Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/U0-yYZyOn3mLUBB-SvkP1lTFT54.roa
File: U0-yYZyOn3mLUBB-SvkP1lTFT54.roa (raw, json)
Hash identifier: DEO2nPKhypkufQQrpDeNgVMyQ6P4hYVCJvCdsTS9MZo=
Subject key identifier: 53:4F:B2:61:9C:8E:9F:79:8B:50:10:7E:4A:F9:0F:D6:54:C5:4F:9E
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018704A6683226C20ED3C93E1875108F0B8E
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/U0-yYZyOn3mLUBB-SvkP1lTFT54.roa
Signing time: Tue 21 Mar 2023 14:50:27 +0000
ROA not before: Tue 21 Mar 2023 14:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59631
IP address blocks: 176.121.64.0/21 maxlen: 24
185.83.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:04:a6:68:32:26:c2:0e:d3:c9:3e:18:75:10:8f:0b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Mar 21 14:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=534fb2619c8e9f798b50107e4af90fd654c54f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:14:2e:c9:a6:ec:cd:4d:78:da:33:74:ce:9e:
2a:71:9d:36:53:68:79:7f:d4:c5:d7:6d:eb:b2:91:
f6:58:77:da:7f:f8:ba:88:a5:c6:61:90:81:08:62:
35:6c:52:82:1a:45:f7:85:6e:97:62:cb:64:a7:d9:
ab:a2:de:bb:84:84:5f:84:d9:90:5c:6c:8e:77:fb:
76:b6:ce:73:ad:4a:a9:e8:56:b4:cc:c3:bb:ec:26:
77:ca:d4:1c:0d:ae:e9:59:8c:ee:be:95:86:d4:6a:
a6:8e:6d:39:77:ee:c4:87:92:03:0c:9b:f0:aa:6b:
4d:2c:21:9b:05:60:61:9a:22:1d:96:af:5d:a5:ad:
dc:d3:44:6b:06:40:60:ec:01:03:cc:30:24:c0:9f:
5f:58:b2:14:10:14:ee:f1:13:73:07:62:d2:86:a5:
30:a3:d6:e6:b8:9a:4f:bc:42:d6:e4:b4:ee:04:e0:
46:2d:46:03:eb:71:b8:21:55:21:62:2d:ec:49:39:
99:08:20:cc:22:a8:85:4f:ac:59:fd:e5:9c:0b:86:
f9:5f:9a:83:37:c8:b8:2b:12:b6:cb:5d:6d:14:37:
68:51:b9:41:52:98:c8:6f:6e:ae:65:db:f6:b3:5c:
06:4d:31:28:c5:ec:9f:aa:9f:52:86:b4:51:89:fd:
30:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4F:B2:61:9C:8E:9F:79:8B:50:10:7E:4A:F9:0F:D6:54:C5:4F:9E
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/U0-yYZyOn3mLUBB-SvkP1lTFT54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.64.0/21
185.83.104.0/22
Signature Algorithm: sha256WithRSAEncryption
94:f0:c9:35:ef:f2:ce:ff:89:d9:85:1c:aa:9f:8d:24:ad:d5:
ec:c5:92:07:c3:6a:2b:ec:9f:92:5a:31:8b:76:a3:68:d3:5b:
78:4e:f7:a9:34:9e:a1:de:e1:91:14:70:2e:66:f7:ca:6c:82:
bd:4c:70:19:65:f1:b9:51:3f:e3:3e:75:dd:dc:36:a6:26:e1:
71:dd:a1:ae:f8:69:61:4a:4a:57:31:f2:ff:4e:76:5b:87:56:
ce:c7:4e:91:f5:d1:57:21:db:ee:4c:6e:be:d0:b2:a2:9a:5f:
a5:70:5c:d9:35:c1:08:bd:e7:76:da:64:d9:bf:a2:70:34:35:
ea:28:d4:f7:4b:97:ea:2c:ea:c3:87:31:23:84:c8:11:57:06:
5f:fb:27:80:d2:f5:9b:4f:9f:55:03:e9:44:eb:22:61:a5:71:
25:b0:9a:68:0a:e0:87:b8:52:f6:fe:ea:c7:a0:a1:02:f8:54:
36:1d:03:0a:e9:21:ce:c5:d8:85:ab:3c:70:59:5c:73:7e:5d:
b0:b6:50:98:1c:fd:1a:54:08:7d:2d:0f:01:39:0e:75:53:32:
3a:7c:89:7b:44:9b:fa:e0:0a:2a:30:c9:84:18:35:ee:7e:10:
2d:0b:36:a2:d6:c9:3d:73:cc:4b:ec:c5:11:91:3c:dd:f5:91:
7a:b1:66:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcEpmgyJsIO08k+GHUQjwuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMzIxMTQ1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRmYjI2MTljOGU5Zjc5OGI1MDEwN2U0YWY5MGZkNjU0YzU0ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BQuyabszU142jN0zp4qcZ02U2h5
f9TF123rspH2WHfaf/i6iKXGYZCBCGI1bFKCGkX3hW6XYstkp9mrot67hIRfhNmQ
XGyOd/t2ts5zrUqp6Fa0zMO77CZ3ytQcDa7pWYzuvpWG1Gqmjm05d+7Eh5IDDJvw
qmtNLCGbBWBhmiIdlq9dpa3c00RrBkBg7AEDzDAkwJ9fWLIUEBTu8RNzB2LShqUw
o9bmuJpPvELW5LTuBOBGLUYD63G4IVUhYi3sSTmZCCDMIqiFT6xZ/eWcC4b5X5qD
N8i4KxK2y11tFDdoUblBUpjIb26uZdv2s1wGTTEoxeyfqp9ShrRRif0wCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNPsmGcjp95i1AQfkr5D9ZUxU+eMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvVTAteVlaeU9uM21MVUJCLVN2a1AxbFRGVDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsHlAAwQC
uVNoMA0GCSqGSIb3DQEBCwUAA4IBAQCU8Mk17/LO/4nZhRyqn40krdXsxZIHw2or
7J+SWjGLdqNo01t4TvepNJ6h3uGRFHAuZvfKbIK9THAZZfG5UT/jPnXd3DamJuFx
3aGu+GlhSkpXMfL/TnZbh1bOx06R9dFXIdvuTG6+0LKiml+lcFzZNcEIved22mTZ
v6JwNDXqKNT3S5fqLOrDhzEjhMgRVwZf+yeA0vWbT59VA+lE6yJhpXElsJpoCuCH
uFL2/urHoKEC+FQ2HQMK6SHOxdiFqzxwWVxzfl2wtlCYHP0aVAh9LQ8BOQ51UzI6
fIl7RJv64AoqMMmEGDXufhAtCzai1sk9c8xL7MURkTzd9ZF6sWaS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org