Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/UswrpkoIiA6rBaS9rxd1_U3BKjo.roa
File: UswrpkoIiA6rBaS9rxd1_U3BKjo.roa (raw, json)
Hash identifier: o81qBQ1Adbda6RPIzq99mjDfLjX9m5ILtM6vja/RuIY=
Subject key identifier: 52:CC:2B:A6:4A:08:88:0E:AB:05:A4:BD:AF:17:75:FD:4D:C1:2A:3A
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018B02997B1FDDC4D5211AF75A91F1D6FEFE
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/UswrpkoIiA6rBaS9rxd1_U3BKjo.roa
Signing time: Fri 06 Oct 2023 01:28:14 +0000
ROA not before: Fri 06 Oct 2023 01:28:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4637
IP address blocks: 193.82.192.0/19 maxlen: 24
195.153.124.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
195.153.74.0/24 maxlen: 24
154.32.0.0/16 maxlen: 24
193.117.32.0/19 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.19.0/24 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
146.101.0.0/16 maxlen: 24
154.8.0.0/19 maxlen: 24
154.8.32.0/20 maxlen: 24
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Dec 2023 06:39:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:02:99:7b:1f:dd:c4:d5:21:1a:f7:5a:91:f1:d6:fe:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Oct 6 01:28:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52cc2ba64a08880eab05a4bdaf1775fd4dc12a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c3:39:e0:22:69:61:3a:95:6a:03:fb:c7:af:
1f:a4:58:81:10:ce:c9:1c:a2:18:e6:0c:b8:b5:6d:
c6:b2:7d:79:64:ea:dc:9c:e9:4a:fd:1a:2c:ee:e6:
1a:45:7e:57:b6:43:43:68:9a:45:23:14:b1:11:2a:
e2:2a:5f:6d:74:ea:ef:d1:32:cb:83:e2:e8:de:42:
0a:63:e7:f9:7e:96:43:a3:2c:5d:67:40:43:be:01:
35:fa:85:ef:c6:cc:e8:b8:d2:43:8a:c7:8a:bf:8f:
ac:13:03:72:62:e9:e3:d5:fa:30:c4:3a:1a:0e:8f:
90:18:9f:b8:80:ee:f6:70:05:39:73:cc:ba:54:0a:
2a:2a:5f:6c:52:8c:6e:ed:d3:30:b2:94:f7:b6:8a:
38:73:1e:0a:ae:84:1e:ff:79:a0:2e:ce:8a:7b:b4:
70:4c:87:63:fc:37:91:3e:0b:c0:29:03:43:d7:a8:
02:58:b9:7b:5c:fd:0e:9f:6b:1d:01:35:ca:18:d8:
94:66:44:77:b3:1a:30:fa:c0:d9:64:d3:85:de:47:
eb:f6:a8:81:45:dd:8e:f6:19:e7:f2:a0:bf:02:40:
f5:5c:94:fe:2d:76:a3:76:39:5d:73:88:d9:0c:d1:
29:ab:3f:69:0d:42:39:44:49:1f:61:bf:23:bd:de:
8c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CC:2B:A6:4A:08:88:0E:AB:05:A4:BD:AF:17:75:FD:4D:C1:2A:3A
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/UswrpkoIiA6rBaS9rxd1_U3BKjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.8.0.0-154.8.47.255
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
62:9f:54:85:37:ba:2e:ea:eb:2a:b6:94:28:7e:b0:4a:0c:8e:
a7:56:55:9f:88:b6:30:eb:0d:15:66:b0:28:0f:00:de:43:6c:
eb:91:9d:16:6f:fd:1c:96:12:3e:b4:3d:96:ba:d6:8c:fb:14:
91:91:3b:07:fd:7d:f4:1f:3e:29:77:9d:28:15:2d:30:d1:e3:
1b:24:3c:5d:7b:fd:03:46:85:b8:7f:36:d8:10:b3:06:92:f6:
d9:65:79:32:2b:2e:a4:ee:17:b5:4c:23:f8:63:c9:73:a1:24:
b8:99:ef:d0:bf:bf:30:e5:c6:f4:84:72:6b:96:ce:a6:48:7b:
60:66:f1:82:5c:46:19:60:76:4c:f3:e2:f5:31:6c:0b:8b:92:
ab:f2:46:d8:66:51:88:77:c4:7e:56:ab:9f:b1:c3:20:7b:1d:
ce:2f:b5:e0:92:a1:5d:10:37:d7:51:05:0e:c5:9c:0a:76:5b:
8c:f4:20:54:32:45:ea:d5:18:06:34:4c:e4:bf:bc:34:1a:4d:
0b:47:f8:8f:60:6d:91:e9:51:34:c5:7b:43:4e:ce:70:39:51:
65:01:1f:f8:b0:c9:10:df:7e:a6:dc:b1:32:55:0c:35:8c:aa:
f2:ca:5d:c3:84:e2:76:90:3c:cb:e1:66:5c:54:ee:a4:54:0a:
0c:e4:08:db
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYsCmXsf3cTVIRr3WpHx1v7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMxMDA2MDEyODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNjMmJhNjRhMDg4ODBlYWIwNWE0YmRhZjE3NzVmZDRkYzEyYTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8M54CJpYTqVagP7x68fpFiBEM7J
HKIY5gy4tW3Gsn15ZOrcnOlK/Ros7uYaRX5XtkNDaJpFIxSxESriKl9tdOrv0TLL
g+Lo3kIKY+f5fpZDoyxdZ0BDvgE1+oXvxszouNJDiseKv4+sEwNyYunj1fowxDoa
Do+QGJ+4gO72cAU5c8y6VAoqKl9sUoxu7dMwspT3too4cx4KroQe/3mgLs6Ke7Rw
TIdj/DeRPgvAKQND16gCWLl7XP0On2sdATXKGNiUZkR3sxow+sDZZNOF3kfr9qiB
Rd2O9hnn8qC/AkD1XJT+LXajdjldc4jZDNEpqz9pDUI5REkfYb8jvd6M+wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFFLMK6ZKCIgOqwWkva8Xdf1NwSo6MB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvVXN3cnBrb0lpQTZyQmFTOXJ4ZDFfVTNCS2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBbBAIAATBVAwMAkmUwCwMD
A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMEAMOZEwME
AMOZSgMEAsOZbAMEAMOZfAMEAcOZ2AMEBNmXIDANBAIAAjAHAwUAKgIWIDANBgkq
hkiG9w0BAQsFAAOCAQEAYp9UhTe6LurrKraUKH6wSgyOp1ZVn4i2MOsNFWawKA8A
3kNs65GdFm/9HJYSPrQ9lrrWjPsUkZE7B/199B8+KXedKBUtMNHjGyQ8XXv9A0aF
uH822BCzBpL22WV5MisupO4XtUwj+GPJc6EkuJnv0L+/MOXG9IRya5bOpkh7YGbx
glxGGWB2TPPi9TFsC4uSq/JG2GZRiHfEflarn7HDIHsdzi+14JKhXRA311EFDsWc
CnZbjPQgVDJF6tUYBjRM5L+8NBpNC0f4j2BtkelRNMV7Q07OcDlRZQEf+LDJEN9+
ptyxMlUMNYyq8spdw4TidpA8y+FmXFTupFQKDOQI2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:07 2024 by rpki-client on console-ams.rpki-client.org