Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/Uj474DEq3Lj5hHmqXVVq6GVIOZw.roa
File: Uj474DEq3Lj5hHmqXVVq6GVIOZw.roa (raw, json)
Hash identifier: yRlOjG5NKpJU3JHFc402gcUx/ojq5MewxENkBMFkM9c=
Subject key identifier: 52:3E:3B:E0:31:2A:DC:B8:F9:84:79:AA:5D:55:6A:E8:65:48:39:9C
Certificate issuer: /CN=d524a83fff2f000e99c1f28ec19648986f8ddc37
Certificate serial: 01857139D5875B52E095B5A9289BEA20ACFF
Authority key identifier: D5:24:A8:3F:FF:2F:00:0E:99:C1:F2:8E:C1:96:48:98:6F:8D:DC:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/Uj474DEq3Lj5hHmqXVVq6GVIOZw.roa
Signing time: Mon 02 Jan 2023 06:44:53 +0000
ROA not before: Mon 02 Jan 2023 06:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42763
IP address blocks: 91.193.120.0/22 maxlen: 24
77.87.0.0/21 maxlen: 24
193.33.174.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:d5:87:5b:52:e0:95:b5:a9:28:9b:ea:20:ac:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d524a83fff2f000e99c1f28ec19648986f8ddc37
Validity
Not Before: Jan 2 06:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=523e3be0312adcb8f98479aa5d556ae86548399c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f0:b1:ae:5d:c8:68:e2:be:c9:f2:81:9a:24:
c7:2a:93:1d:19:db:87:9b:a1:e3:b6:03:41:2e:89:
9d:db:23:cd:c6:5a:21:89:ac:cc:30:6f:9d:a3:2a:
5e:0a:a6:80:2c:79:61:9b:d6:ac:78:d3:49:36:e0:
c3:4b:ec:39:a6:18:c0:14:69:16:a2:9a:53:45:8f:
f0:f8:dc:7a:ba:c3:b9:a9:e2:22:47:2c:6c:9d:c5:
a7:09:ee:94:98:a9:e8:b6:9d:2d:2e:a5:e1:7f:3c:
65:e9:ce:93:8c:51:c8:16:3e:90:91:64:e9:fe:36:
79:a2:3f:4b:22:49:e8:20:c9:c4:14:66:bb:cf:10:
d2:f5:69:52:ac:b6:2d:77:0d:f1:70:b9:2a:76:e0:
8d:41:0c:6d:7b:e1:3d:ec:c7:01:5b:fc:69:2e:85:
b7:1c:74:35:b5:e6:2f:53:35:39:8f:2a:17:0c:e3:
c7:b3:4b:ac:6d:8f:3f:5e:7f:66:6b:d4:67:57:b2:
ab:90:dd:5d:95:c1:57:d6:42:9b:76:5c:7f:0d:b9:
12:f8:14:2c:a6:c6:61:38:93:12:62:fa:02:e9:e5:
6d:a7:a0:60:d6:31:e3:2d:c5:45:ec:bb:4a:d4:52:
5f:c9:f2:68:93:c8:d9:41:96:b4:9f:b7:b9:a8:80:
63:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3E:3B:E0:31:2A:DC:B8:F9:84:79:AA:5D:55:6A:E8:65:48:39:9C
X509v3 Authority Key Identifier:
keyid:D5:24:A8:3F:FF:2F:00:0E:99:C1:F2:8E:C1:96:48:98:6F:8D:DC:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/Uj474DEq3Lj5hHmqXVVq6GVIOZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.0.0/21
91.193.120.0/22
193.33.174.0/23
Signature Algorithm: sha256WithRSAEncryption
24:d8:62:d3:70:90:f9:25:4d:7d:f0:e4:cc:40:a3:01:1b:f6:
7e:b8:64:71:8a:ef:94:2a:5e:11:a9:16:49:22:65:40:61:13:
10:e1:78:99:f2:51:bb:ee:e3:9a:1b:9f:f4:8c:42:70:fb:b3:
eb:a9:8b:74:70:67:23:f8:a2:98:f0:fb:f6:d8:51:2e:cf:b6:
c5:67:cd:01:82:0f:86:67:b4:ea:f5:14:57:71:b0:d5:3d:57:
dd:08:05:26:4d:42:cf:bc:fd:e1:49:f3:9f:55:8a:98:11:9e:
c8:e3:8b:4e:6f:cf:ce:ad:5f:9b:e6:d2:bf:4c:9a:15:74:31:
97:aa:3e:f8:79:44:fa:f8:c5:c4:45:ce:57:14:ac:ef:45:fb:
69:09:ca:81:b3:3f:13:91:ae:2a:82:ae:31:e5:00:ba:da:24:
49:e8:56:be:61:e9:83:48:6b:d1:a8:dc:f5:e6:bd:71:a1:7a:
50:96:20:4f:07:b1:ca:2a:46:3f:1f:16:2b:71:a0:1d:4f:a0:
4c:58:84:9c:70:3f:38:0d:41:b1:0f:10:7c:8e:80:62:c7:0a:
a9:09:19:9a:87:7e:78:e1:86:be:98:60:74:4e:b3:5f:95:2e:
3d:cf:1c:c4:a4:6e:c4:42:d8:9a:c3:21:6e:72:5d:5e:fe:44:
02:eb:ec:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxOdWHW1LglbWpKJvqIKz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MjRhODNmZmYyZjAwMGU5OWMxZjI4ZWMxOTY0ODk4NmY4
ZGRjMzcwHhcNMjMwMTAyMDY0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjNlM2JlMDMxMmFkY2I4Zjk4NDc5YWE1ZDU1NmFlODY1NDgzOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/Cxrl3IaOK+yfKBmiTHKpMdGduH
m6HjtgNBLomd2yPNxlohiazMMG+doypeCqaALHlhm9aseNNJNuDDS+w5phjAFGkW
oppTRY/w+Nx6usO5qeIiRyxsncWnCe6UmKnotp0tLqXhfzxl6c6TjFHIFj6QkWTp
/jZ5oj9LIknoIMnEFGa7zxDS9WlSrLYtdw3xcLkqduCNQQxte+E97McBW/xpLoW3
HHQ1teYvUzU5jyoXDOPHs0usbY8/Xn9ma9RnV7KrkN1dlcFX1kKbdlx/DbkS+BQs
psZhOJMSYvoC6eVtp6Bg1jHjLcVF7LtK1FJfyfJok8jZQZa0n7e5qIBj6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFI+O+AxKty4+YR5ql1VauhlSDmcMB8GA1UdIwQY
MBaAFNUkqD//LwAOmcHyjsGWSJhvjdw3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVNTb1BfOHZBQTZad2ZLT3daWkltRy1OM0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kYmFmY2QtYTUxZC00NDZiLTljZDct
NDRkNDBkMWM0NmQ1LzEvVWo0NzRERXEzTGo1aEhtcVhWVnE2R1ZJT1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kYmFmY2QtYTUxZC00NDZiLTljZDctNDRkNDBkMWM0NmQ1
LzEvMVNTb1BfOHZBQTZad2ZLT3daWkltRy1OM0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTVcAAwQC
W8F4AwQBwSGuMA0GCSqGSIb3DQEBCwUAA4IBAQAk2GLTcJD5JU198OTMQKMBG/Z+
uGRxiu+UKl4RqRZJImVAYRMQ4XiZ8lG77uOaG5/0jEJw+7PrqYt0cGcj+KKY8Pv2
2FEuz7bFZ80Bgg+GZ7Tq9RRXcbDVPVfdCAUmTULPvP3hSfOfVYqYEZ7I44tOb8/O
rV+b5tK/TJoVdDGXqj74eUT6+MXERc5XFKzvRftpCcqBsz8Tka4qgq4x5QC62iRJ
6Fa+YemDSGvRqNz15r1xoXpQliBPB7HKKkY/HxYrcaAdT6BMWISccD84DUGxDxB8
joBixwqpCRmah3544Ya+mGB0TrNflS49zxzEpG7EQtiawyFucl1e/kQC6+wi
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:13 2024 by rpki-client on console-ams.rpki-client.org