Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/UQr8Jn6IZfPlvWhAF3bbwwOhBcY.roa
File: UQr8Jn6IZfPlvWhAF3bbwwOhBcY.roa (raw, json)
Hash identifier: o6MfrqicMO5u/HB0zE8G+Gi9aGYoZZluFbbymXlxK3U=
Subject key identifier: 51:0A:FC:26:7E:88:65:F3:E5:BD:68:40:17:76:DB:C3:03:A1:05:C6
Certificate issuer: /CN=98901c7cffd19a4fea78f79b1004999266dcc224
Certificate serial: 01856DCAFDA17EB3410340ACE032296C607B
Authority key identifier: 98:90:1C:7C:FF:D1:9A:4F:EA:78:F7:9B:10:04:99:92:66:DC:C2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJAcfP_Rmk_qePebEASZkmbcwiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/UQr8Jn6IZfPlvWhAF3bbwwOhBcY.roa
Signing time: Sun 01 Jan 2023 14:44:57 +0000
ROA not before: Sun 01 Jan 2023 14:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39122
IP address blocks: 193.36.43.0/24 maxlen: 24
91.210.232.0/22 maxlen: 22
185.43.232.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:fd:a1:7e:b3:41:03:40:ac:e0:32:29:6c:60:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98901c7cffd19a4fea78f79b1004999266dcc224
Validity
Not Before: Jan 1 14:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=510afc267e8865f3e5bd68401776dbc303a105c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:15:11:13:4a:3a:6a:1f:2d:ac:8d:c9:90:4d:
b7:e5:60:90:54:79:ca:42:7e:b6:3d:73:52:d8:eb:
48:0d:8a:46:cf:2c:a8:89:eb:1b:06:94:7a:d2:38:
30:02:c6:5c:a7:e4:18:00:87:8f:de:b6:a9:ca:b2:
45:7e:f5:7d:1a:ee:08:42:c2:03:96:3c:c9:f3:ba:
2d:34:b5:e3:1e:ac:6a:bf:9c:fb:7d:eb:dd:5e:b1:
05:aa:5c:9f:75:09:83:a4:31:2d:e3:0f:1b:83:a9:
92:98:70:79:9e:c8:ea:ef:39:93:df:ae:ee:8c:33:
40:95:9f:9b:e8:fc:7e:bf:68:66:23:7c:1d:49:9d:
44:7d:15:4c:a2:ee:ea:de:8c:c8:23:36:d8:71:07:
0d:7d:a3:4c:6d:53:01:de:ce:ed:cb:17:eb:fc:1f:
56:21:34:03:8d:24:5d:38:69:53:62:c3:69:c3:34:
9d:c3:c2:74:46:c3:e4:ae:b3:5e:5f:60:05:f3:c9:
17:47:f2:6e:42:fb:63:6c:fa:62:04:cb:b4:d6:b0:
08:32:78:db:ce:a0:09:2b:0c:75:09:35:3b:fe:d1:
9b:94:0e:22:c0:29:13:cd:69:37:61:36:0d:9d:8b:
8b:00:40:dd:e4:f5:9c:c6:07:ae:53:dc:a0:dd:e9:
01:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0A:FC:26:7E:88:65:F3:E5:BD:68:40:17:76:DB:C3:03:A1:05:C6
X509v3 Authority Key Identifier:
keyid:98:90:1C:7C:FF:D1:9A:4F:EA:78:F7:9B:10:04:99:92:66:DC:C2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJAcfP_Rmk_qePebEASZkmbcwiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/UQr8Jn6IZfPlvWhAF3bbwwOhBcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/mJAcfP_Rmk_qePebEASZkmbcwiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.232.0/22
185.43.232.0/22
193.36.43.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f6:c4:f3:65:36:bf:0b:01:6e:be:b1:d4:fa:d8:80:78:ca:
e5:8e:be:12:7f:f5:3c:f9:74:96:6d:f0:24:a5:e9:ae:2d:81:
50:93:fa:b0:3a:cf:3f:a8:9d:73:51:5f:16:a5:cc:29:53:00:
40:f2:15:0f:c8:a7:e6:fd:ca:ae:de:d6:68:db:f0:b5:78:d6:
57:68:cc:54:86:7e:06:a9:fc:9b:ac:f1:ac:79:58:d3:ac:91:
a7:54:5b:85:10:7e:84:a6:92:4a:e5:12:05:d8:93:8c:51:17:
8d:32:44:f2:ba:8e:5e:d3:89:b9:7e:e8:c2:c9:3b:61:99:0c:
e5:ce:8f:4e:56:77:17:e6:e5:df:68:e1:00:c3:64:50:4e:c8:
26:ce:ce:64:15:4a:05:20:b4:9d:b9:71:60:ef:1b:30:fd:f6:
6b:38:30:f7:6b:66:19:0a:ec:72:33:5b:e3:74:a9:32:53:20:
6d:06:db:db:08:62:b3:83:ce:b5:8f:16:da:8c:b6:c5:8b:20:
5a:e6:12:0e:a1:cd:c5:b5:20:13:6f:97:95:41:ef:1c:8c:0d:
1b:f3:b9:0c:47:0e:c3:94:97:ad:29:fc:a4:06:1b:c8:23:cc:
9d:ca:08:0d:8d:a6:98:2d:22:eb:1e:3e:d9:45:30:59:61:aa:
79:3f:c0:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtyv2hfrNBA0Cs4DIpbGB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTAxYzdjZmZkMTlhNGZlYTc4Zjc5YjEwMDQ5OTkyNjZk
Y2MyMjQwHhcNMjMwMTAxMTQ0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTBhZmMyNjdlODg2NWYzZTViZDY4NDAxNzc2ZGJjMzAzYTEwNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRURE0o6ah8trI3JkE235WCQVHnK
Qn62PXNS2OtIDYpGzyyoiesbBpR60jgwAsZcp+QYAIeP3rapyrJFfvV9Gu4IQsID
ljzJ87otNLXjHqxqv5z7fevdXrEFqlyfdQmDpDEt4w8bg6mSmHB5nsjq7zmT367u
jDNAlZ+b6Px+v2hmI3wdSZ1EfRVMou7q3ozIIzbYcQcNfaNMbVMB3s7tyxfr/B9W
ITQDjSRdOGlTYsNpwzSdw8J0RsPkrrNeX2AF88kXR/JuQvtjbPpiBMu01rAIMnjb
zqAJKwx1CTU7/tGblA4iwCkTzWk3YTYNnYuLAEDd5PWcxgeuU9yg3ekBtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFEK/CZ+iGXz5b1oQBd228MDoQXGMB8GA1UdIwQY
MBaAFJiQHHz/0ZpP6nj3mxAEmZJm3MIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpBY2ZQX1Jta19xZVBlYkVBU1prbWJjd2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9lMjBjOTUtMGY5Mi00NTk4LTk2ZGYt
Y2JjMjc5N2MxZDBhLzEvVVFyOEpuNklaZlBsdldoQUYzYmJ3d09oQmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9lMjBjOTUtMGY5Mi00NTk4LTk2ZGYtY2JjMjc5N2MxZDBh
LzEvbUpBY2ZQX1Jta19xZVBlYkVBU1prbWJjd2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW9LoAwQC
uSvoAwQAwSQrMA0GCSqGSIb3DQEBCwUAA4IBAQBR9sTzZTa/CwFuvrHU+tiAeMrl
jr4Sf/U8+XSWbfAkpemuLYFQk/qwOs8/qJ1zUV8WpcwpUwBA8hUPyKfm/cqu3tZo
2/C1eNZXaMxUhn4GqfybrPGseVjTrJGnVFuFEH6EppJK5RIF2JOMUReNMkTyuo5e
04m5fujCyTthmQzlzo9OVncX5uXfaOEAw2RQTsgmzs5kFUoFILSduXFg7xsw/fZr
ODD3a2YZCuxyM1vjdKkyUyBtBtvbCGKzg861jxbajLbFiyBa5hIOoc3FtSATb5eV
Qe8cjA0b87kMRw7DlJetKfykBhvII8ydyggNjaaYLSLrHj7ZRTBZYap5P8AO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:59 2024 by rpki-client on console-fra.rpki-client.org