Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/0d6b47-8191-41e2-8113-6e56212cdf5c/1/UiuNZCgwc_8PijupFfXPqEW9x3E.roa
File: UiuNZCgwc_8PijupFfXPqEW9x3E.roa (raw, json)
Hash identifier: dX3aBzThd5lOKkaUY2DWAMGDZAAJtKVH/VBbXkEMoYI=
Subject key identifier: 52:2B:8D:64:28:30:73:FF:0F:8A:3B:A9:15:F5:CF:A8:45:BD:C7:71
Certificate issuer: /CN=2ea7626d600daf759376a6507e1d684386992d31
Certificate serial: 018570303537E37A2BF2653EB9138EC2EAC9
Authority key identifier: 2E:A7:62:6D:60:0D:AF:75:93:76:A6:50:7E:1D:68:43:86:99:2D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LqdibWANr3WTdqZQfh1oQ4aZLTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/0d6b47-8191-41e2-8113-6e56212cdf5c/1/UiuNZCgwc_8PijupFfXPqEW9x3E.roa
Signing time: Mon 02 Jan 2023 01:54:45 +0000
ROA not before: Mon 02 Jan 2023 01:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57022
IP address blocks: 185.70.171.0/24 maxlen: 24
185.70.170.0/24 maxlen: 24
185.70.169.0/24 maxlen: 24
185.70.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:35:37:e3:7a:2b:f2:65:3e:b9:13:8e:c2:ea:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ea7626d600daf759376a6507e1d684386992d31
Validity
Not Before: Jan 2 01:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=522b8d64283073ff0f8a3ba915f5cfa845bdc771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3f:77:84:e3:79:e0:7d:34:ab:f0:8c:dc:13:
bc:66:9e:bf:0a:a7:69:cd:23:ec:7b:3a:a5:9a:19:
75:fd:20:bc:28:df:5b:bf:65:c2:65:d6:04:e5:0e:
0a:27:0f:c4:10:b5:8a:ed:4c:e5:42:8a:65:a6:d5:
38:ff:a3:ed:6e:38:df:69:56:c3:43:4d:b9:36:98:
18:da:50:24:82:11:74:bd:2d:e5:fc:23:6c:3d:e1:
c0:31:81:fb:48:bc:f9:e7:45:2e:72:03:ae:e6:47:
b4:c9:9e:b9:87:0d:38:ba:a2:61:ce:d3:0b:68:3a:
59:75:3a:cd:9f:b0:fc:87:fe:bb:0e:07:4a:9d:d8:
33:c6:c7:51:37:df:89:5a:bd:a3:86:0b:16:be:68:
c9:ff:d5:68:1a:ce:92:45:bf:a4:cf:38:69:9a:cd:
35:4d:32:1a:94:ff:eb:64:1d:54:df:50:b1:d9:88:
cf:dd:28:7f:fc:e0:b2:fc:7a:fa:35:26:6f:3a:89:
3d:f9:d0:48:53:d7:2a:19:fb:98:07:a4:98:2f:6f:
bb:2a:25:40:28:87:76:e7:40:0b:fe:f4:6f:50:b2:
c8:82:34:7c:a5:7d:88:3c:e6:df:3f:59:68:17:00:
ad:b4:f2:28:d2:30:3f:ae:8d:41:97:b7:4d:fe:b6:
7d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2B:8D:64:28:30:73:FF:0F:8A:3B:A9:15:F5:CF:A8:45:BD:C7:71
X509v3 Authority Key Identifier:
keyid:2E:A7:62:6D:60:0D:AF:75:93:76:A6:50:7E:1D:68:43:86:99:2D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LqdibWANr3WTdqZQfh1oQ4aZLTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0d6b47-8191-41e2-8113-6e56212cdf5c/1/UiuNZCgwc_8PijupFfXPqEW9x3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0d6b47-8191-41e2-8113-6e56212cdf5c/1/LqdibWANr3WTdqZQfh1oQ4aZLTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.168.0/22
Signature Algorithm: sha256WithRSAEncryption
68:57:af:44:86:7d:0f:b0:39:96:68:06:89:8a:09:5f:cb:6a:
1b:76:f6:d1:7b:94:ef:23:cd:4c:3a:49:72:81:30:af:9f:ab:
50:61:e7:1c:78:d1:ec:7d:e4:b8:c5:34:d6:19:1f:94:9e:4b:
2a:97:3c:b7:03:96:fe:fc:55:7e:56:36:d7:e1:d1:55:0e:3d:
cb:a9:30:9b:fe:c4:b0:a0:68:24:5a:6a:60:af:54:f2:1e:33:
cc:f9:d1:7c:c3:d4:4e:b4:89:af:7d:62:19:ac:77:3b:72:4e:
2f:89:fa:4c:7f:dd:48:a4:7e:bc:f4:dc:be:22:3e:4d:1c:1a:
cd:62:39:48:6c:6b:58:d9:f1:90:50:f9:76:c0:94:43:80:af:
8b:36:c4:94:6e:8e:dc:10:f1:ad:1f:51:12:2d:4e:62:57:d6:
37:dd:91:6d:61:c7:a0:8c:12:93:32:3d:67:77:68:ca:4d:73:
8b:fa:b3:0d:a0:7d:36:b0:73:6d:9f:2f:b4:ed:df:58:82:46:
76:7c:94:98:3a:09:44:94:7c:11:29:2e:96:b8:c4:67:88:3d:
b7:7b:59:6f:6d:5c:09:b0:87:36:b1:e1:e5:41:4d:ee:d1:1a:
32:e7:09:3c:61:18:62:c0:53:a3:ad:43:7f:5b:75:7f:4a:19:
70:d4:e4:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMDU343or8mU+uROOwurJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYTc2MjZkNjAwZGFmNzU5Mzc2YTY1MDdlMWQ2ODQzODY5
OTJkMzEwHhcNMjMwMTAyMDE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjJiOGQ2NDI4MzA3M2ZmMGY4YTNiYTkxNWY1Y2ZhODQ1YmRjNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz93hON54H00q/CM3BO8Zp6/Cqdp
zSPsezqlmhl1/SC8KN9bv2XCZdYE5Q4KJw/EELWK7UzlQoplptU4/6PtbjjfaVbD
Q025NpgY2lAkghF0vS3l/CNsPeHAMYH7SLz550UucgOu5ke0yZ65hw04uqJhztML
aDpZdTrNn7D8h/67DgdKndgzxsdRN9+JWr2jhgsWvmjJ/9VoGs6SRb+kzzhpms01
TTIalP/rZB1U31Cx2YjP3Sh//OCy/Hr6NSZvOok9+dBIU9cqGfuYB6SYL2+7KiVA
KId250AL/vRvULLIgjR8pX2IPObfP1loFwCttPIo0jA/ro1Bl7dN/rZ9cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIrjWQoMHP/D4o7qRX1z6hFvcdxMB8GA1UdIwQY
MBaAFC6nYm1gDa91k3amUH4daEOGmS0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHFkaWJXQU5yM1dUZHFaUWZoMW9RNGFaTFRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wZDZiNDctODE5MS00MWUyLTgxMTMt
NmU1NjIxMmNkZjVjLzEvVWl1TlpDZ3djXzhQaWp1cEZmWFBxRVc5eDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wZDZiNDctODE5MS00MWUyLTgxMTMtNmU1NjIxMmNkZjVj
LzEvTHFkaWJXQU5yM1dUZHFaUWZoMW9RNGFaTFRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUaoMA0G
CSqGSIb3DQEBCwUAA4IBAQBoV69Ehn0PsDmWaAaJiglfy2obdvbRe5TvI81MOkly
gTCvn6tQYecceNHsfeS4xTTWGR+Unksqlzy3A5b+/FV+VjbX4dFVDj3LqTCb/sSw
oGgkWmpgr1TyHjPM+dF8w9ROtImvfWIZrHc7ck4vifpMf91IpH689Ny+Ij5NHBrN
YjlIbGtY2fGQUPl2wJRDgK+LNsSUbo7cEPGtH1ESLU5iV9Y33ZFtYcegjBKTMj1n
d2jKTXOL+rMNoH02sHNtny+07d9YgkZ2fJSYOglElHwRKS6WuMRniD23e1lvbVwJ
sIc2seHlQU3u0Roy5wk8YRhiwFOjrUN/W3V/Shlw1ORm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:20 2024 by rpki-client on console-fra.rpki-client.org