Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uIWwcUP-fgn_xdtq89sj1bwFnaM.roa
File: uIWwcUP-fgn_xdtq89sj1bwFnaM.roa (raw, json)
Hash identifier: KCWelcV4zFJKlTGVOoFZszDfTnX6gZCJP7R40nl4+Zc=
Subject key identifier: B8:85:B0:71:43:FE:7E:09:FF:C5:DB:6A:F3:DB:23:D5:BC:05:9D:A3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185710310BBCF58C6FC0D1ADC0291318F4F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uIWwcUP-fgn_xdtq89sj1bwFnaM.roa
Signing time: Mon 02 Jan 2023 05:45:04 +0000
ROA not before: Mon 02 Jan 2023 05:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61272
IP address blocks: 194.32.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:10:bb:cf:58:c6:fc:0d:1a:dc:02:91:31:8f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b885b07143fe7e09ffc5db6af3db23d5bc059da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3c:3c:8e:e6:97:1a:16:30:9e:ff:cd:4c:3f:
2b:ab:f4:f9:26:8c:1c:d6:4d:93:f1:37:7c:2a:1a:
1f:4b:7e:e7:cc:7b:bc:22:07:db:db:7e:ac:c9:8e:
88:45:6d:d6:6e:f5:7a:72:aa:66:96:1d:05:66:89:
99:28:10:bf:70:30:ec:02:19:36:05:08:93:af:99:
ea:44:16:09:79:ff:55:f1:e9:3f:f6:2e:74:07:00:
95:2b:42:ad:aa:51:7b:b4:ee:ed:32:7b:77:73:e4:
5f:28:d2:48:ea:4e:a2:ff:2a:51:59:d5:ec:8b:85:
e3:d6:0c:d8:0e:83:a8:22:ac:02:62:20:53:2d:a3:
bb:81:95:6d:c2:22:15:f7:c2:c0:4e:7b:15:79:db:
e8:46:11:63:c4:ae:83:d0:65:35:e5:d8:65:32:c9:
0c:f8:ca:dc:bb:5a:6a:a4:8c:40:c6:30:68:35:cf:
3e:a4:ad:ff:d5:ca:67:b4:ad:5c:59:88:8e:66:12:
a5:6a:7b:6d:b1:af:4a:07:b3:b6:b0:f4:a5:85:0e:
aa:5e:06:5e:26:07:05:a9:46:21:5b:cb:2b:ed:4d:
7a:44:b5:a0:f5:44:ba:fa:19:b2:76:12:0b:0d:7c:
dd:30:4f:0a:6a:72:7c:b7:06:1b:c5:aa:ec:aa:1b:
94:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:85:B0:71:43:FE:7E:09:FF:C5:DB:6A:F3:DB:23:D5:BC:05:9D:A3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uIWwcUP-fgn_xdtq89sj1bwFnaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.122.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:0d:2e:ad:ee:91:e1:2f:77:88:ea:ac:b8:ab:04:71:13:99:
d5:91:49:23:32:08:e3:24:08:96:cc:7f:90:65:3a:b8:43:05:
0f:ea:df:d6:a1:7e:e7:71:3c:f5:93:7f:23:de:08:c6:08:71:
0d:74:54:9d:12:c1:dc:05:55:3d:af:07:b5:43:75:07:82:b7:
f3:6f:61:b3:c1:89:40:07:85:83:bc:08:fe:6d:c6:e6:25:79:
4f:29:01:2e:18:65:08:dd:f1:e0:2b:11:11:95:ee:f6:1b:c8:
cd:a5:b1:1f:10:34:fe:88:ae:aa:08:37:e5:30:93:ff:19:44:
fd:a7:97:5c:e6:fa:1a:15:28:03:ea:77:75:83:b5:a2:9f:18:
a4:4b:29:20:d2:cf:10:7a:09:b0:70:a8:45:8e:da:5d:80:1b:
4e:fe:ce:02:16:f7:72:79:4a:88:18:67:11:64:03:ec:d8:5b:
b1:c1:88:b5:3f:f5:0c:39:75:5d:5a:f8:fc:55:b2:1f:8c:e5:
ae:71:e2:48:e4:3b:af:f4:94:19:c5:1b:54:90:b4:08:66:be:
8c:60:46:65:c1:7f:b7:ae:9b:68:02:5a:f7:18:c4:a2:d8:e6:
de:09:f0:f8:16:68:2f:27:ce:1c:88:59:62:a9:06:1b:74:10:
a7:1d:3c:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAxC7z1jG/A0a3AKRMY9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODg1YjA3MTQzZmU3ZTA5ZmZjNWRiNmFmM2RiMjNkNWJjMDU5ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDw8juaXGhYwnv/NTD8rq/T5Jowc
1k2T8Td8KhofS37nzHu8Igfb236syY6IRW3WbvV6cqpmlh0FZomZKBC/cDDsAhk2
BQiTr5nqRBYJef9V8ek/9i50BwCVK0KtqlF7tO7tMnt3c+RfKNJI6k6i/ypRWdXs
i4Xj1gzYDoOoIqwCYiBTLaO7gZVtwiIV98LATnsVedvoRhFjxK6D0GU15dhlMskM
+Mrcu1pqpIxAxjBoNc8+pK3/1cpntK1cWYiOZhKlanttsa9KB7O2sPSlhQ6qXgZe
JgcFqUYhW8sr7U16RLWg9US6+hmydhILDXzdME8KanJ8twYbxarsqhuUswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLiFsHFD/n4J/8XbavPbI9W8BZ2jMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdUlXd2NVUC1mZ25feGR0cTg5c2oxYndGbmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiB6MA0G
CSqGSIb3DQEBCwUAA4IBAQA8DS6t7pHhL3eI6qy4qwRxE5nVkUkjMgjjJAiWzH+Q
ZTq4QwUP6t/WoX7ncTz1k38j3gjGCHENdFSdEsHcBVU9rwe1Q3UHgrfzb2GzwYlA
B4WDvAj+bcbmJXlPKQEuGGUI3fHgKxERle72G8jNpbEfEDT+iK6qCDflMJP/GUT9
p5dc5voaFSgD6nd1g7WinxikSykg0s8QegmwcKhFjtpdgBtO/s4CFvdyeUqIGGcR
ZAPs2FuxwYi1P/UMOXVdWvj8VbIfjOWuceJI5Duv9JQZxRtUkLQIZr6MYEZlwX+3
rptoAlr3GMSi2ObeCfD4FmgvJ84ciFliqQYbdBCnHTx5
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org