Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Uhmz9nAgkik8auWmLuLXlEKOP4Y.roa
File: Uhmz9nAgkik8auWmLuLXlEKOP4Y.roa (raw, json)
Hash identifier: RPdUidVSMbMKAweI6wD1bNaHd4ixO1gnBHekSIuxJVQ=
Subject key identifier: 52:19:B3:F6:70:20:92:29:3C:6A:E5:A6:2E:E2:D7:94:42:8E:3F:86
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185710C2A306C1D09A561AC16734DA44B85
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Uhmz9nAgkik8auWmLuLXlEKOP4Y.roa
Signing time: Mon 02 Jan 2023 05:55:00 +0000
ROA not before: Mon 02 Jan 2023 05:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 185.253.123.0/24 maxlen: 24
147.78.204.0/24 maxlen: 24
185.208.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:2a:30:6c:1d:09:a5:61:ac:16:73:4d:a4:4b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 05:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5219b3f6702092293c6ae5a62ee2d794428e3f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:38:2f:8f:25:ad:91:d7:42:50:be:b5:a3:6a:
7a:05:47:b1:88:ff:83:06:d0:ae:32:5a:f7:39:53:
2d:e4:a0:06:5d:10:5d:48:2a:e8:14:c1:7b:87:6d:
8f:fa:c5:03:a2:73:34:63:41:f0:f3:ea:dc:1b:57:
24:13:e0:f7:57:f4:6f:22:06:73:ad:ba:28:67:9e:
ef:dc:28:39:c8:6d:94:54:e2:d9:2d:a2:57:a8:32:
1e:fe:ba:68:05:e7:9e:3e:96:fa:c6:ab:72:b2:84:
bf:0d:28:35:fd:60:07:06:47:4c:58:58:c2:7c:b5:
3c:77:4c:8f:4f:9a:6b:5d:3d:40:5d:92:a4:0d:73:
cc:5a:14:e1:ba:50:2c:3a:98:49:bb:79:78:4a:8e:
61:a9:aa:ac:40:e6:ab:70:d8:8d:cf:e4:b7:a3:9d:
d2:7a:bf:a0:92:7b:9c:a9:ea:6e:08:82:7d:5c:7d:
91:52:10:65:07:8b:b0:8e:1f:c3:cc:e0:5a:44:ab:
22:3b:2a:00:0c:27:eb:2e:bf:cf:c0:19:07:14:23:
8b:c7:ef:63:69:fb:07:87:a5:dd:a4:b3:fe:26:f5:
d8:99:aa:fa:c4:7b:81:43:bd:b3:72:16:9c:f1:a5:
45:45:c9:d4:b9:1b:90:ec:e1:5b:ba:cd:b1:a7:af:
57:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:19:B3:F6:70:20:92:29:3C:6A:E5:A6:2E:E2:D7:94:42:8E:3F:86
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Uhmz9nAgkik8auWmLuLXlEKOP4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.204.0/24
185.208.155.0/24
185.253.123.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:33:54:14:0d:9e:b5:9b:9f:63:62:0a:a5:24:d9:2e:f4:97:
14:78:06:70:9d:68:59:ed:7d:e1:7a:89:b7:b8:54:f4:dd:60:
d7:fe:2a:69:37:f6:fc:8a:64:2e:81:30:fa:00:64:ec:61:09:
85:24:5e:be:37:37:af:24:4a:a6:08:57:4b:c6:34:61:20:cd:
e8:69:1b:1c:40:48:89:9b:d2:1e:f1:68:54:d6:9d:b9:b0:b4:
78:2e:9e:f8:bc:b9:c6:30:46:dd:79:47:b4:b9:6c:fb:9f:0b:
e6:1c:49:f7:b9:8d:fc:a3:f0:be:6c:8b:ce:eb:33:d1:2a:98:
85:8c:e3:8a:c3:37:b2:ee:81:a0:98:00:e4:f0:2d:6e:e5:c8:
53:bb:56:15:26:5f:b5:31:fd:de:e4:a2:74:05:51:ed:8f:a7:
d0:04:1c:73:43:df:92:1d:9e:b1:11:47:e1:2a:8d:fd:49:02:
94:d8:70:d1:ab:1f:6c:49:40:93:b2:72:40:80:06:4c:ea:9d:
cd:05:f5:02:35:a6:3c:9e:13:c5:d0:8d:cf:b8:6d:cd:0b:97:
a6:6e:59:90:99:8c:05:24:de:ef:ca:8d:dd:39:2d:26:b0:ef:
99:a4:f1:d7:fe:8f:e9:48:91:8f:9a:c9:0b:2c:9b:62:99:40:
8d:a1:76:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxDCowbB0JpWGsFnNNpEuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE5YjNmNjcwMjA5MjI5M2M2YWU1YTYyZWUyZDc5NDQyOGUzZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujgvjyWtkddCUL61o2p6BUexiP+D
BtCuMlr3OVMt5KAGXRBdSCroFMF7h22P+sUDonM0Y0Hw8+rcG1ckE+D3V/RvIgZz
rbooZ57v3Cg5yG2UVOLZLaJXqDIe/rpoBeeePpb6xqtysoS/DSg1/WAHBkdMWFjC
fLU8d0yPT5prXT1AXZKkDXPMWhThulAsOphJu3l4So5hqaqsQOarcNiNz+S3o53S
er+gknucqepuCIJ9XH2RUhBlB4uwjh/DzOBaRKsiOyoADCfrLr/PwBkHFCOLx+9j
afsHh6XdpLP+JvXYmar6xHuBQ72zchac8aVFRcnUuRuQ7OFbus2xp69XrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFIZs/ZwIJIpPGrlpi7i15RCjj+GMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvVWhtejluQWdraWs4YXVXbUx1TFhsRUtPUDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAk07MAwQA
udCbAwQAuf17MA0GCSqGSIb3DQEBCwUAA4IBAQA+M1QUDZ61m59jYgqlJNku9JcU
eAZwnWhZ7X3heom3uFT03WDX/ippN/b8imQugTD6AGTsYQmFJF6+NzevJEqmCFdL
xjRhIM3oaRscQEiJm9Ie8WhU1p25sLR4Lp74vLnGMEbdeUe0uWz7nwvmHEn3uY38
o/C+bIvO6zPRKpiFjOOKwzey7oGgmADk8C1u5chTu1YVJl+1Mf3e5KJ0BVHtj6fQ
BBxzQ9+SHZ6xEUfhKo39SQKU2HDRqx9sSUCTsnJAgAZM6p3NBfUCNaY8nhPF0I3P
uG3NC5emblmQmYwFJN7vyo3dOS0msO+ZpPHX/o/pSJGPmskLLJtimUCNoXa+
-----END CERTIFICATE-----
Generated at Sat Sep 2 15:56:44 2023 by rpki-client on console-fra.rpki-client.org