Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/uMdfgBCMjHjZezq40vCXTGQvjsA.roa
File: uMdfgBCMjHjZezq40vCXTGQvjsA.roa (raw, json)
Hash identifier: duB6xqJi+jzSd8AcdZm1IRQH/XZB+4Rqsjf+VA7nvCw=
Subject key identifier: B8:C7:5F:80:10:8C:8C:78:D9:7B:3A:B8:D2:F0:97:4C:64:2F:8E:C0
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 0189D57541D6655865A89020936A2B42C1AD
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/uMdfgBCMjHjZezq40vCXTGQvjsA.roa
Signing time: Tue 08 Aug 2023 14:02:58 +0000
ROA not before: Tue 08 Aug 2023 14:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 185.249.55.0/24 maxlen: 24
5.172.176.0/24 maxlen: 24
195.225.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Sep 2023 09:50:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:75:41:d6:65:58:65:a8:90:20:93:6a:2b:42:c1:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: Aug 8 14:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8c75f80108c8c78d97b3ab8d2f0974c642f8ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:98:14:4e:e5:43:2f:64:d5:af:49:6f:0b:18:
78:3d:59:f6:27:5d:f9:9a:48:14:5d:de:c3:a5:2f:
c2:dc:53:6a:1c:0e:8d:15:1a:bd:ec:17:8b:16:94:
fe:3b:9a:4b:59:a3:26:ae:17:b8:72:86:f9:ea:9a:
cf:20:47:eb:4c:70:74:20:f5:8d:50:2b:b9:b8:31:
03:13:43:6a:ba:16:cd:d6:68:6c:20:b3:72:71:a9:
bc:80:72:a1:76:25:39:4a:2b:a0:94:a1:00:37:6a:
f0:49:a8:75:c0:d3:b9:ec:86:68:9f:c4:7a:23:93:
df:8d:69:1e:6f:71:9c:ec:b8:26:8c:c8:8a:f7:b0:
74:ed:5a:b2:1a:52:e0:6d:22:2a:0b:17:4c:06:c2:
1c:c7:65:54:c1:9f:83:fe:cc:f1:8b:7f:fd:5f:62:
03:10:da:68:8d:f2:0e:87:60:d6:22:9e:2b:78:e1:
c8:8b:b5:48:64:6a:14:f1:cf:13:d3:11:e1:be:18:
46:80:24:86:7d:67:5e:31:63:b7:93:e8:2a:3b:ba:
ea:12:52:05:a1:81:88:3b:9b:f8:fe:c0:ec:ea:f8:
ce:a1:f9:60:d4:7a:5c:9c:29:fb:dc:30:b9:ad:2c:
00:9d:f5:a3:e3:0f:1f:ec:88:e3:2b:d9:50:0a:89:
a7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C7:5F:80:10:8C:8C:78:D9:7B:3A:B8:D2:F0:97:4C:64:2F:8E:C0
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/uMdfgBCMjHjZezq40vCXTGQvjsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.176.0/24
185.249.55.0/24
195.225.97.0/24
Signature Algorithm: sha256WithRSAEncryption
17:f1:ef:57:6e:19:ef:02:8c:ec:90:7a:82:cd:3a:57:df:d7:
e3:b0:54:dc:1e:41:c0:c6:19:cf:da:e0:47:a7:a0:b3:86:06:
1a:1f:81:be:e7:9f:41:e7:3e:da:f8:3a:9e:64:77:5f:3e:0f:
66:06:8c:66:d8:3f:3b:7d:c3:0e:b9:d8:59:8a:34:0b:55:4e:
84:e4:80:23:8b:ea:fc:08:ca:72:11:c1:3b:94:f0:7b:de:6c:
a5:e1:86:28:84:1f:a0:cd:04:41:d7:05:61:8a:45:02:b8:92:
9a:45:37:96:c8:86:6f:a0:ab:0f:0e:95:8a:f1:02:cd:4a:9f:
33:f2:a2:7b:56:51:2d:a5:a3:58:cc:88:84:81:4a:56:87:a2:
2c:7d:1e:8a:9b:e7:cb:dc:11:50:fc:f7:db:88:c0:fe:21:27:
d3:e9:03:69:40:9c:40:46:85:51:a3:8f:8d:63:b3:47:2b:0c:
69:45:58:73:06:64:0c:ad:5f:df:39:42:c3:60:7d:77:54:e8:
d4:47:83:72:5c:50:5d:ac:17:bc:d8:bf:eb:9c:36:11:6b:7b:
44:fe:a7:4b:d8:7d:ea:7f:91:1f:6d:fb:46:f0:44:f0:21:7b:
d6:f0:7e:1d:30:c6:ab:31:99:8a:e8:a6:bf:33:31:70:fa:6a:
c6:ac:ff:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnVdUHWZVhlqJAgk2orQsGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjMwODA4MTQwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM3NWY4MDEwOGM4Yzc4ZDk3YjNhYjhkMmYwOTc0YzY0MmY4ZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJgUTuVDL2TVr0lvCxh4PVn2J135
mkgUXd7DpS/C3FNqHA6NFRq97BeLFpT+O5pLWaMmrhe4cob56prPIEfrTHB0IPWN
UCu5uDEDE0NquhbN1mhsILNycam8gHKhdiU5SiuglKEAN2rwSah1wNO57IZon8R6
I5PfjWkeb3Gc7LgmjMiK97B07VqyGlLgbSIqCxdMBsIcx2VUwZ+D/szxi3/9X2ID
ENpojfIOh2DWIp4reOHIi7VIZGoU8c8T0xHhvhhGgCSGfWdeMWO3k+gqO7rqElIF
oYGIO5v4/sDs6vjOoflg1HpcnCn73DC5rSwAnfWj4w8f7IjjK9lQComn/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLjHX4AQjIx42Xs6uNLwl0xkL47AMB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvdU1kZmdCQ01qSGpaZXpxNDB2Q1hUR1F2anNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABaywAwQA
ufk3AwQAw+FhMA0GCSqGSIb3DQEBCwUAA4IBAQAX8e9XbhnvAozskHqCzTpX39fj
sFTcHkHAxhnP2uBHp6CzhgYaH4G+559B5z7a+DqeZHdfPg9mBoxm2D87fcMOudhZ
ijQLVU6E5IAji+r8CMpyEcE7lPB73myl4YYohB+gzQRB1wVhikUCuJKaRTeWyIZv
oKsPDpWK8QLNSp8z8qJ7VlEtpaNYzIiEgUpWh6IsfR6Km+fL3BFQ/PfbiMD+ISfT
6QNpQJxARoVRo4+NY7NHKwxpRVhzBmQMrV/fOULDYH13VOjUR4NyXFBdrBe82L/r
nDYRa3tE/qdL2H3qf5EfbftG8ETwIXvW8H4dMMarMZmK6Ka/MzFw+mrGrP8R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:50 2024 by rpki-client on console-ams.rpki-client.org