Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uetnKQP__rgJF9VJJVQpQAWESgQ.roa
File: uetnKQP__rgJF9VJJVQpQAWESgQ.roa (raw, json)
Hash identifier: DqyZ8Pgl/WN6ymKz7SKSR+CM0unA+1/n+3s1EHFV/q0=
Subject key identifier: B9:EB:67:29:03:FF:FE:B8:09:17:D5:49:25:54:29:40:05:84:4A:04
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186C4ED5505B191EC6097868E043BA07634
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uetnKQP__rgJF9VJJVQpQAWESgQ.roa
Signing time: Thu 09 Mar 2023 05:52:13 +0000
ROA not before: Thu 09 Mar 2023 05:52:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 185.217.119.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
103.212.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c4:ed:55:05:b1:91:ec:60:97:86:8e:04:3b:a0:76:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 9 05:52:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9eb672903fffeb80917d5492554294005844a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:63:97:79:0a:5a:bd:1f:13:00:0a:f3:4e:60:
55:3f:be:f1:c4:68:0d:0f:94:f0:e7:6a:d2:2a:17:
bd:e1:54:c6:b7:cb:40:31:a8:6b:6d:a7:8e:c6:c0:
a8:01:2c:8e:2f:b4:7e:5c:ee:82:9b:fc:07:0d:d4:
d5:f8:12:51:c8:df:70:fd:d9:10:96:b7:b3:85:d7:
59:e2:55:92:7a:83:74:74:4c:33:5c:49:fd:a9:dc:
3d:80:c9:6e:bf:4f:11:23:73:c6:97:86:b6:7f:10:
8f:ac:7a:e3:6a:18:39:8a:4f:73:03:cd:8a:72:bf:
71:b1:14:75:e7:2b:db:56:8d:56:66:2a:77:5b:c8:
f6:15:ee:bf:2d:33:e1:3d:fe:a7:51:f1:79:c9:b0:
51:c8:4e:5f:89:40:f6:9a:e5:b3:25:aa:3b:e6:d6:
d9:dd:6a:63:b3:20:b7:f9:d2:b2:33:6b:74:46:0d:
02:f6:ea:0b:2f:ae:80:c6:c5:dc:3d:fa:85:2c:48:
ad:8c:0e:c9:95:16:b7:55:5f:43:aa:68:d0:c4:36:
d4:15:4c:d1:db:27:22:95:72:89:b9:e2:1d:63:d5:
a3:53:83:29:f2:f8:e2:ad:92:b3:2e:8f:b2:67:a4:
93:e7:33:c3:8b:5f:86:62:7e:31:ad:d6:e2:02:8b:
18:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:EB:67:29:03:FF:FE:B8:09:17:D5:49:25:54:29:40:05:84:4A:04
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uetnKQP__rgJF9VJJVQpQAWESgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.150.0/24
103.212.80.0/24
185.217.119.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:8f:83:1d:e4:02:17:b9:ef:d4:b5:4c:c5:16:c5:bd:dd:74:
b3:d4:64:2b:5f:f7:48:00:1f:98:e3:a5:6d:b3:99:7b:36:92:
4e:4a:b6:62:27:ec:f1:8e:57:a9:7c:5f:dc:bf:79:91:42:a5:
1e:a8:d6:fc:cc:00:ee:cd:c5:62:1d:7e:88:46:25:83:0e:cd:
92:b1:f4:2c:d2:c8:67:fd:53:cd:da:26:ac:c1:f6:52:a7:41:
26:75:58:03:6b:7a:76:2d:ae:fc:33:1e:97:d6:78:63:81:e7:
78:99:73:07:42:1f:cb:1d:83:0d:47:20:c3:6c:88:ba:02:a9:
fc:12:e0:a7:97:c3:41:f7:aa:bb:be:96:f4:4d:24:15:35:66:
e7:d0:c3:f4:e4:a5:62:81:25:83:e4:c1:81:83:c5:5f:b7:bf:
94:66:ed:28:8a:1e:c6:ce:ae:83:c7:a1:c6:38:50:34:32:91:
a2:84:fe:35:5e:78:51:68:55:1d:89:60:45:39:86:35:1a:7e:
f6:17:5f:a4:29:55:15:50:79:b6:58:a4:79:10:5c:e0:0d:33:
33:95:93:55:50:65:a6:66:f9:9b:60:d7:0b:cf:c1:b0:45:62:
ad:a8:ab:d6:94:94:0a:08:80:e3:f5:8d:7b:ba:8c:ce:17:b1:
da:af:e7:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbE7VUFsZHsYJeGjgQ7oHY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA5MDU1MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWViNjcyOTAzZmZmZWI4MDkxN2Q1NDkyNTU0Mjk0MDA1ODQ0YTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWOXeQpavR8TAArzTmBVP77xxGgN
D5Tw52rSKhe94VTGt8tAMahrbaeOxsCoASyOL7R+XO6Cm/wHDdTV+BJRyN9w/dkQ
lrezhddZ4lWSeoN0dEwzXEn9qdw9gMluv08RI3PGl4a2fxCPrHrjahg5ik9zA82K
cr9xsRR15yvbVo1WZip3W8j2Fe6/LTPhPf6nUfF5ybBRyE5fiUD2muWzJao75tbZ
3WpjsyC3+dKyM2t0Rg0C9uoLL66AxsXcPfqFLEitjA7JlRa3VV9DqmjQxDbUFUzR
2ycilXKJueIdY9WjU4Mp8vjirZKzLo+yZ6ST5zPDi1+GYn4xrdbiAosYEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLnrZykD//64CRfVSSVUKUAFhEoEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdWV0bktRUF9fcmdKRjlWSkpWUXBRQVdFU2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/eWAwQA
Z9RQAwQAudl3MA0GCSqGSIb3DQEBCwUAA4IBAQBqj4Md5AIXue/UtUzFFsW93XSz
1GQrX/dIAB+Y46Vts5l7NpJOSrZiJ+zxjlepfF/cv3mRQqUeqNb8zADuzcViHX6I
RiWDDs2SsfQs0shn/VPN2iaswfZSp0EmdVgDa3p2La78Mx6X1nhjged4mXMHQh/L
HYMNRyDDbIi6Aqn8EuCnl8NB96q7vpb0TSQVNWbn0MP05KVigSWD5MGBg8Vft7+U
Zu0oih7Gzq6Dx6HGOFA0MpGihP41XnhRaFUdiWBFOYY1Gn72F1+kKVUVUHm2WKR5
EFzgDTMzlZNVUGWmZvmbYNcLz8GwRWKtqKvWlJQKCIDj9Y17uozOF7Har+dT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org