Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UeuGpdpu_dGrYbv-BxwC5TiNc2o.roa
File: UeuGpdpu_dGrYbv-BxwC5TiNc2o.roa (raw, json)
Hash identifier: 3As//ZJOfu2Hvf7CopH2hpvtZwvflvPtOEzrkM3Dqks=
Subject key identifier: 51:EB:86:A5:DA:6E:FD:D1:AB:61:BB:FE:07:1C:02:E5:38:8D:73:6A
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018806D963F22257789C7DD49A36D2AE8C46
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UeuGpdpu_dGrYbv-BxwC5TiNc2o.roa
Signing time: Wed 10 May 2023 18:08:10 +0000
ROA not before: Wed 10 May 2023 18:08:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.194.0/23 maxlen: 24
91.186.216.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 May 2023 19:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:06:d9:63:f2:22:57:78:9c:7d:d4:9a:36:d2:ae:8c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: May 10 18:08:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51eb86a5da6efdd1ab61bbfe071c02e5388d736a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7a:3a:03:fd:e7:71:ae:35:c7:a6:fc:85:df:
70:5a:75:75:ae:e1:e9:fa:03:15:b9:3a:81:a2:8f:
26:e4:cc:6c:d5:4c:e8:43:18:62:4a:8a:eb:6b:4f:
3b:14:95:be:f1:68:5b:7e:77:66:73:ba:5d:71:de:
c7:5b:50:ab:90:e7:68:86:b9:47:01:eb:4d:f8:83:
12:ad:21:aa:d4:38:ef:42:b7:bb:91:51:f0:33:7a:
51:12:62:80:26:83:f7:49:50:6a:38:10:ac:79:b6:
db:a6:a4:e7:d7:53:58:73:a8:08:a5:25:8e:e2:97:
99:c0:b9:ec:d2:e9:13:2b:e3:db:a6:8f:1b:db:2f:
0e:7f:bc:7f:1b:e3:48:5e:ce:ce:14:ff:fa:f0:55:
58:7c:a5:ec:fa:7e:65:f0:ef:0b:58:0f:e9:87:ca:
30:22:ca:ba:cd:15:2d:7d:89:bd:0a:91:8a:d2:d5:
3a:18:e7:b5:95:4c:e6:7e:98:ae:c8:fa:10:ae:26:
c1:2f:fa:0c:67:5e:44:24:f1:06:d8:8c:1f:e6:cc:
d9:02:5d:eb:49:5a:02:d4:ff:f0:63:fc:7a:1a:80:
12:93:45:61:1c:f0:5e:8a:af:64:07:ee:26:73:ec:
de:3b:a3:5f:f8:32:62:d9:5b:d9:dc:86:5c:0e:ac:
ce:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:EB:86:A5:DA:6E:FD:D1:AB:61:BB:FE:07:1C:02:E5:38:8D:73:6A
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UeuGpdpu_dGrYbv-BxwC5TiNc2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.252.0/22
91.186.194.0/23
91.186.216.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:b3:6c:40:9d:18:ca:88:de:9b:b3:b6:21:30:8e:42:17:f7:
fc:5a:26:79:4c:d0:cd:3e:2c:07:e0:3f:77:29:f5:c9:73:9b:
a6:9e:52:08:cd:0e:3a:29:1a:96:49:37:bd:92:c4:1f:e3:fc:
aa:8d:74:cc:17:28:50:7f:2b:b0:81:d3:ef:fe:3c:57:59:17:
33:45:41:f5:d9:fe:20:3a:85:d2:61:39:26:38:f5:d4:1c:a9:
52:85:7d:69:ea:da:18:26:b1:31:43:6e:5f:b3:8c:b8:18:0a:
a7:da:da:de:b9:2f:dd:9c:f6:6e:c5:5d:c9:fa:64:e2:05:32:
4b:56:ca:47:0c:7d:76:74:22:7a:f2:e6:58:e0:5a:71:b0:c1:
e3:84:e9:c6:69:de:11:31:87:b8:a9:7d:1e:18:7f:99:29:40:
53:e1:19:3a:cd:a9:ad:18:db:e0:47:b1:43:9e:51:ca:38:18:
e8:99:b9:75:f8:1e:a0:80:10:84:7b:c3:7a:8a:e1:43:da:63:
47:59:d5:b6:b7:fd:78:96:b1:43:d1:b9:3b:76:bb:a0:e9:41:
a3:3b:9d:cd:2f:f7:fe:dc:a7:61:25:5a:7b:4d:17:ce:32:b1:
a4:5a:ff:ac:a4:35:f4:cb:0c:16:45:9a:0a:6c:58:9c:7a:21:
7f:b4:41:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgG2WPyIld4nH3UmjbSroxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNTEwMTgwODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWViODZhNWRhNmVmZGQxYWI2MWJiZmUwNzFjMDJlNTM4OGQ3MzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtno6A/3nca41x6b8hd9wWnV1ruHp
+gMVuTqBoo8m5Mxs1UzoQxhiSorra087FJW+8Whbfndmc7pdcd7HW1CrkOdohrlH
AetN+IMSrSGq1DjvQre7kVHwM3pREmKAJoP3SVBqOBCsebbbpqTn11NYc6gIpSWO
4peZwLns0ukTK+Pbpo8b2y8Of7x/G+NIXs7OFP/68FVYfKXs+n5l8O8LWA/ph8ow
Isq6zRUtfYm9CpGK0tU6GOe1lUzmfpiuyPoQribBL/oMZ15EJPEG2Iwf5szZAl3r
SVoC1P/wY/x6GoASk0VhHPBeiq9kB+4mc+zeO6Nf+DJi2VvZ3IZcDqzOiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFHrhqXabv3Rq2G7/gccAuU4jXNqMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvVWV1R3BkcHVfZEdyWWJ2LUJ4d0M1VGlOYzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P8AwQB
W7rCAwQCW7rYMA0GCSqGSIb3DQEBCwUAA4IBAQB8s2xAnRjKiN6bs7YhMI5CF/f8
WiZ5TNDNPiwH4D93KfXJc5umnlIIzQ46KRqWSTe9ksQf4/yqjXTMFyhQfyuwgdPv
/jxXWRczRUH12f4gOoXSYTkmOPXUHKlShX1p6toYJrExQ25fs4y4GAqn2treuS/d
nPZuxV3J+mTiBTJLVspHDH12dCJ68uZY4FpxsMHjhOnGad4RMYe4qX0eGH+ZKUBT
4Rk6zamtGNvgR7FDnlHKOBjombl1+B6ggBCEe8N6iuFD2mNHWdW2t/14lrFD0bk7
drug6UGjO53NL/f+3KdhJVp7TRfOMrGkWv+spDX0ywwWRZoKbFiceiF/tEFS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org