Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/Ukn9TYq9v8t9jkhu1VzPYOfhTUU.roa
File: Ukn9TYq9v8t9jkhu1VzPYOfhTUU.roa (raw, json)
Hash identifier: 75lMYq4S1sFIMJGn51cbNVp/dTja+05kYVGsa4LJr9Y=
Subject key identifier: 52:49:FD:4D:8A:BD:BF:CB:7D:8E:48:6E:D5:5C:CF:60:E7:E1:4D:45
Certificate issuer: /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial: 01856E0207C58A3ECE6A3D3B45559DEDDE18
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/Ukn9TYq9v8t9jkhu1VzPYOfhTUU.roa
Signing time: Sun 01 Jan 2023 15:45:04 +0000
ROA not before: Sun 01 Jan 2023 15:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.43.192.0/24 maxlen: 24
185.43.195.0/24 maxlen: 24
185.43.194.0/24 maxlen: 24
185.43.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:02:07:c5:8a:3e:ce:6a:3d:3b:45:55:9d:ed:de:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Validity
Not Before: Jan 1 15:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5249fd4d8abdbfcb7d8e486ed55ccf60e7e14d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:30:64:6d:2a:5c:83:28:32:2c:c4:b4:de:36:
93:63:c5:2a:e6:ac:10:12:47:cc:c4:0e:00:02:5d:
32:7a:01:9e:bf:e4:0d:0c:fd:76:cb:2c:56:27:3e:
b9:8c:66:44:e7:ca:92:03:0d:da:16:d7:6b:14:e6:
0a:1c:50:db:17:34:c0:e9:70:e9:20:ec:6f:a0:6f:
5d:f8:07:5e:00:8f:70:bf:b2:2d:c1:2d:9e:04:fc:
3c:81:85:7d:b7:76:6c:2c:2e:41:a2:ed:47:ff:7d:
87:e3:59:bd:65:e2:d4:d2:d0:ee:bb:ef:00:ae:1d:
97:78:b4:89:56:d6:2b:29:cb:4d:09:b5:2b:05:9d:
68:ec:87:c3:ef:96:72:30:d8:de:54:e9:c1:50:1e:
5b:ac:e2:1a:b6:ab:e4:a6:da:55:b6:e7:28:4d:b0:
ee:81:10:9d:0f:c0:7b:ba:ea:50:52:26:1c:65:d1:
18:4d:6e:61:d6:41:96:d9:2d:55:7b:32:8a:78:f3:
99:71:1a:2a:95:12:c7:21:84:5f:d3:8e:8b:e0:53:
7e:fa:2b:5a:42:46:69:25:f8:43:c6:f5:1c:50:7c:
b1:fc:30:96:27:18:36:79:a9:e0:a1:03:92:6e:2a:
29:f5:59:1f:4c:7b:59:72:81:a4:a6:83:fc:4b:26:
24:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:49:FD:4D:8A:BD:BF:CB:7D:8E:48:6E:D5:5C:CF:60:E7:E1:4D:45
X509v3 Authority Key Identifier:
keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/Ukn9TYq9v8t9jkhu1VzPYOfhTUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.192.0/22
Signature Algorithm: sha256WithRSAEncryption
45:66:e5:8f:c0:a6:8d:7f:c7:bf:99:12:9a:c9:90:e7:46:ae:
59:82:97:5f:96:5a:66:91:51:af:1a:71:1c:a6:32:6e:7b:23:
b8:9b:eb:be:46:2d:88:9d:cd:31:e3:27:84:f4:b8:9e:f2:37:
57:3f:57:f4:53:1d:c3:79:7c:59:38:67:e6:aa:20:f4:e2:63:
dd:84:ff:91:71:ff:fd:f5:06:d2:23:92:8f:fe:ee:11:2b:1e:
9f:c5:38:df:af:bc:f5:c5:4e:ba:b0:7f:8c:e3:e1:e4:1d:f5:
64:b4:86:6b:52:9e:42:f0:26:84:4c:bc:20:2d:4b:d3:dd:b2:
2a:0c:61:b0:c4:4a:42:4c:12:f0:88:b3:71:13:d6:f0:42:34:
b8:5d:60:80:ab:fa:b5:2b:f8:d9:01:7d:a0:68:b3:6b:5f:2a:
ad:87:8a:fc:94:53:f9:ee:5d:87:4f:a7:ac:a0:f5:7f:56:b3:
47:00:d8:af:24:00:f8:20:4f:a6:93:09:5b:ab:c1:ab:0c:90:
fb:f8:fc:9c:30:cc:8a:69:2b:f2:76:26:1c:bc:2b:44:9b:ef:
7c:13:d9:5e:c0:3f:ef:65:cb:71:dd:10:5e:fc:48:f0:f7:1d:
d1:5e:be:e2:6d:ff:2c:b5:30:f4:50:72:a5:74:cf:7b:d6:1d:
b3:7c:2d:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAgfFij7Oaj07RVWd7d4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDI3MjFmMmUyYmQwMTFiOGE2ODYwYWQyNTcyYzQwNWMw
YjU0MGYwHhcNMjMwMTAxMTU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ5ZmQ0ZDhhYmRiZmNiN2Q4ZTQ4NmVkNTVjY2Y2MGU3ZTE0ZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDBkbSpcgygyLMS03jaTY8Uq5qwQ
EkfMxA4AAl0yegGev+QNDP12yyxWJz65jGZE58qSAw3aFtdrFOYKHFDbFzTA6XDp
IOxvoG9d+AdeAI9wv7ItwS2eBPw8gYV9t3ZsLC5Bou1H/32H41m9ZeLU0tDuu+8A
rh2XeLSJVtYrKctNCbUrBZ1o7IfD75ZyMNjeVOnBUB5brOIatqvkptpVtucoTbDu
gRCdD8B7uupQUiYcZdEYTW5h1kGW2S1VezKKePOZcRoqlRLHIYRf046L4FN++ita
QkZpJfhDxvUcUHyx/DCWJxg2eangoQOSbiop9VkfTHtZcoGkpoP8SyYkdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJJ/U2Kvb/LfY5IbtVcz2Dn4U1FMB8GA1UdIwQY
MBaAFOnSch8uK9ARuKaGCtJXLEBcC1QPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTkt
YzQ1OTAzYzNiMzI5LzEvVWtuOVRZcTl2OHQ5amtodTFWelBZT2ZoVFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTktYzQ1OTAzYzNiMzI5
LzEvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSvAMA0G
CSqGSIb3DQEBCwUAA4IBAQBFZuWPwKaNf8e/mRKayZDnRq5ZgpdfllpmkVGvGnEc
pjJueyO4m+u+Ri2Inc0x4yeE9Lie8jdXP1f0Ux3DeXxZOGfmqiD04mPdhP+Rcf/9
9QbSI5KP/u4RKx6fxTjfr7z1xU66sH+M4+HkHfVktIZrUp5C8CaETLwgLUvT3bIq
DGGwxEpCTBLwiLNxE9bwQjS4XWCAq/q1K/jZAX2gaLNrXyqth4r8lFP57l2HT6es
oPV/VrNHANivJAD4IE+mkwlbq8GrDJD7+PycMMyKaSvydiYcvCtEm+98E9lewD/v
Zctx3RBe/Ejw9x3RXr7ibf8stTD0UHKldM971h2zfC2v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:55 2024 by rpki-client on console-fra.rpki-client.org