Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/UNcD5_7zPR0f0vlXz-CsmtUJQ1A.roa
File: UNcD5_7zPR0f0vlXz-CsmtUJQ1A.roa (raw, json)
Hash identifier: uALKWuaSORmZqPXUr0pmNDGfj3jCETvd2xgK/abTPSk=
Subject key identifier: 50:D7:03:E7:FE:F3:3D:1D:1F:D2:F9:57:CF:E0:AC:9A:D5:09:43:50
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 018570B0AADCD10FF943A97F74308BCB004C
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/UNcD5_7zPR0f0vlXz-CsmtUJQ1A.roa
Signing time: Mon 02 Jan 2023 04:15:04 +0000
ROA not before: Mon 02 Jan 2023 04:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1120
IP address blocks: 193.171.255.0/24 maxlen: 24
193.170.120.96/28 maxlen: 28
193.171.3.0/24 maxlen: 24
78.104.145.0/24 maxlen: 24
2001:628:2000::/48 maxlen: 48
2001:628:453::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:aa:dc:d1:0f:f9:43:a9:7f:74:30:8b:cb:00:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 2 04:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50d703e7fef33d1d1fd2f957cfe0ac9ad5094350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9a:5a:66:3c:13:60:18:a7:4b:9b:94:88:6c:
d9:8a:93:ca:5b:e5:a6:ae:00:e8:6d:9f:4f:c6:1e:
b7:fa:86:00:95:24:e0:71:10:e8:3f:df:e9:d7:3b:
70:c6:9a:81:c1:2d:5b:49:c4:0d:b0:90:95:03:fc:
9b:7b:81:30:37:fa:ff:cb:6a:96:95:96:d8:2f:f3:
8f:80:a2:9e:4f:8b:6c:48:59:7c:8b:7a:af:44:c9:
0e:61:06:24:0c:b7:7b:f8:fa:d6:6b:2e:0c:83:0a:
54:1a:60:85:13:51:d4:fa:92:15:a1:32:8f:22:c6:
c1:81:f2:da:34:0e:ab:7b:a0:16:5d:c9:ec:43:b0:
0b:83:32:a3:9a:8b:bb:18:bc:2a:b6:79:1a:cd:bc:
17:d0:1c:ab:f0:03:64:32:32:a8:6c:b0:27:f6:bc:
85:f2:41:58:bd:6c:a0:af:b0:6e:01:59:5c:8f:ab:
86:d2:6a:8f:7b:8c:88:db:79:21:54:68:d8:22:7b:
a1:b1:a6:18:12:fe:38:af:4a:30:1a:33:fa:6b:ac:
85:73:71:55:cc:1c:f7:70:2d:6e:cf:f8:2a:3c:76:
40:1e:d6:9f:31:d3:01:bf:82:24:31:75:72:4f:b3:
fb:86:16:40:fa:28:aa:dc:53:9f:35:92:09:67:79:
f7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D7:03:E7:FE:F3:3D:1D:1F:D2:F9:57:CF:E0:AC:9A:D5:09:43:50
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/UNcD5_7zPR0f0vlXz-CsmtUJQ1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.104.145.0/24
193.170.120.96/28
193.171.3.0/24
193.171.255.0/24
IPv6:
2001:628:453::/48
2001:628:2000::/48
Signature Algorithm: sha256WithRSAEncryption
40:92:71:6b:48:c2:02:83:d3:27:0e:fe:c7:55:c4:a1:4d:95:
aa:02:5f:a7:56:fc:92:36:09:e0:15:b3:40:b8:81:e4:3c:ae:
fb:eb:ca:64:f7:5b:26:fe:cc:34:33:43:51:23:47:36:6b:d7:
03:cd:6b:84:e0:63:d5:35:b9:6b:0c:b2:69:0a:02:5a:c9:1a:
4c:f9:3f:9a:9a:c0:41:29:88:da:3e:91:15:f8:e7:c0:af:05:
f1:b8:e2:63:6b:01:e2:12:18:76:b0:f5:b5:29:9b:21:29:e3:
92:43:3f:17:2b:c8:53:5c:28:0a:61:a2:b9:9d:a3:cb:9c:b5:
f7:d6:02:19:78:28:6e:63:74:ad:c2:e7:50:de:0e:f8:74:74:
e4:42:64:ad:79:41:35:9d:3d:00:34:1a:a9:7c:dd:1d:cc:1a:
56:9a:d2:9f:4c:5b:4a:74:d5:df:26:a4:c3:86:6e:df:ba:9d:
6d:ad:8a:b8:c1:c4:fb:53:d9:bb:00:d1:7d:9f:fa:be:4e:53:
5c:2a:eb:89:de:45:a9:28:86:17:7b:b1:a1:4a:ce:c9:56:d3:
1a:a1:06:cd:5c:73:6f:e0:38:03:83:05:21:06:78:bf:3b:8d:
95:5e:41:e6:5e:e9:f9:5b:9a:33:39:e4:1a:24:d7:ae:d3:7a:
03:7c:ff:f4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVwsKrc0Q/5Q6l/dDCLywBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjMwMTAyMDQxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQ3MDNlN2ZlZjMzZDFkMWZkMmY5NTdjZmUwYWM5YWQ1MDk0MzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjppaZjwTYBinS5uUiGzZipPKW+Wm
rgDobZ9Pxh63+oYAlSTgcRDoP9/p1ztwxpqBwS1bScQNsJCVA/ybe4EwN/r/y2qW
lZbYL/OPgKKeT4tsSFl8i3qvRMkOYQYkDLd7+PrWay4MgwpUGmCFE1HU+pIVoTKP
IsbBgfLaNA6re6AWXcnsQ7ALgzKjmou7GLwqtnkazbwX0Byr8ANkMjKobLAn9ryF
8kFYvWygr7BuAVlcj6uG0mqPe4yI23khVGjYInuhsaYYEv44r0owGjP6a6yFc3FV
zBz3cC1uz/gqPHZAHtafMdMBv4IkMXVyT7P7hhZA+iiq3FOfNZIJZ3n3uQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFDXA+f+8z0dH9L5V8/grJrVCUNQMB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEvVU5jRDVfN3pQUjBmMHZsWHotQ3NtdFVKUTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAfBAIAATAZAwQATmiRAwUE
wap4YAMEAMGrAwMEAMGr/zAYBAIAAjASAwcAIAEGKARTAwcAIAEGKCAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBAknFrSMICg9MnDv7HVcShTZWqAl+nVvySNgngFbNAuIHk
PK7768pk91sm/sw0M0NRI0c2a9cDzWuE4GPVNblrDLJpCgJayRpM+T+amsBBKYja
PpEV+OfArwXxuOJjawHiEhh2sPW1KZshKeOSQz8XK8hTXCgKYaK5naPLnLX31gIZ
eChuY3StwudQ3g74dHTkQmSteUE1nT0ANBqpfN0dzBpWmtKfTFtKdNXfJqTDhm7f
up1trYq4wcT7U9m7ANF9n/q+TlNcKuuJ3kWpKIYXe7GhSs7JVtMaoQbNXHNv4DgD
gwUhBni/O42VXkHmXun5W5ozOeQaJNeu03oDfP/0
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:10 2024 by rpki-client on console-fra.rpki-client.org