Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/uy4LbtTfHipEhAP00RvoTKWW-zk.roa
File: uy4LbtTfHipEhAP00RvoTKWW-zk.roa (raw, json)
Hash identifier: 2Rc8qIgLryFXX6x7k/bSiom0Q6OuXwBoO3q9urODYE8=
Subject key identifier: BB:2E:0B:6E:D4:DF:1E:2A:44:84:03:F4:D1:1B:E8:4C:A5:96:FB:39
Certificate issuer: /CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Certificate serial: 018572E8066E79EA966496FD2A6757B6A610
Authority key identifier: A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/uy4LbtTfHipEhAP00RvoTKWW-zk.roa
Signing time: Mon 02 Jan 2023 14:34:46 +0000
ROA not before: Mon 02 Jan 2023 14:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208943
IP address blocks: 213.108.131.0/24 maxlen: 24
185.229.110.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:06:6e:79:ea:96:64:96:fd:2a:67:57:b6:a6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Validity
Not Before: Jan 2 14:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb2e0b6ed4df1e2a448403f4d11be84ca596fb39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6f:b2:fd:a6:19:ca:69:c4:1f:6d:3f:5a:60:
d4:ea:72:97:d8:1e:c1:f3:fe:a9:3a:50:aa:0e:d4:
5f:f0:3b:ce:5a:5c:bd:60:0d:88:02:36:b1:4a:b7:
fc:7e:31:90:36:03:24:22:f1:83:ed:51:3e:19:61:
d8:dd:82:6e:1f:dc:2b:15:a8:30:cb:5d:e5:a3:e6:
80:eb:1b:fc:d1:64:47:4e:1e:e7:8a:96:c3:38:ce:
d7:20:37:69:63:85:7d:ca:10:f7:fe:7d:fd:3e:20:
2e:06:c7:3d:6c:9d:59:c9:b4:04:80:c4:02:9d:fe:
5f:79:46:fe:89:cd:ac:01:45:48:2d:e2:1a:3b:26:
7c:ba:13:ae:30:93:ab:07:c6:63:8f:8c:7f:d3:38:
f2:66:74:3f:33:76:24:eb:57:ff:46:b7:df:10:98:
22:2a:28:7c:16:6c:ee:8b:fc:24:71:24:5d:d1:d9:
87:43:a0:f4:87:5e:ee:06:e7:64:08:d5:9c:1c:be:
33:ef:e4:4b:6b:13:4e:a4:0a:6b:e3:8f:72:5f:34:
19:63:23:e2:7b:e7:01:c2:ca:90:2a:89:15:59:5f:
74:e8:bd:69:58:77:5c:da:97:9d:c2:62:6c:f2:4c:
c1:4b:cc:b2:2c:ee:cf:a4:74:12:77:dc:37:2a:96:
c2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2E:0B:6E:D4:DF:1E:2A:44:84:03:F4:D1:1B:E8:4C:A5:96:FB:39
X509v3 Authority Key Identifier:
keyid:A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/uy4LbtTfHipEhAP00RvoTKWW-zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.110.0/24
213.108.131.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:97:f4:0b:d8:89:ed:9a:67:31:73:8e:66:34:d3:3c:a1:bd:
a7:23:38:7a:ae:f6:bd:f8:c7:7c:21:9a:88:75:6e:57:a5:a8:
20:d1:91:39:4b:b8:7b:a0:a4:a4:f0:2a:f9:94:38:62:07:04:
42:05:9e:a7:49:fa:36:7f:f7:ba:db:ac:cc:73:1a:b7:f7:46:
1c:dd:c1:fc:67:19:ac:cc:1f:9c:86:6b:e1:d2:8a:96:71:b6:
48:d9:d5:5c:7d:67:69:0a:6c:0d:8e:3e:b2:98:44:91:d8:a9:
66:2b:90:07:6f:fc:d1:4b:1f:50:f7:2a:c5:70:0b:8d:08:56:
f0:8e:8b:62:f7:2c:e8:18:6e:68:e0:95:cb:ea:b3:d9:92:3e:
07:16:e7:7b:7d:a3:c4:59:a4:39:b6:a5:77:d3:43:00:53:12:
f5:76:d0:bb:0b:d8:e4:53:af:56:7f:c3:e3:5e:01:96:84:29:
42:68:e6:bd:d6:ac:52:8e:cd:e9:f6:a6:1f:19:00:94:b4:fe:
e1:25:97:b9:5a:1c:c8:20:f7:3f:5f:93:9b:a8:99:81:63:3f:
60:52:3c:64:30:2f:14:1d:bc:80:c1:25:40:e5:9f:c4:12:1c:
42:41:07:aa:95:4f:63:ab:3f:31:55:c3:d6:46:5b:47:93:71:
48:41:02:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVy6AZueeqWZJb9KmdXtqYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZWM1N2JjODQ2NGZlYzJlOWExYjA5OGZmY2UzNGMyMWFh
ZjljYTYwHhcNMjMwMTAyMTQzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJlMGI2ZWQ0ZGYxZTJhNDQ4NDAzZjRkMTFiZTg0Y2E1OTZmYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG+y/aYZymnEH20/WmDU6nKX2B7B
8/6pOlCqDtRf8DvOWly9YA2IAjaxSrf8fjGQNgMkIvGD7VE+GWHY3YJuH9wrFagw
y13lo+aA6xv80WRHTh7nipbDOM7XIDdpY4V9yhD3/n39PiAuBsc9bJ1ZybQEgMQC
nf5feUb+ic2sAUVILeIaOyZ8uhOuMJOrB8Zjj4x/0zjyZnQ/M3Yk61f/RrffEJgi
Kih8Fmzui/wkcSRd0dmHQ6D0h17uBudkCNWcHL4z7+RLaxNOpApr449yXzQZYyPi
e+cBwsqQKokVWV906L1pWHdc2pedwmJs8kzBS8yyLO7PpHQSd9w3KpbCGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLsuC27U3x4qRIQD9NEb6Eyllvs5MB8GA1UdIwQY
MBaAFKnsV7yEZP7C6aGwmP/ONMIar5ymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMt
MTlhM2M1NjQ5YjU3LzEvdXk0TGJ0VGZIaXBFaEFQMDBSdm9US1dXLXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMtMTlhM2M1NjQ5YjU3
LzEvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueVuAwQA
1WyDMA0GCSqGSIb3DQEBCwUAA4IBAQCOl/QL2Intmmcxc45mNNM8ob2nIzh6rva9
+Md8IZqIdW5Xpagg0ZE5S7h7oKSk8Cr5lDhiBwRCBZ6nSfo2f/e626zMcxq390Yc
3cH8ZxmszB+chmvh0oqWcbZI2dVcfWdpCmwNjj6ymESR2KlmK5AHb/zRSx9Q9yrF
cAuNCFbwjoti9yzoGG5o4JXL6rPZkj4HFud7faPEWaQ5tqV300MAUxL1dtC7C9jk
U69Wf8PjXgGWhClCaOa91qxSjs3p9qYfGQCUtP7hJZe5WhzIIPc/X5ObqJmBYz9g
UjxkMC8UHbyAwSVA5Z/EEhxCQQeqlU9jqz8xVcPWRltHk3FIQQJu
-----END CERTIFICATE-----
Generated at Fri Aug 25 08:52:33 2023 by rpki-client on console-fra.rpki-client.org