Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uGI9GDCHcGfNGY01lgE_VfbHd0w.roa
File: uGI9GDCHcGfNGY01lgE_VfbHd0w.roa (raw, json)
Hash identifier: klJlFe/EhbK5xrl85Su2xx+C0ZffFPE7ZWeZdSUvS00=
Subject key identifier: B8:62:3D:18:30:87:70:67:CD:19:8D:35:96:01:3F:55:F6:C7:77:4C
Certificate issuer: /CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Certificate serial: 01890B26295306B9C0DCDAE3B7359F0D9769
Authority key identifier: F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uGI9GDCHcGfNGY01lgE_VfbHd0w.roa
Signing time: Fri 30 Jun 2023 07:13:17 +0000
ROA not before: Fri 30 Jun 2023 07:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39923
IP address blocks: 185.58.96.0/22 maxlen: 22
185.35.164.0/22 maxlen: 22
195.189.202.0/23 maxlen: 23
194.146.23.0/24 maxlen: 24
185.111.204.0/22 maxlen: 22
185.111.204.0/24 maxlen: 24
185.111.205.0/24 maxlen: 24
185.111.206.0/24 maxlen: 24
194.145.127.0/24 maxlen: 24
109.68.160.0/21 maxlen: 21
109.68.164.0/24 maxlen: 24
91.238.219.0/24 maxlen: 24
2a02:2a08::/32 maxlen: 32
2a04:6480::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:26:29:53:06:b9:c0:dc:da:e3:b7:35:9f:0d:97:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Validity
Not Before: Jun 30 07:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8623d1830877067cd198d3596013f55f6c7774c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:26:c4:9e:f6:86:95:9e:36:07:33:c4:31:03:
de:e6:02:fd:a1:1c:ec:8b:24:7e:93:49:4d:ec:69:
5d:0b:ca:ae:8a:f3:2c:27:7c:1a:43:69:c7:dc:29:
82:9a:9c:53:00:1f:7d:82:4a:36:16:9c:5e:b3:5a:
0e:32:0c:98:a4:32:e8:bb:e0:4f:dd:b7:bc:d6:e0:
e8:cf:62:96:ae:de:62:dd:b1:71:e6:b7:2c:8e:ee:
66:ca:91:2a:b9:0a:89:45:1f:88:2e:10:0a:64:24:
f1:dd:47:7e:61:c8:4b:0e:dc:56:bb:0a:22:b1:d7:
13:27:ed:d3:98:ec:2d:d8:6b:18:f3:3d:64:9f:be:
95:8d:a5:c6:08:82:25:df:a8:e6:29:5b:b9:67:f0:
73:7c:62:6a:a8:ee:0b:6b:70:ba:aa:75:47:ca:81:
9c:af:7d:d8:e2:f5:ac:81:cf:22:7d:ce:a2:b5:1c:
a9:af:47:f9:63:f0:d5:c3:0f:29:7a:eb:f1:bb:d0:
ff:99:02:af:1a:6e:af:53:4c:4a:fb:1f:6a:34:13:
97:8a:03:b3:fd:6b:4d:a7:0c:81:cf:b3:18:ed:03:
26:1b:ac:87:be:10:b7:19:f5:55:6f:ca:30:99:c6:
68:3a:bb:f6:47:67:51:b5:77:1d:ab:39:da:da:16:
00:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:62:3D:18:30:87:70:67:CD:19:8D:35:96:01:3F:55:F6:C7:77:4C
X509v3 Authority Key Identifier:
keyid:F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uGI9GDCHcGfNGY01lgE_VfbHd0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/8Q057dsAjRuJ35dBlg2_IET2V_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.219.0/24
109.68.160.0/21
185.35.164.0/22
185.58.96.0/22
185.111.204.0/22
194.145.127.0/24
194.146.23.0/24
195.189.202.0/23
IPv6:
2a02:2a08::/32
2a04:6480::/29
Signature Algorithm: sha256WithRSAEncryption
3b:80:78:70:e7:d5:73:2d:9f:cb:a8:04:7b:27:de:b6:d0:38:
32:1e:b2:a8:90:c2:81:e1:49:ea:ff:44:5c:21:de:68:88:61:
77:0c:26:42:08:e0:da:8e:87:72:c3:b4:fc:11:4c:a7:14:cf:
c7:e8:a6:a4:05:69:31:b0:10:5d:f1:7c:fb:0d:fe:8c:24:33:
81:6b:8e:61:39:2a:08:b2:cf:6a:bc:8a:21:fc:c7:df:34:ae:
72:5f:ab:f5:f1:90:4b:e5:6d:e8:d4:a8:0a:95:84:01:b2:42:
65:8b:9a:53:ca:8b:13:8f:c6:0a:a8:b7:1e:a8:19:b9:e8:5a:
be:84:06:eb:8f:84:25:fc:a0:2c:30:aa:d7:22:f7:40:27:53:
e9:0a:7c:bd:33:e8:fc:6c:9d:a7:fc:17:cd:e9:30:eb:18:5f:
f1:04:d8:d5:fb:3d:2e:68:1e:47:94:dc:79:d7:ab:6c:e7:ee:
6c:b4:b4:e8:9a:df:28:c3:d3:4b:39:4e:6a:bb:2b:bd:b0:96:
7a:27:8e:d8:71:41:b4:06:7e:c9:00:3d:4d:2f:fe:5b:36:e4:
fe:b1:8e:c0:48:ae:8a:30:8e:b3:b8:b7:4b:99:25:a1:b0:7c:
91:a1:ad:95:09:97:22:dc:61:95:99:c5:89:a8:f1:b7:35:a9:
f8:9e:cc:d7
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYkLJilTBrnA3NrjtzWfDZdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMGQzOWVkZGIwMDhkMWI4OWRmOTc0MTk2MGRiZjIwNDRm
NjU3ZmIwHhcNMjMwNjMwMDcxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODYyM2QxODMwODc3MDY3Y2QxOThkMzU5NjAxM2Y1NWY2Yzc3NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtibEnvaGlZ42BzPEMQPe5gL9oRzs
iyR+k0lN7GldC8quivMsJ3waQ2nH3CmCmpxTAB99gko2Fpxes1oOMgyYpDLou+BP
3be81uDoz2KWrt5i3bFx5rcsju5mypEquQqJRR+ILhAKZCTx3Ud+YchLDtxWuwoi
sdcTJ+3TmOwt2GsY8z1kn76VjaXGCIIl36jmKVu5Z/BzfGJqqO4La3C6qnVHyoGc
r33Y4vWsgc8ifc6itRypr0f5Y/DVww8peuvxu9D/mQKvGm6vU0xK+x9qNBOXigOz
/WtNpwyBz7MY7QMmG6yHvhC3GfVVb8owmcZoOrv2R2dRtXcdqzna2hYA1QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLhiPRgwh3BnzRmNNZYBP1X2x3dMMB8GA1UdIwQY
MBaAFPENOe3bAI0bid+XQZYNvyBE9lf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUt
ZjU2MmI4OTc0ZDhiLzEvdUdJOUdEQ0hjR2ZOR1kwMWxnRV9WZmJIZDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUtZjU2MmI4OTc0ZDhi
LzEvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAW+7bAwQD
bUSgAwQCuSOkAwQCuTpgAwQCuW/MAwQAwpF/AwQAwpIXAwQBw73KMBQEAgACMA4D
BQAqAioIAwUDKgRkgDANBgkqhkiG9w0BAQsFAAOCAQEAO4B4cOfVcy2fy6gEeyfe
ttA4Mh6yqJDCgeFJ6v9EXCHeaIhhdwwmQgjg2o6HcsO0/BFMpxTPx+impAVpMbAQ
XfF8+w3+jCQzgWuOYTkqCLLParyKIfzH3zSucl+r9fGQS+Vt6NSoCpWEAbJCZYua
U8qLE4/GCqi3HqgZuehavoQG64+EJfygLDCq1yL3QCdT6Qp8vTPo/Gydp/wXzekw
6xhf8QTY1fs9LmgeR5TcederbOfubLS06JrfKMPTSzlOarsrvbCWeieO2HFBtAZ+
yQA9TS/+Wzbk/rGOwEiuijCOs7i3S5klobB8kaGtlQmXItxhlZnFiajxtzWp+J7M
1w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:48 2024 by rpki-client on console-ams.rpki-client.org