Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/403ddd-c2d5-4b54-973a-2b7a794d5795/1/uJ_Czx7KSjeKpcjkpm9oBEKl-e8.roa
File: uJ_Czx7KSjeKpcjkpm9oBEKl-e8.roa (raw, json)
Hash identifier: Yif78SWdqUKs1Ppm3aPD1/Uo3XyBNhqZB8UJYJxRf4g=
Subject key identifier: B8:9F:C2:CF:1E:CA:4A:37:8A:A5:C8:E4:A6:6F:68:04:42:A5:F9:EF
Certificate issuer: /CN=002434c73a0eea22c6e441072e93db77c7e8a2f1
Certificate serial: 01856EEFFA63B41F542350ECBD0BE856DED8
Authority key identifier: 00:24:34:C7:3A:0E:EA:22:C6:E4:41:07:2E:93:DB:77:C7:E8:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACQ0xzoO6iLG5EEHLpPbd8foovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/403ddd-c2d5-4b54-973a-2b7a794d5795/1/uJ_Czx7KSjeKpcjkpm9oBEKl-e8.roa
Signing time: Sun 01 Jan 2023 20:04:58 +0000
ROA not before: Sun 01 Jan 2023 20:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43366
IP address blocks: 217.21.192.0/20 maxlen: 24
185.12.144.0/22 maxlen: 24
91.194.224.0/23 maxlen: 24
185.37.124.0/22 maxlen: 24
2a00:8080::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:fa:63:b4:1f:54:23:50:ec:bd:0b:e8:56:de:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002434c73a0eea22c6e441072e93db77c7e8a2f1
Validity
Not Before: Jan 1 20:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b89fc2cf1eca4a378aa5c8e4a66f680442a5f9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:59:2b:1f:62:04:53:6d:13:6f:bd:cf:f4:88:
e8:6d:d4:27:2a:a8:db:fb:ab:2b:fa:54:c5:7c:95:
6b:92:ba:2a:54:94:76:ad:24:e7:9a:73:5f:5c:d2:
62:3c:0b:e1:47:c6:0c:79:3c:b4:af:e9:b4:5c:d1:
10:9f:f4:98:be:3f:d4:61:92:9e:ec:f2:a3:4a:c3:
60:b2:95:6c:fe:42:33:4c:2b:23:75:91:3a:1f:7d:
13:84:a1:10:00:43:0e:47:d4:3c:10:7e:e9:df:66:
d3:d9:14:97:8f:23:ee:09:22:2a:af:01:e7:43:a4:
21:77:87:68:18:ad:a7:7c:c2:e5:26:c7:19:9b:49:
d6:e4:38:55:ec:2e:d9:87:3f:2b:8e:65:84:c3:be:
04:98:b0:40:02:58:2b:c6:3b:1b:19:21:c5:0a:29:
a0:d0:b6:41:c2:29:5f:52:a4:23:73:e4:08:e9:df:
7a:96:e7:0b:43:cd:34:a3:f3:12:8a:b0:e4:e6:ef:
6e:c9:a9:61:6b:d2:1a:ff:65:52:ed:2a:85:36:3c:
4f:1f:e5:ae:90:89:fa:10:d0:61:89:0e:ff:d6:03:
b3:53:6b:de:06:dd:8a:23:85:ab:41:bc:81:41:6e:
3d:0f:16:11:9a:2a:60:3f:69:04:79:b3:8c:c8:86:
d8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9F:C2:CF:1E:CA:4A:37:8A:A5:C8:E4:A6:6F:68:04:42:A5:F9:EF
X509v3 Authority Key Identifier:
keyid:00:24:34:C7:3A:0E:EA:22:C6:E4:41:07:2E:93:DB:77:C7:E8:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACQ0xzoO6iLG5EEHLpPbd8foovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/403ddd-c2d5-4b54-973a-2b7a794d5795/1/uJ_Czx7KSjeKpcjkpm9oBEKl-e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/403ddd-c2d5-4b54-973a-2b7a794d5795/1/ACQ0xzoO6iLG5EEHLpPbd8foovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.224.0/23
185.12.144.0/22
185.37.124.0/22
217.21.192.0/20
IPv6:
2a00:8080::/32
Signature Algorithm: sha256WithRSAEncryption
29:b8:b2:82:20:3b:01:5e:b8:3b:6f:39:cb:34:a0:07:02:22:
eb:b9:f9:82:92:8b:f4:a2:3f:d6:89:79:31:b1:36:6e:00:82:
43:2f:42:ac:e7:4b:69:18:d1:9d:3f:c8:9d:97:2f:f9:6b:bf:
36:b9:e5:ae:96:a0:cf:fb:b8:70:8a:2b:d7:f6:ac:98:3d:9b:
a3:c5:0d:25:b9:ec:95:6b:17:7b:d4:1d:67:32:be:77:dd:f3:
5f:dd:66:5e:f5:9e:6f:9a:81:d9:0f:2a:5e:05:75:1b:f6:2e:
4f:04:04:75:e8:83:63:bb:3d:39:55:db:75:15:48:08:d4:7e:
80:99:99:60:cc:b0:3d:bf:b7:43:56:ab:32:cb:48:b5:7a:a5:
74:95:6f:4c:d8:24:70:e3:3c:21:0d:3b:56:e1:e6:42:de:34:
84:c7:ef:28:37:76:97:e1:ec:2e:5d:55:9e:bc:4d:04:a3:30:
16:49:e9:64:76:2f:7d:a1:d3:93:7c:c5:fd:ab:90:16:39:cb:
72:d9:ea:e6:cd:a6:36:90:ae:ba:65:c9:cb:f5:c0:14:b4:a2:
7a:9f:5b:02:b6:cb:74:b8:b9:0c:6b:08:44:7f:bd:08:f1:28:
c7:3d:48:6b:6c:1b:96:1f:3b:ef:10:8f:8a:f8:d0:bd:68:96:
5e:c9:2d:e0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVu7/pjtB9UI1DsvQvoVt7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjQzNGM3M2EwZWVhMjJjNmU0NDEwNzJlOTNkYjc3Yzdl
OGEyZjEwHhcNMjMwMTAxMjAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODlmYzJjZjFlY2E0YTM3OGFhNWM4ZTRhNjZmNjgwNDQyYTVmOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1krH2IEU20Tb73P9IjobdQnKqjb
+6sr+lTFfJVrkroqVJR2rSTnmnNfXNJiPAvhR8YMeTy0r+m0XNEQn/SYvj/UYZKe
7PKjSsNgspVs/kIzTCsjdZE6H30ThKEQAEMOR9Q8EH7p32bT2RSXjyPuCSIqrwHn
Q6Qhd4doGK2nfMLlJscZm0nW5DhV7C7Zhz8rjmWEw74EmLBAAlgrxjsbGSHFCimg
0LZBwilfUqQjc+QI6d96lucLQ800o/MSirDk5u9uyalha9Ia/2VS7SqFNjxPH+Wu
kIn6ENBhiQ7/1gOzU2veBt2KI4WrQbyBQW49DxYRmipgP2kEebOMyIbYcQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLifws8eyko3iqXI5KZvaARCpfnvMB8GA1UdIwQY
MBaAFAAkNMc6DuoixuRBBy6T23fH6KLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNRMHh6b082aUxHNUVFSExwUGJkOGZvb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi80MDNkZGQtYzJkNS00YjU0LTk3M2Et
MmI3YTc5NGQ1Nzk1LzEvdUpfQ3p4N0tTamVLcGNqa3BtOW9CRUtsLWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi80MDNkZGQtYzJkNS00YjU0LTk3M2EtMmI3YTc5NGQ1Nzk1
LzEvQUNRMHh6b082aUxHNUVFSExwUGJkOGZvb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8LgAwQC
uQyQAwQCuSV8AwQE2RXAMA0EAgACMAcDBQAqAICAMA0GCSqGSIb3DQEBCwUAA4IB
AQApuLKCIDsBXrg7bznLNKAHAiLrufmCkov0oj/WiXkxsTZuAIJDL0Ks50tpGNGd
P8idly/5a782ueWulqDP+7hwiivX9qyYPZujxQ0lueyVaxd71B1nMr533fNf3WZe
9Z5vmoHZDypeBXUb9i5PBAR16INjuz05Vdt1FUgI1H6AmZlgzLA9v7dDVqsyy0i1
eqV0lW9M2CRw4zwhDTtW4eZC3jSEx+8oN3aX4ewuXVWevE0EozAWSelkdi99odOT
fMX9q5AWOcty2ermzaY2kK66ZcnL9cAUtKJ6n1sCtst0uLkMawhEf70I8SjHPUhr
bBuWHzvvEI+K+NC9aJZeyS3g
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:13 2024 by rpki-client on console-fra.rpki-client.org