Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Uvh-v0HvuXQla9qwXFMZJp02A_g.roa
File: Uvh-v0HvuXQla9qwXFMZJp02A_g.roa (raw, json)
Hash identifier: NOul3I8xdW5eMYFTw8GgZ9Q2z+bKPwkfxwOOQS69a5w=
Subject key identifier: 52:F8:7E:BF:41:EF:B9:74:25:6B:DA:B0:5C:53:19:26:9D:36:03:F8
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 01856ED4C6DB5B323ACC42599C3BD090457E
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Uvh-v0HvuXQla9qwXFMZJp02A_g.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1101
IP address blocks: 185.100.59.0/24 maxlen: 24
2001:67c:12d8::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c6:db:5b:32:3a:cc:42:59:9c:3b:d0:90:45:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52f87ebf41efb974256bdab05c5319269d3603f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6d:a1:87:5a:d1:ba:b1:4f:eb:e8:b1:81:89:
05:c8:4c:4e:ad:ed:d9:38:ff:03:7c:18:44:2b:47:
b5:2c:e9:e9:c3:8e:95:89:09:61:ec:8a:50:dc:0b:
5d:73:4b:5c:76:27:50:b7:33:2a:7f:87:77:de:ee:
15:f2:09:85:cd:11:14:32:6a:a3:b3:ff:07:42:51:
c1:3a:55:2e:d9:b8:fb:41:54:d0:0e:7e:87:85:59:
bc:4f:90:3a:cd:d7:df:62:c5:17:40:25:b4:d4:b4:
b5:7f:af:32:2d:2b:5e:a2:f2:97:04:c1:1f:6d:c6:
91:78:f0:13:85:f6:43:89:6f:f8:e8:48:78:26:91:
b4:cd:8a:9a:5a:26:2d:c7:ed:3f:f0:54:c9:2f:d1:
7c:a8:5c:51:ea:e2:a2:c9:01:97:5f:da:4e:20:c4:
19:ab:0c:4f:5a:d1:25:4b:29:95:fe:96:d8:44:59:
b1:12:12:94:c5:3d:40:22:34:1e:1b:d3:0d:50:d0:
e7:8f:d6:a9:9e:85:57:51:59:af:30:8e:69:16:cc:
a2:b4:49:3d:f3:6e:30:df:3f:10:fa:6e:a5:e1:5b:
b9:76:d7:4f:bc:75:4e:71:5c:25:59:6b:2c:44:fb:
05:d2:fa:8c:e3:b6:c7:a7:36:71:f8:ef:9a:88:4d:
d9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F8:7E:BF:41:EF:B9:74:25:6B:DA:B0:5C:53:19:26:9D:36:03:F8
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Uvh-v0HvuXQla9qwXFMZJp02A_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.59.0/24
IPv6:
2001:67c:12d8::/48
Signature Algorithm: sha256WithRSAEncryption
5b:0a:c0:7d:16:c6:f9:cd:f0:7e:5e:30:9d:f3:4d:d3:3b:b8:
2c:f0:36:fb:df:a5:98:e0:12:c7:fd:11:28:be:72:5e:5f:f2:
48:2d:b6:d0:47:51:25:2a:57:17:0e:ff:7f:f5:5b:c6:95:ce:
0f:15:29:c7:29:86:6b:65:ef:61:2f:82:7b:6d:42:cb:d7:67:
46:1e:ab:3b:2d:6a:4a:5a:de:6b:34:ca:65:53:e6:2a:31:4d:
29:a9:9b:7f:c2:98:fe:a3:8c:5c:9b:68:f8:4b:68:84:30:ce:
05:13:85:52:7f:53:a1:7a:ba:61:fb:4e:d1:61:48:ec:d9:d2:
2f:51:14:f3:5b:2d:48:d9:05:7b:11:48:ec:1d:5f:36:c6:11:
c6:ac:f3:b4:ac:82:0a:d0:9a:2d:45:05:b6:a0:15:3d:a2:e1:
3a:86:68:a9:ae:0c:b8:67:7e:41:b7:81:f2:0d:0d:a8:dc:c5:
fe:f7:ec:7c:c2:4d:f1:7d:1c:ce:61:71:26:04:4d:2c:52:5c:
30:f0:38:2a:e9:b3:a1:78:4e:59:fe:bf:9e:ec:02:1c:d9:45:
30:c6:42:52:fd:d9:9d:5c:0c:8b:6e:53:dd:72:a0:9e:1d:aa:
1b:c0:07:27:c5:7f:ec:24:14:b3:c8:ba:a6:19:a7:48:80:d4:
66:42:93:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVu1MbbWzI6zEJZnDvQkEV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmY4N2ViZjQxZWZiOTc0MjU2YmRhYjA1YzUzMTkyNjlkMzYwM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm2hh1rRurFP6+ixgYkFyExOre3Z
OP8DfBhEK0e1LOnpw46ViQlh7IpQ3Atdc0tcdidQtzMqf4d33u4V8gmFzREUMmqj
s/8HQlHBOlUu2bj7QVTQDn6HhVm8T5A6zdffYsUXQCW01LS1f68yLSteovKXBMEf
bcaRePAThfZDiW/46Eh4JpG0zYqaWiYtx+0/8FTJL9F8qFxR6uKiyQGXX9pOIMQZ
qwxPWtElSymV/pbYRFmxEhKUxT1AIjQeG9MNUNDnj9apnoVXUVmvMI5pFsyitEk9
824w3z8Q+m6l4Vu5dtdPvHVOcVwlWWssRPsF0vqM47bHpzZx+O+aiE3Z3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFL4fr9B77l0JWvasFxTGSadNgP4MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvVXZoLXYwSHZ1WFFsYTlxd1hGTVpKcDAyQV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWQ7MA8E
AgACMAkDBwAgAQZ8EtgwDQYJKoZIhvcNAQELBQADggEBAFsKwH0WxvnN8H5eMJ3z
TdM7uCzwNvvfpZjgEsf9ESi+cl5f8kgtttBHUSUqVxcO/3/1W8aVzg8VKccphmtl
72EvgnttQsvXZ0Yeqzstakpa3ms0ymVT5ioxTSmpm3/CmP6jjFybaPhLaIQwzgUT
hVJ/U6F6umH7TtFhSOzZ0i9RFPNbLUjZBXsRSOwdXzbGEcas87SsggrQmi1FBbag
FT2i4TqGaKmuDLhnfkG3gfINDajcxf737HzCTfF9HM5hcSYETSxSXDDwOCrps6F4
Tln+v57sAhzZRTDGQlL92Z1cDItuU91yoJ4dqhvAByfFf+wkFLPIuqYZp0iA1GZC
k2M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:50 2024 by rpki-client on console-ams.rpki-client.org