Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/uHpr67eKu6wQVJXKXrGE5IHs0vk.roa
File: uHpr67eKu6wQVJXKXrGE5IHs0vk.roa (raw, json)
Hash identifier: pihHBL22lWrrpmOTjhhYySFj58oZZiL0pwSnoGifxvo=
Subject key identifier: B8:7A:6B:EB:B7:8A:BB:AC:10:54:95:CA:5E:B1:84:E4:81:EC:D2:F9
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 0189AC01D03DAE00F9074ACABFCA197C9C9C
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/uHpr67eKu6wQVJXKXrGE5IHs0vk.roa
Signing time: Mon 31 Jul 2023 12:52:27 +0000
ROA not before: Mon 31 Jul 2023 12:52:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59741
IP address blocks: 185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
45.141.52.0/22 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:01:d0:3d:ae:00:f9:07:4a:ca:bf:ca:19:7c:9c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Jul 31 12:52:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b87a6bebb78abbac105495ca5eb184e481ecd2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4b:11:35:39:6f:2c:a9:a2:c8:83:a7:14:d8:
85:82:a5:dc:16:a1:91:cf:52:58:2b:92:55:8a:98:
91:2c:50:a0:c1:d4:68:ab:d7:3a:1b:45:d6:10:5f:
98:59:b0:30:36:fe:06:48:5a:c2:d9:08:6d:e8:34:
97:05:a9:aa:56:db:6c:04:66:ee:b9:95:d3:23:75:
f8:f1:9a:37:b6:83:8a:29:6c:97:89:1b:bf:3f:f3:
3d:ae:1c:7d:da:b7:8d:11:b4:b8:b8:59:cf:d9:c0:
60:c9:e7:f3:37:a7:8b:0a:cc:59:31:f3:ff:f2:12:
af:e8:36:09:1c:d4:e2:3b:93:0e:82:f7:c0:dc:1f:
00:56:4a:df:4b:8f:4e:b9:41:0c:e4:96:6e:dd:90:
d4:97:15:c6:61:89:17:f5:54:5b:ab:b6:ae:8e:e9:
87:d3:cd:4b:8b:57:56:a9:d5:09:1a:8b:0c:40:75:
ca:b2:8c:39:0f:19:56:85:b9:7d:92:a9:46:e3:84:
b4:4e:9e:94:13:7a:b6:38:32:40:6d:63:ee:e2:36:
91:11:b0:17:31:40:c8:33:35:68:54:a6:f8:a2:1a:
9b:1b:25:29:a1:7f:e9:48:7d:ae:fe:b5:97:e1:ad:
7a:37:7a:ed:96:b0:77:bb:a7:b8:75:e1:ea:7c:7b:
25:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:7A:6B:EB:B7:8A:BB:AC:10:54:95:CA:5E:B1:84:E4:81:EC:D2:F9
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/uHpr67eKu6wQVJXKXrGE5IHs0vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
be:c7:73:34:07:63:50:f7:7a:b6:d3:2b:d6:d1:5b:79:03:94:
1b:ef:7d:8d:38:08:bc:9c:f4:ee:80:d0:01:70:f2:e1:23:65:
a9:67:af:32:6a:55:a5:b4:a9:99:d3:28:87:d3:e7:8d:c3:c4:
9f:0c:ad:9a:16:e3:c4:25:4f:98:bb:85:cd:b8:6e:11:6a:f0:
6b:46:a5:01:33:6b:d0:ed:f8:4d:68:d2:7e:79:0f:38:9f:20:
a9:ec:67:89:fe:21:90:53:9a:fb:67:72:61:df:4d:d5:60:b3:
19:8e:4c:ee:cc:8e:d4:59:83:72:c9:a2:7d:ae:84:26:24:1c:
2d:77:64:95:cd:05:8d:4f:bd:b0:b2:70:7b:74:07:5e:6a:6a:
3f:c5:5a:0f:59:c5:d6:28:d3:93:5a:60:c9:db:38:8c:e5:6a:
88:51:54:f0:65:bc:c4:a3:1b:ee:d5:eb:d5:dd:5a:a6:1d:43:
f2:71:59:9a:42:0d:99:77:98:ff:78:59:42:ab:2c:d0:b6:08:
91:8e:1c:d1:31:61:60:8c:8a:00:a2:de:a2:c3:1f:ae:65:e5:
c9:c9:de:60:57:5f:ef:09:bf:67:f8:59:83:aa:f6:b3:5f:ee:
d1:42:ea:4e:2f:c5:56:a0:79:ed:59:9a:7e:8d:da:a7:ca:a3:
b6:eb:92:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmsAdA9rgD5B0rKv8oZfJycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjMwNzMxMTI1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODdhNmJlYmI3OGFiYmFjMTA1NDk1Y2E1ZWIxODRlNDgxZWNkMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUsRNTlvLKmiyIOnFNiFgqXcFqGR
z1JYK5JVipiRLFCgwdRoq9c6G0XWEF+YWbAwNv4GSFrC2Qht6DSXBamqVttsBGbu
uZXTI3X48Zo3toOKKWyXiRu/P/M9rhx92reNEbS4uFnP2cBgyefzN6eLCsxZMfP/
8hKv6DYJHNTiO5MOgvfA3B8AVkrfS49OuUEM5JZu3ZDUlxXGYYkX9VRbq7aujumH
081Li1dWqdUJGosMQHXKsow5DxlWhbl9kqlG44S0Tp6UE3q2ODJAbWPu4jaREbAX
MUDIMzVoVKb4ohqbGyUpoX/pSH2u/rWX4a16N3rtlrB3u6e4deHqfHslEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLh6a+u3irusEFSVyl6xhOSB7NL5MB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvdUhwcjY3ZUt1NndRVkpYS1hyR0U1SUhzMHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLY00AwQB
uUnwMA0EAgACMAcDBQAqBUdAMA0GCSqGSIb3DQEBCwUAA4IBAQC+x3M0B2NQ93q2
0yvW0Vt5A5Qb732NOAi8nPTugNABcPLhI2WpZ68yalWltKmZ0yiH0+eNw8SfDK2a
FuPEJU+Yu4XNuG4RavBrRqUBM2vQ7fhNaNJ+eQ84nyCp7GeJ/iGQU5r7Z3Jh303V
YLMZjkzuzI7UWYNyyaJ9roQmJBwtd2SVzQWNT72wsnB7dAdeamo/xVoPWcXWKNOT
WmDJ2ziM5WqIUVTwZbzEoxvu1evV3VqmHUPycVmaQg2Zd5j/eFlCqyzQtgiRjhzR
MWFgjIoAot6iwx+uZeXJyd5gV1/vCb9n+FmDqvazX+7RQupOL8VWoHntWZp+jdqn
yqO265I7
-----END CERTIFICATE-----
Generated at Tue Aug 8 08:26:54 2023 by rpki-client on console-ams.rpki-client.org