Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/50UveVaeKF9Nt1xhIuKQ-28VES8.roa
File: 50UveVaeKF9Nt1xhIuKQ-28VES8.roa (raw, json)
Hash identifier: yg/dWn9q0I3XD/qrJwd+xv8TlRUne6m82TP7U11yjrg=
Subject key identifier: E7:45:2F:79:56:9E:28:5F:4D:B7:5C:61:22:E2:90:FB:6F:15:11:2F
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D6641155E8A61A6FB71540F925D7CD4
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/50UveVaeKF9Nt1xhIuKQ-28VES8.roa
Signing time: Sun 01 Jan 2023 12:54:55 +0000
ROA not before: Sun 01 Jan 2023 12:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31197
IP address blocks: 83.133.184.0/21 maxlen: 21
81.209.144.0/22 maxlen: 22
83.125.12.0/22 maxlen: 22
81.209.179.0/24 maxlen: 24
81.209.185.0/24 maxlen: 24
82.197.138.0/24 maxlen: 24
81.209.200.0/23 maxlen: 23
82.197.152.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:41:15:5e:8a:61:a6:fb:71:54:0f:92:5d:7c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7452f79569e285f4db75c6122e290fb6f15112f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e6:54:5c:f0:86:24:fe:eb:9c:b5:a6:9c:b4:
1d:5b:05:c9:71:7b:3c:d3:ee:4b:eb:64:b5:f8:e2:
f6:41:3f:c7:e8:3c:fc:5d:6d:a4:29:38:3e:06:5e:
0f:73:a4:eb:47:45:4e:5d:f0:7c:70:81:31:55:69:
2b:f2:5e:e0:b8:63:f7:5b:52:65:22:4c:d5:66:26:
22:68:cf:44:b5:06:d0:a4:9f:79:f0:93:61:f1:e0:
2b:8a:c2:23:b2:e5:78:c7:24:e7:2b:1f:1e:71:94:
90:09:19:7a:30:e0:61:21:77:15:60:cb:5b:09:ac:
d2:19:f6:0e:01:8a:f7:c1:b2:69:30:ac:71:2d:36:
e0:e6:7b:2a:fb:39:9a:5f:4a:00:a4:70:51:ec:da:
be:c5:6d:5b:0b:5a:71:01:d3:eb:26:4a:9c:6d:31:
d2:c4:b0:6e:02:c5:11:ee:4a:31:35:e5:39:8b:59:
f7:92:a7:01:3a:c0:41:44:e2:2b:e6:75:1e:25:b6:
0d:e2:41:8b:11:dd:ca:c1:bd:87:32:6d:a5:2c:7b:
fa:38:fa:d3:81:3c:70:be:7b:2a:48:ea:0a:63:cc:
05:2a:db:08:92:9f:46:c4:e2:7c:b2:c9:e3:47:47:
ef:4d:13:9c:7b:33:93:aa:63:ba:0a:8c:c3:79:88:
55:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:45:2F:79:56:9E:28:5F:4D:B7:5C:61:22:E2:90:FB:6F:15:11:2F
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/50UveVaeKF9Nt1xhIuKQ-28VES8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.209.144.0/22
81.209.179.0/24
81.209.185.0/24
81.209.200.0/23
82.197.138.0/24
82.197.152.0/21
83.125.12.0/22
83.133.184.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:25:7b:69:a8:a0:69:75:7a:13:a2:bc:bc:13:7c:38:9f:e1:
3c:26:87:73:13:23:2d:b3:8d:cb:57:89:23:96:a9:35:1d:f0:
26:c7:d8:6f:34:5c:88:68:69:2a:ee:5c:21:65:81:09:8c:44:
51:53:8d:dc:5b:8a:f7:66:83:11:18:79:25:fe:ac:48:f6:b2:
a6:d2:4a:5a:db:8e:25:44:97:48:af:b3:d5:c9:9f:53:b1:53:
78:7a:8c:41:27:be:03:c4:b5:dd:67:17:31:95:0e:f9:25:57:
b6:a5:27:2d:12:e8:bd:03:ee:9e:3c:d0:50:ca:01:ed:ba:e9:
2a:6b:fd:3f:86:8a:7f:52:f2:86:cd:81:9d:13:cc:62:a5:d6:
09:4c:99:a5:54:b5:30:9f:7a:5b:6b:97:eb:6f:69:55:3e:08:
3b:ed:a4:5b:4a:04:46:0b:21:58:9c:44:72:b1:18:46:35:c7:
8a:f0:7d:46:b5:30:b7:d8:23:cf:54:7f:7b:a2:06:50:5d:1e:
c8:73:09:c0:83:8d:76:9f:8a:5d:5e:3d:bb:9f:2e:cc:90:40:
ba:49:39:e0:a3:fc:d1:53:91:2c:5a:5a:ab:2c:01:34:35:eb:
10:34:d5:d7:b2:d9:82:b5:d0:71:1d:58:46:e0:05:5a:fe:1c:
dc:2c:6b:9e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVtZkEVXophpvtxVA+SXXzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQ1MmY3OTU2OWUyODVmNGRiNzVjNjEyMmUyOTBmYjZmMTUxMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheZUXPCGJP7rnLWmnLQdWwXJcXs8
0+5L62S1+OL2QT/H6Dz8XW2kKTg+Bl4Pc6TrR0VOXfB8cIExVWkr8l7guGP3W1Jl
IkzVZiYiaM9EtQbQpJ958JNh8eArisIjsuV4xyTnKx8ecZSQCRl6MOBhIXcVYMtb
CazSGfYOAYr3wbJpMKxxLTbg5nsq+zmaX0oApHBR7Nq+xW1bC1pxAdPrJkqcbTHS
xLBuAsUR7koxNeU5i1n3kqcBOsBBROIr5nUeJbYN4kGLEd3Kwb2HMm2lLHv6OPrT
gTxwvnsqSOoKY8wFKtsIkp9GxOJ8ssnjR0fvTROcezOTqmO6CozDeYhVlQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOdFL3lWnihfTbdcYSLikPtvFREvMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvNTBVdmVWYWVLRjlOdDF4aEl1S1EtMjhWRVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCUdGQAwQA
UdGzAwQAUdG5AwQBUdHIAwQAUsWKAwQDUsWYAwQCU30MAwQDU4W4MA0GCSqGSIb3
DQEBCwUAA4IBAQBaJXtpqKBpdXoTory8E3w4n+E8JodzEyMts43LV4kjlqk1HfAm
x9hvNFyIaGkq7lwhZYEJjERRU43cW4r3ZoMRGHkl/qxI9rKm0kpa244lRJdIr7PV
yZ9TsVN4eoxBJ74DxLXdZxcxlQ75JVe2pSctEui9A+6ePNBQygHtuukqa/0/hop/
UvKGzYGdE8xipdYJTJmlVLUwn3pba5frb2lVPgg77aRbSgRGCyFYnERysRhGNceK
8H1GtTC32CPPVH97ogZQXR7IcwnAg412n4pdXj27ny7MkEC6STngo/zRU5EsWlqr
LAE0NesQNNXXstmCtdBxHVhG4AVa/hzcLGue
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:13 2024 by rpki-client on console-fra.rpki-client.org