Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/dbb5c7-9460-4009-8e7d-1c17d502d4df/1/J7_UI52S-96-v3wpSBR4VE5uV1U.roa
File: J7_UI52S-96-v3wpSBR4VE5uV1U.roa (raw, json)
Hash identifier: /X2l1aMqdNRXeHvveDfRQh2WRGC74bLuTaKKF+Iutas=
Subject key identifier: 27:BF:D4:23:9D:92:FB:DE:BE:BF:7C:29:48:14:78:54:4E:6E:57:55
Certificate issuer: /CN=fa95ecdaa359a6f8355573d39001baa35874bed2
Certificate serial: 018572033B449197BA63F01C7F4B4719E0B8
Authority key identifier: FA:95:EC:DA:A3:59:A6:F8:35:55:73:D3:90:01:BA:A3:58:74:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-pXs2qNZpvg1VXPTkAG6o1h0vtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/dbb5c7-9460-4009-8e7d-1c17d502d4df/1/J7_UI52S-96-v3wpSBR4VE5uV1U.roa
Signing time: Mon 02 Jan 2023 10:24:52 +0000
ROA not before: Mon 02 Jan 2023 10:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60111
IP address blocks: 185.157.116.0/22 maxlen: 22
2a07:a680::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:3b:44:91:97:ba:63:f0:1c:7f:4b:47:19:e0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa95ecdaa359a6f8355573d39001baa35874bed2
Validity
Not Before: Jan 2 10:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27bfd4239d92fbdebebf7c29481478544e6e5755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:64:85:e8:79:0b:b0:e9:1f:c8:2d:c0:80:55:
de:94:a3:53:48:8d:98:d1:a9:94:eb:93:82:4d:0b:
66:a9:2a:8a:27:c5:9f:33:e5:c1:c8:90:8f:d5:84:
02:4e:15:55:52:be:db:f8:bf:e7:27:2c:5c:b4:b4:
a1:14:3d:b0:f6:6c:80:97:33:65:8b:b9:18:74:5e:
20:03:fc:28:ee:a7:10:fb:f1:12:8e:5b:d2:c0:a8:
fb:10:36:17:01:f9:0f:81:4a:18:de:b8:cf:de:d0:
81:43:6c:e0:8e:f9:50:45:46:31:e0:f3:b4:f2:13:
fc:3d:d5:0c:2b:ab:80:76:ae:63:a6:ea:99:57:13:
6f:3f:69:28:4f:b0:8d:79:3a:ad:cf:b4:d2:f3:5d:
71:8c:1a:d9:2c:a2:b0:ec:a9:a9:d5:d8:05:25:8c:
4e:00:ed:1c:2d:eb:d4:0c:53:3b:53:73:84:1a:d0:
0a:a2:c4:59:75:72:b0:b8:89:81:b2:47:5d:f3:9d:
4e:0e:a8:5a:bc:02:0e:c1:d3:c9:1e:cf:3c:e7:4c:
43:e1:c7:6f:9c:7e:7d:60:42:e3:88:7d:8c:f4:e3:
f9:5e:ab:af:1f:4f:2e:e3:5e:41:56:08:93:be:6a:
4f:24:c5:6f:20:92:5a:f6:54:bc:8c:c9:14:8e:83:
27:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BF:D4:23:9D:92:FB:DE:BE:BF:7C:29:48:14:78:54:4E:6E:57:55
X509v3 Authority Key Identifier:
keyid:FA:95:EC:DA:A3:59:A6:F8:35:55:73:D3:90:01:BA:A3:58:74:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-pXs2qNZpvg1VXPTkAG6o1h0vtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/dbb5c7-9460-4009-8e7d-1c17d502d4df/1/J7_UI52S-96-v3wpSBR4VE5uV1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/dbb5c7-9460-4009-8e7d-1c17d502d4df/1/1-pXs2qNZpvg1VXPTkAG6o1h0vtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.116.0/22
IPv6:
2a07:a680::/29
Signature Algorithm: sha256WithRSAEncryption
9d:c2:42:ed:50:d8:ed:0b:ae:d5:47:79:26:84:b4:2e:b8:9b:
88:83:4a:11:a3:fe:c1:64:8a:26:07:87:40:9d:7e:b2:c9:3c:
d2:97:87:53:19:33:cc:ce:3a:2a:b6:a3:9f:7d:00:f3:9b:6b:
21:11:36:93:6d:57:d4:18:bd:a0:45:3e:a8:c3:8a:99:df:c0:
7c:08:c0:fa:a7:74:e3:65:9c:0e:6a:27:b7:d5:f2:02:d0:a3:
8c:71:2e:91:f1:37:79:40:04:8d:b5:dc:2e:64:08:77:f8:6e:
4a:2d:49:ac:e7:1b:a2:db:9f:1a:84:1d:7b:89:95:f5:52:de:
ac:94:18:22:4a:f9:ee:49:6d:aa:49:ed:a9:23:33:99:5b:4b:
83:6e:90:09:50:ee:af:12:c7:20:ab:0c:a6:0c:fc:5d:bd:c0:
aa:85:b8:c6:b8:7b:da:25:15:1f:9d:7f:20:1c:7f:91:84:8b:
13:30:be:0f:ca:dc:6e:07:8b:3b:e7:cf:c4:6b:a7:19:1f:db:
03:71:a8:01:c2:e7:69:af:10:88:d2:4f:8e:ec:da:32:e1:73:
2a:f4:5d:12:ff:90:b6:e5:ed:fe:39:e1:ce:c4:7e:b5:65:7a:
50:f0:91:5e:3e:99:a4:b1:aa:47:5d:11:17:ec:44:d3:6a:e1:
23:b7:50:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyAztEkZe6Y/Acf0tHGeC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhOTVlY2RhYTM1OWE2ZjgzNTU1NzNkMzkwMDFiYWEzNTg3
NGJlZDIwHhcNMjMwMTAyMTAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2JmZDQyMzlkOTJmYmRlYmViZjdjMjk0ODE0Nzg1NDRlNmU1NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWSF6HkLsOkfyC3AgFXelKNTSI2Y
0amU65OCTQtmqSqKJ8WfM+XByJCP1YQCThVVUr7b+L/nJyxctLShFD2w9myAlzNl
i7kYdF4gA/wo7qcQ+/ESjlvSwKj7EDYXAfkPgUoY3rjP3tCBQ2zgjvlQRUYx4PO0
8hP8PdUMK6uAdq5jpuqZVxNvP2koT7CNeTqtz7TS811xjBrZLKKw7Kmp1dgFJYxO
AO0cLevUDFM7U3OEGtAKosRZdXKwuImBskdd851ODqhavAIOwdPJHs8850xD4cdv
nH59YELjiH2M9OP5XquvH08u415BVgiTvmpPJMVvIJJa9lS8jMkUjoMnPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCe/1COdkvvevr98KUgUeFRObldVMB8GA1UdIwQY
MBaAFPqV7NqjWab4NVVz05ABuqNYdL7SMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1wWHMycU5acHZnMVZYUFRrQUc2bzFoMHZ0SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUvZGJiNWM3LTk0NjAtNDAwOS04ZTdk
LTFjMTdkNTAyZDRkZi8xL0o3X1VJNTJTLTk2LXYzd3BTQlI0VkU1dVYxVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmUvZGJiNWM3LTk0NjAtNDAwOS04ZTdkLTFjMTdkNTAyZDRk
Zi8xLzEtcFhzMnFOWnB2ZzFWWFBUa0FHNm8xaDB2dEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5nXQw
DQQCAAIwBwMFAyoHpoAwDQYJKoZIhvcNAQELBQADggEBAJ3CQu1Q2O0LrtVHeSaE
tC64m4iDShGj/sFkiiYHh0CdfrLJPNKXh1MZM8zOOiq2o599APObayERNpNtV9QY
vaBFPqjDipnfwHwIwPqndONlnA5qJ7fV8gLQo4xxLpHxN3lABI213C5kCHf4bkot
SaznG6LbnxqEHXuJlfVS3qyUGCJK+e5JbapJ7akjM5lbS4NukAlQ7q8SxyCrDKYM
/F29wKqFuMa4e9olFR+dfyAcf5GEixMwvg/K3G4Hizvnz8Rrpxkf2wNxqAHC52mv
EIjST47s2jLhcyr0XRL/kLbl7f454c7EfrVlelDwkV4+maSxqkddERfsRNNq4SO3
UFk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:36 2024 by rpki-client on console-ams.rpki-client.org