Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UCHY3pg4_KLDanZJVReUM9yYWXM.roa
File: UCHY3pg4_KLDanZJVReUM9yYWXM.roa (raw, json)
Hash identifier: wm6CnWmTJWMSQTtjoQFsdNTndprDMtAkHcWFywxpVAA=
Subject key identifier: 50:21:D8:DE:98:38:FC:A2:C3:6A:76:49:55:17:94:33:DC:98:59:73
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C1949B3806B1DF3A6E702AD0F0CBB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UCHY3pg4_KLDanZJVReUM9yYWXM.roa
Signing time: Mon 02 Jan 2023 05:54:56 +0000
ROA not before: Mon 02 Jan 2023 05:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15440
IP address blocks: 91.103.255.0/24 maxlen: 24
176.118.198.0/24 maxlen: 24
185.40.6.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:19:49:b3:80:6b:1d:f3:a6:e7:02:ad:0f:0c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5021d8de9838fca2c36a764955179433dc985973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cd:30:35:20:46:8d:1a:56:5a:17:32:b7:d0:
46:f6:c1:f2:e6:53:d6:9a:06:fb:8b:f0:ac:7d:31:
18:ff:e7:90:27:e0:8d:09:f2:b9:04:f3:cc:b8:6e:
50:14:4a:8e:07:ea:e1:14:d7:5a:da:d5:38:08:4a:
b2:aa:af:e9:34:28:86:8d:a4:ae:0b:1d:b2:db:41:
6a:28:94:cc:32:24:cd:7c:92:d3:6e:12:94:a6:cd:
78:a7:0d:31:f5:a9:71:d9:1c:19:87:7d:35:99:b7:
2f:1c:9d:7e:4e:ec:67:3d:11:c0:82:96:e0:86:f9:
62:c3:e4:44:eb:0c:ac:9d:c0:a1:02:58:a8:35:38:
cd:81:f2:64:cd:72:6f:bf:7a:29:62:29:78:cf:c9:
9d:40:9a:a1:72:d8:a2:b1:1d:c9:0e:dc:f3:7a:aa:
ac:a8:ec:0f:ec:2b:e2:dc:54:90:4c:c2:b7:87:01:
ee:ae:48:1d:32:b2:0a:73:3d:1f:83:3c:60:82:21:
81:4c:7b:c0:75:3b:e6:8e:a5:53:93:8b:8a:1e:c1:
0f:fb:1a:cf:3f:2a:a5:1c:25:52:f1:04:e1:fa:9d:
6d:7c:cf:1b:1d:d0:fe:df:b1:4b:b0:e6:c1:7c:5b:
95:79:59:46:22:65:77:a9:52:54:ba:db:d2:ce:65:
d0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:21:D8:DE:98:38:FC:A2:C3:6A:76:49:55:17:94:33:DC:98:59:73
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UCHY3pg4_KLDanZJVReUM9yYWXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.255.0/24
176.118.198.0/24
185.40.6.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:74:f3:3f:30:5c:54:79:f7:fb:74:7f:cb:aa:6d:5b:c1:f9:
8f:59:5a:19:67:62:72:0b:c0:99:f6:e5:37:af:53:c8:a8:fa:
24:d0:24:6e:04:81:40:18:b1:13:d3:38:20:f3:b0:c0:08:da:
de:51:6f:d7:2b:49:d8:81:2f:5e:f2:58:89:a9:0d:af:98:94:
c8:4e:e5:0f:a7:f4:71:69:0c:16:62:2b:3c:c1:c9:00:e6:88:
1d:1c:7f:04:ac:d7:48:d0:df:8f:fe:8f:b8:83:d9:4b:42:ef:
3f:6b:4c:f4:14:8d:6f:64:c6:8d:63:74:99:69:95:4a:42:a9:
da:98:34:c1:a8:ef:75:d0:34:f2:4f:a5:b8:de:de:93:d6:b3:
5e:26:70:4d:41:4e:75:33:9f:7b:4f:ed:25:ed:87:ce:6f:d9:
19:ea:29:ff:92:36:48:33:78:c2:d7:44:0c:81:3c:8c:40:d5:
71:8c:09:eb:54:8b:7d:8b:d6:42:3c:0f:33:44:87:00:6f:f7:
93:4e:c1:4e:3b:5e:7f:78:e4:c7:c9:2f:44:1c:59:7d:29:48:
af:cf:2b:04:4f:79:da:4c:f9:84:6a:dd:82:f3:25:14:03:55:
ea:0e:d1:02:b2:10:bd:6b:bf:4a:63:9e:81:9a:42:9d:54:57:
4a:4e:9a:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxDBlJs4BrHfOm5wKtDwy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDIxZDhkZTk4MzhmY2EyYzM2YTc2NDk1NTE3OTQzM2RjOTg1OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk80wNSBGjRpWWhcyt9BG9sHy5lPW
mgb7i/CsfTEY/+eQJ+CNCfK5BPPMuG5QFEqOB+rhFNda2tU4CEqyqq/pNCiGjaSu
Cx2y20FqKJTMMiTNfJLTbhKUps14pw0x9alx2RwZh301mbcvHJ1+TuxnPRHAgpbg
hvliw+RE6wysncChAlioNTjNgfJkzXJvv3opYil4z8mdQJqhctiisR3JDtzzeqqs
qOwP7Cvi3FSQTMK3hwHurkgdMrIKcz0fgzxggiGBTHvAdTvmjqVTk4uKHsEP+xrP
PyqlHCVS8QTh+p1tfM8bHdD+37FLsObBfFuVeVlGImV3qVJUutvSzmXQmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFAh2N6YOPyiw2p2SVUXlDPcmFlzMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVUNIWTNwZzRfS0xEYW5aSlZSZVVNOXlZV1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW2f/AwQA
sHbGAwQAuSgGMA0GCSqGSIb3DQEBCwUAA4IBAQCzdPM/MFxUeff7dH/Lqm1bwfmP
WVoZZ2JyC8CZ9uU3r1PIqPok0CRuBIFAGLET0zgg87DACNreUW/XK0nYgS9e8liJ
qQ2vmJTITuUPp/RxaQwWYis8wckA5ogdHH8ErNdI0N+P/o+4g9lLQu8/a0z0FI1v
ZMaNY3SZaZVKQqnamDTBqO910DTyT6W43t6T1rNeJnBNQU51M597T+0l7YfOb9kZ
6in/kjZIM3jC10QMgTyMQNVxjAnrVIt9i9ZCPA8zRIcAb/eTTsFOO15/eOTHyS9E
HFl9KUivzysET3naTPmEat2C8yUUA1XqDtECshC9a79KY56BmkKdVFdKTppG
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:23 2024 by rpki-client on console-ams.rpki-client.org