier: 7feDiC9QAqzhZOCtg3xB4m4mAqyzw94gxLL0aGj08W4=
Subject key identifier: 52:C3:03:4C:C5:10:65:25:38:55:F1:4C:F3:19:46:5D:1B:B1:C6:21
Certificate issuer: /CN=6dbd51576b4a93460a465af35e6bf550f5548894
Certificate serial: 01856D81AFB07E9444FA0338A3B970966764
Authority key identifier: 6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/UsMDTMUQZSU4VfFM8xlGXRuxxiE.roa
Signing time: Sun 01 Jan 2023 13:24:53 +0000
ROA not before: Sun 01 Jan 2023 13:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209788
IP address blocks: 95.183.44.0/23 maxlen: 24
95.183.46.0/24 maxlen: 24
188.68.80.0/24 maxlen: 24
188.68.91.0/24 maxlen: 24
188.68.90.0/24 maxlen: 24
188.68.92.0/24 maxlen: 24
188.68.93.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:af:b0:7e:94:44:fa:03:38:a3:b9:70:96:67:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd51576b4a93460a465af35e6bf550f5548894
Validity
Not Before: Jan 1 13:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52c3034cc51065253855f14cf319465d1bb1c621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:00:51:33:e7:5d:11:28:4f:c0:8d:2a:7c:80:
3c:9e:b7:ed:2f:42:ef:59:45:35:bd:63:ee:7b:5b:
f2:d1:29:92:f8:16:d0:c4:c3:ce:67:d3:0d:10:47:
aa:ef:6d:d9:86:9f:ef:4e:3d:a8:f0:dd:37:7a:02:
00:27:43:c8:fc:0f:19:1a:f1:20:81:d5:fc:cb:57:
06:39:fa:83:a3:31:49:a8:bb:b9:09:c0:97:a7:eb:
08:dd:f3:9d:c0:02:a1:c8:1e:62:ec:c1:7a:c9:01:
e5:c8:e6:e7:c2:57:14:bc:10:03:97:04:b5:da:8c:
5c:c0:d7:ed:e4:5d:e7:b0:b3:cd:c5:4b:6a:10:5f:
8c:f1:13:72:3a:e4:82:f8:28:f1:74:65:2d:74:66:
ac:6e:17:57:97:f1:f9:02:9c:c2:28:e5:ad:00:ca:
96:eb:56:d7:0e:e8:b8:c5:65:0e:4e:6e:a2:ed:dd:
5b:05:88:f2:7f:b2:cb:db:d8:f4:c4:75:97:4c:ef:
4e:a8:92:14:6d:b3:50:f2:28:ed:71:1e:d0:d5:d1:
54:f0:c1:4d:ad:a9:19:f9:3a:42:c1:05:9b:22:b3:
47:9c:2d:ae:c9:1b:5e:07:a2:78:0e:a6:c5:ff:bc:
4a:4e:61:52:52:d9:e8:2c:82:87:9b:aa:80:dd:31:
c7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C3:03:4C:C5:10:65:25:38:55:F1:4C:F3:19:46:5D:1B:B1:C6:21
X509v3 Authority Key Identifier:
keyid:6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/UsMDTMUQZSU4VfFM8xlGXRuxxiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.183.44.0-95.183.46.255
188.68.80.0/24
188.68.90.0-188.68.93.255
Signature Algorithm: sha256WithRSAEncryption
51:1a:64:3b:cb:4c:c7:8a:4e:f7:5e:73:f3:3b:7b:76:65:ae:
ec:80:84:dc:98:f4:5e:ef:0f:66:e3:1f:49:51:b7:94:2a:16:
92:1e:ac:e7:5f:09:46:f7:51:5a:d4:58:c6:44:92:e8:d2:44:
0c:b3:76:0c:9f:b1:89:c9:ac:9a:73:5a:65:c3:a0:2a:7c:27:
75:da:65:84:87:be:12:c3:0f:39:76:7c:61:5b:4f:f8:ce:65:
f7:37:79:90:87:6f:d8:9c:91:20:af:8e:99:c8:19:52:d0:00:
54:b6:c2:06:50:3a:f3:86:36:b6:e8:61:cc:2a:15:f5:69:0c:
ad:75:6e:d3:a8:8c:93:fe:b0:28:a2:fe:97:7b:25:47:f3:47:
05:6f:7a:63:19:0c:3b:c7:da:d8:46:14:db:f9:ba:d5:97:dc:
5a:e2:6c:79:1f:05:13:9d:74:b7:bf:0e:3f:51:fb:95:e0:24:
c3:28:1a:dc:a6:14:ff:fa:dc:e3:2c:81:31:26:53:dd:cb:3b:
1f:2d:5c:e1:09:28:ee:2e:35:29:81:ad:63:b8:63:81:55:3a:
1f:7e:cc:2e:36:3a:2c:9b:33:1a:50:f1:1a:30:e4:21:41:02:
e2:f6:50:14:53:f7:20:93:c2:bf:a1:bb:e9:f8:eb:87:0d:b5:
53:ed:38:73
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtga+wfpRE+gM4o7lwlmdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1MTU3NmI0YTkzNDYwYTQ2NWFmMzVlNmJmNTUwZjU1
NDg4OTQwHhcNMjMwMTAxMTMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmMzMDM0Y2M1MTA2NTI1Mzg1NWYxNGNmMzE5NDY1ZDFiYjFjNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwBRM+ddEShPwI0qfIA8nrftL0Lv
WUU1vWPue1vy0SmS+BbQxMPOZ9MNEEeq723Zhp/vTj2o8N03egIAJ0PI/A8ZGvEg
gdX8y1cGOfqDozFJqLu5CcCXp+sI3fOdwAKhyB5i7MF6yQHlyObnwlcUvBADlwS1
2oxcwNft5F3nsLPNxUtqEF+M8RNyOuSC+CjxdGUtdGasbhdXl/H5ApzCKOWtAMqW
61bXDui4xWUOTm6i7d1bBYjyf7LL29j0xHWXTO9OqJIUbbNQ8ijtcR7Q1dFU8MFN
rakZ+TpCwQWbIrNHnC2uyRteB6J4DqbF/7xKTmFSUtnoLIKHm6qA3THHqwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFLDA0zFEGUlOFXxTPMZRl0bscYhMB8GA1UdIwQY
MBaAFG29UVdrSpNGCkZa815r9VD1VIiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUt
MWVmN2VmMTdmYTQzLzEvVXNNRFRNVVFaU1U0VmZGTTh4bEdYUnV4eGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUtMWVmN2VmMTdmYTQz
LzEvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAJftywD
BABfty4DBAC8RFAwDAMEAbxEWgMEAbxEXDANBgkqhkiG9w0BAQsFAAOCAQEAURpk
O8tMx4pO915z8zt7dmWu7ICE3Jj0Xu8PZuMfSVG3lCoWkh6s518JRvdRWtRYxkSS
6NJEDLN2DJ+xicmsmnNaZcOgKnwnddplhIe+EsMPOXZ8YVtP+M5l9zd5kIdv2JyR
IK+OmcgZUtAAVLbCBlA684Y2tuhhzCoV9WkMrXVu06iMk/6wKKL+l3slR/NHBW96
YxkMO8fa2EYU2/m61ZfcWuJseR8FE510t78OP1H7leAkwyga3KYU//rc4yyBMSZT
3cs7Hy1c4Qko7i41KYGtY7hjgVU6H37MLjY6LJszGlDxGjDkIUEC4vZQFFP3IJPC
v6G76fjrhw21U+04cw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:51 2024 by rpki-client on console-fra.rpki-client.org