Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uf-APWbkHUB5I_F8JRy9D6Wwwh0.roa
File: uf-APWbkHUB5I_F8JRy9D6Wwwh0.roa (raw, json)
Hash identifier: pFJ1c8mwUINaAAI+stgfqN76Uj2SHV16GwIaj8aVAxM=
Subject key identifier: B9:FF:80:3D:66:E4:1D:40:79:23:F1:7C:25:1C:BD:0F:A5:B0:C2:1D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187572C6ED01CF2CFE051F81F0F6073A80C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uf-APWbkHUB5I_F8JRy9D6Wwwh0.roa
Signing time: Thu 06 Apr 2023 15:25:42 +0000
ROA not before: Thu 06 Apr 2023 15:25:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.214.27.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
185.9.55.0/24 maxlen: 24
194.4.157.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:2c:6e:d0:1c:f2:cf:e0:51:f8:1f:0f:60:73:a8:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 6 15:25:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9ff803d66e41d407923f17c251cbd0fa5b0c21d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cc:cb:ea:98:25:7b:71:21:04:4f:cf:74:96:
5c:73:8f:62:9d:87:52:29:95:de:bb:75:9d:f2:a4:
d0:a8:b5:4e:b8:83:8c:32:b5:ad:9e:2f:d6:93:ab:
42:df:93:c0:01:1d:be:88:51:fd:f1:99:fb:6f:4b:
88:8f:e4:18:e8:88:d3:de:8e:92:49:ed:61:e9:45:
cb:0e:48:ee:b4:a9:a1:10:3e:9f:c3:92:be:1f:43:
94:47:18:fc:a6:5f:e7:e7:e7:5f:6a:42:0f:99:70:
d0:e7:cb:bd:d5:24:bd:41:32:55:33:75:fd:94:af:
10:d3:4b:5f:c1:1b:30:b7:59:fd:c8:33:05:e1:b8:
4a:d3:ec:82:54:13:a0:bb:83:83:29:3f:b9:3c:e2:
3b:2c:3b:f5:43:b1:19:66:95:ae:1a:54:9f:e8:42:
68:0a:b2:d9:d0:76:4f:e9:64:0d:ac:e2:62:4c:65:
e7:33:e0:a1:f7:44:86:10:d5:56:8f:50:35:3c:8d:
c1:fe:e8:2c:1a:4a:4a:5a:63:cf:bc:0b:8e:9a:0d:
a5:6a:a5:9d:bc:13:e0:e3:4b:67:ca:71:17:5f:f3:
5c:a8:55:c3:a3:b7:c4:ac:92:48:33:dc:96:87:11:
63:e7:17:ff:c1:e9:38:e0:7d:fe:99:c9:8f:55:63:
39:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FF:80:3D:66:E4:1D:40:79:23:F1:7C:25:1C:BD:0F:A5:B0:C2:1D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uf-APWbkHUB5I_F8JRy9D6Wwwh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0/24
78.142.243.0/24
185.9.55.0/24
185.103.75.0/24
188.214.27.0/24
193.19.106.0/24
194.4.157.0/24
203.0.8.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:17:fc:39:0e:1d:1e:6e:6e:e7:b3:00:21:f6:d1:89:44:ef:
86:ab:1c:ab:68:fe:c9:7a:43:2a:9b:da:02:ff:29:41:c2:be:
5f:2f:12:13:01:06:df:bf:0d:96:5d:eb:1c:da:18:d4:3b:2f:
98:b9:c3:87:dc:3c:3f:f4:28:57:35:37:67:d1:0b:d0:81:dd:
61:69:07:63:3f:64:de:2a:b4:ed:98:dd:12:39:1a:54:14:52:
bb:dc:c1:ce:ea:e5:dc:56:d6:d5:ca:19:c7:81:4f:f3:82:47:
97:5f:95:88:87:97:f7:c4:d8:3a:44:38:99:ab:a7:b3:a9:1d:
01:29:0b:0d:e2:3c:a3:68:11:a8:bc:f1:5e:7f:d0:65:ff:34:
6f:23:aa:3f:90:00:22:42:40:03:b0:49:13:dc:58:c7:f7:89:
71:eb:b9:03:5a:d9:26:46:03:20:91:60:8a:d3:f4:36:30:75:
17:17:22:de:30:45:98:45:41:db:b3:8e:d8:92:ee:dd:07:cb:
64:de:c9:9b:f5:ad:8a:e2:f6:6f:b7:cd:9d:97:99:44:dd:96:
95:7a:78:d4:ab:7f:55:e6:eb:6d:11:52:c6:3d:0e:89:53:83:
7f:65:91:74:ee:77:86:0d:1f:34:db:65:84:4a:f9:ea:26:eb:
a9:d9:a4:39
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdXLG7QHPLP4FH4Hw9gc6gMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA2MTUyNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWZmODAzZDY2ZTQxZDQwNzkyM2YxN2MyNTFjYmQwZmE1YjBjMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMzL6pgle3EhBE/PdJZcc49inYdS
KZXeu3Wd8qTQqLVOuIOMMrWtni/Wk6tC35PAAR2+iFH98Zn7b0uIj+QY6IjT3o6S
Se1h6UXLDkjutKmhED6fw5K+H0OURxj8pl/n5+dfakIPmXDQ58u91SS9QTJVM3X9
lK8Q00tfwRswt1n9yDMF4bhK0+yCVBOgu4ODKT+5POI7LDv1Q7EZZpWuGlSf6EJo
CrLZ0HZP6WQNrOJiTGXnM+Ch90SGENVWj1A1PI3B/ugsGkpKWmPPvAuOmg2laqWd
vBPg40tnynEXX/NcqFXDo7fErJJIM9yWhxFj5xf/wek44H3+mcmPVWM5kwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLn/gD1m5B1AeSPxfCUcvQ+lsMIdMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdWYtQVBXYmtIVUI1SV9GOEpSeTlENld3d2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALZ+YAwQA
To7zAwQAuQk3AwQAuWdLAwQAvNYbAwQAwRNqAwQAwgSdAwQAywAIMA0GCSqGSIb3
DQEBCwUAA4IBAQA7F/w5Dh0ebm7nswAh9tGJRO+GqxyraP7JekMqm9oC/ylBwr5f
LxITAQbfvw2WXesc2hjUOy+YucOH3Dw/9ChXNTdn0QvQgd1haQdjP2TeKrTtmN0S
ORpUFFK73MHO6uXcVtbVyhnHgU/zgkeXX5WIh5f3xNg6RDiZq6ezqR0BKQsN4jyj
aBGovPFef9Bl/zRvI6o/kAAiQkADsEkT3FjH94lx67kDWtkmRgMgkWCK0/Q2MHUX
FyLeMEWYRUHbs47Yku7dB8tk3smb9a2K4vZvt82dl5lE3ZaVenjUq39V5uttEVLG
PQ6JU4N/ZZF07neGDR8022WESvnqJuup2aQ5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org