Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/uPeuZ2MBwAgXNqmAHrVzH8uedPs.roa
File: uPeuZ2MBwAgXNqmAHrVzH8uedPs.roa (raw, json)
Hash identifier: iFER5GGfFv6KLkxSdg/5SrlKICBq8vM/bdGUCnFDOAA=
Subject key identifier: B8:F7:AE:67:63:01:C0:08:17:36:A9:80:1E:B5:73:1F:CB:9E:74:FB
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018AF612861434C0D0BF4190021A8636AC8F
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/uPeuZ2MBwAgXNqmAHrVzH8uedPs.roa
Signing time: Tue 03 Oct 2023 15:05:23 +0000
ROA not before: Tue 03 Oct 2023 15:05:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 168.199.212.0/22 maxlen: 24
147.136.68.0/22 maxlen: 24
147.136.76.0/22 maxlen: 24
147.136.84.0/22 maxlen: 24
168.199.128.0/22 maxlen: 24
168.199.160.0/22 maxlen: 24
185.101.244.0/23 maxlen: 24
185.101.246.0/23 maxlen: 24
168.199.192.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:12:86:14:34:c0:d0:bf:41:90:02:1a:86:36:ac:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Oct 3 15:05:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8f7ae676301c0081736a9801eb5731fcb9e74fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:59:4c:9c:ac:3b:71:6f:4d:77:cc:2b:bc:89:
6c:48:c7:91:43:cc:cc:e1:91:2b:4c:40:66:2e:29:
f9:fc:19:77:d5:9e:4f:8f:d4:63:87:c2:c8:28:93:
63:bc:b6:21:75:49:cf:8a:b1:39:22:78:cc:9c:64:
c1:46:a2:69:1b:0d:2a:37:a6:98:7d:bb:ed:ce:54:
ee:e4:05:69:c8:a8:16:86:fb:1e:7a:30:23:6e:38:
ca:3e:59:4d:0b:ff:a0:fc:53:55:ed:02:23:af:4f:
08:46:f5:e9:d3:2a:c9:21:65:3d:f9:e6:79:19:f1:
3b:0f:34:fa:ec:56:0c:c0:cb:ef:6a:7a:58:72:dc:
24:a8:a9:26:ee:7b:c4:12:9d:cc:8a:2d:94:07:97:
a5:64:fc:28:96:71:e3:c8:cb:1a:e4:55:38:7b:b1:
41:8b:1a:bb:55:cf:ec:ce:fd:d6:61:15:78:73:47:
a1:0a:15:83:ce:51:50:ea:78:9b:5c:94:75:03:f7:
3e:d3:f8:f8:02:a5:b4:7d:d6:1d:58:a2:3f:eb:10:
57:49:52:e5:7e:14:ea:48:9a:2d:c1:ce:b1:54:9c:
25:45:23:0c:c4:ce:e0:62:13:1c:ca:15:4b:85:3e:
1a:1b:da:54:60:28:7f:b0:57:1e:53:c6:e4:34:74:
13:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F7:AE:67:63:01:C0:08:17:36:A9:80:1E:B5:73:1F:CB:9E:74:FB
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/uPeuZ2MBwAgXNqmAHrVzH8uedPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.68.0/22
147.136.76.0/22
147.136.84.0/22
168.199.128.0/22
168.199.160.0/22
168.199.192.0/22
168.199.212.0/22
185.101.244.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:e7:8b:18:85:32:f9:c0:4e:bb:70:ab:d1:62:45:6f:f9:f1:
e5:9b:90:13:2e:c1:ad:1e:25:fd:6b:34:fd:8f:df:6f:a9:8f:
b5:3f:16:9a:4b:ae:cc:e6:3e:13:bf:81:70:f2:7d:07:77:a5:
6e:59:d9:d7:5a:21:8f:ad:f8:ce:3e:99:7d:a7:1d:4c:14:ef:
99:91:5a:6b:a7:ff:89:d1:f7:fe:a4:d4:ba:38:2d:16:fe:2c:
3f:97:8e:b6:d3:c9:4f:cd:5d:20:ec:05:91:ae:5b:38:52:c8:
79:b2:a1:35:da:b0:31:df:53:77:4c:7d:dc:b1:1b:f4:b0:34:
b2:f3:b6:56:64:af:61:7f:65:c7:a5:f5:d5:a2:dc:a7:18:da:
1f:28:b9:d8:5d:3c:f4:36:8c:db:39:71:74:f7:0c:6b:a1:a2:
47:f6:5d:7d:15:02:02:e2:04:55:49:df:d6:d2:ec:03:37:22:
24:65:55:6e:97:b8:20:20:db:ad:a3:8d:a7:3d:ce:a5:84:63:
8e:e4:d1:13:7d:42:b7:ea:7a:aa:00:16:21:63:da:56:a4:9c:
40:c8:9d:ec:cd:fb:27:32:ea:66:d1:ae:35:e2:1f:0d:73:d6:
2f:7c:aa:53:4a:92:79:8d:c4:e3:e1:2e:69:30:62:b9:aa:a0:
47:e8:37:4d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYr2EoYUNMDQv0GQAhqGNqyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMxMDAzMTUwNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGY3YWU2NzYzMDFjMDA4MTczNmE5ODAxZWI1NzMxZmNiOWU3NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkllMnKw7cW9Nd8wrvIlsSMeRQ8zM
4ZErTEBmLin5/Bl31Z5Pj9Rjh8LIKJNjvLYhdUnPirE5InjMnGTBRqJpGw0qN6aY
fbvtzlTu5AVpyKgWhvseejAjbjjKPllNC/+g/FNV7QIjr08IRvXp0yrJIWU9+eZ5
GfE7DzT67FYMwMvvanpYctwkqKkm7nvEEp3Mii2UB5elZPwolnHjyMsa5FU4e7FB
ixq7Vc/szv3WYRV4c0ehChWDzlFQ6nibXJR1A/c+0/j4AqW0fdYdWKI/6xBXSVLl
fhTqSJotwc6xVJwlRSMMxM7gYhMcyhVLhT4aG9pUYCh/sFceU8bkNHQTdQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLj3rmdjAcAIFzapgB61cx/LnnT7MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvdVBldVoyTUJ3QWdYTnFtQUhyVnpIOHVlZFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCk4hEAwQC
k4hMAwQCk4hUAwQCqMeAAwQCqMegAwQCqMfAAwQCqMfUAwQCuWX0MA0GCSqGSIb3
DQEBCwUAA4IBAQAd54sYhTL5wE67cKvRYkVv+fHlm5ATLsGtHiX9azT9j99vqY+1
PxaaS67M5j4Tv4Fw8n0Hd6VuWdnXWiGPrfjOPpl9px1MFO+ZkVprp/+J0ff+pNS6
OC0W/iw/l46208lPzV0g7AWRrls4Ush5sqE12rAx31N3TH3csRv0sDSy87ZWZK9h
f2XHpfXVotynGNofKLnYXTz0NozbOXF09wxroaJH9l19FQIC4gRVSd/W0uwDNyIk
ZVVul7ggINuto42nPc6lhGOO5NETfUK36nqqABYhY9pWpJxAyJ3szfsnMupm0a41
4h8Nc9YvfKpTSpJ5jcTj4S5pMGK5qqBH6DdN
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:59 2024 by rpki-client on console-fra.rpki-client.org