Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/uUA8GKPt-iNiwxy5ERpY4SJJwzc.roa
File: uUA8GKPt-iNiwxy5ERpY4SJJwzc.roa (raw, json)
Hash identifier: kit5gOPh4PvCWd31ytQIpaRSnNtUpj8hZt4/Qkqo3sE=
Subject key identifier: B9:40:3C:18:A3:ED:FA:23:62:C3:1C:B9:11:1A:58:E1:22:49:C3:37
Certificate issuer: /CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Certificate serial: 0189F446CD1A080D830175DACE47795932E0
Authority key identifier: 1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/uUA8GKPt-iNiwxy5ERpY4SJJwzc.roa
Signing time: Mon 14 Aug 2023 13:40:28 +0000
ROA not before: Mon 14 Aug 2023 13:40:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39356
IP address blocks: 164.215.106.0/24 maxlen: 24
164.215.110.0/24 maxlen: 24
164.215.108.0/24 maxlen: 24
185.68.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:46:cd:1a:08:0d:83:01:75:da:ce:47:79:59:32:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Validity
Not Before: Aug 14 13:40:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9403c18a3edfa2362c31cb9111a58e12249c337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:56:92:09:aa:a6:c5:aa:98:01:0e:3c:54:10:
1f:79:ef:b8:51:29:99:b2:f9:3c:65:cf:b7:0d:e9:
91:5b:b6:e6:24:0c:bf:8a:0f:ba:84:6d:20:e3:19:
8c:4c:2b:48:b1:0a:6e:c4:ad:66:45:fd:cd:83:61:
9d:a2:b3:74:38:73:81:fe:a1:a5:26:59:20:d7:f3:
06:8d:f7:6a:34:12:cd:6f:c1:ed:fc:b9:0b:36:ce:
bb:ca:78:26:49:a2:42:8f:79:45:5c:3d:1a:f4:7d:
28:c8:c2:3a:ea:c5:34:80:03:18:dd:b9:c2:b4:50:
65:64:d3:94:21:30:78:26:3b:88:dd:72:70:9e:94:
d3:2a:40:62:14:d7:80:47:ec:d2:0f:68:ea:f8:52:
10:c2:cf:19:e3:aa:7a:4f:05:64:d2:01:9a:c0:34:
ba:e4:15:1f:5d:cc:17:c9:56:36:6f:4c:dd:11:a4:
79:de:03:a3:18:ff:f2:48:3d:49:9b:36:52:51:d3:
54:26:0e:47:ac:f6:5d:2d:f5:62:c3:91:25:bf:bc:
38:b4:c5:9b:7a:d5:ae:92:7e:93:b2:0d:a4:e1:2c:
43:c6:c9:1f:37:69:8d:20:ca:6c:12:74:5d:91:6c:
fb:a3:ee:c7:02:f2:90:cd:a1:7c:e7:c6:1e:7b:ea:
57:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:40:3C:18:A3:ED:FA:23:62:C3:1C:B9:11:1A:58:E1:22:49:C3:37
X509v3 Authority Key Identifier:
keyid:1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/uUA8GKPt-iNiwxy5ERpY4SJJwzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.215.106.0/24
164.215.108.0/24
164.215.110.0/24
185.68.232.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:14:78:a8:d3:9c:4f:88:21:3c:f3:c1:e5:87:0b:a0:39:bb:
e5:00:3e:04:d5:87:07:c5:bc:f3:a5:73:e0:7e:44:30:a6:ee:
1b:f3:55:3b:ca:99:8b:1b:55:de:cd:e6:ac:7a:9d:8e:59:a3:
3c:0e:c8:aa:9d:44:49:17:d1:b6:af:bc:cb:e3:db:c9:61:ff:
ca:f8:ed:2a:68:f6:98:8d:9b:13:9d:fd:8c:a1:37:2d:43:27:
2a:d6:30:b0:41:f3:90:b1:d0:4a:78:37:8f:5e:9f:16:ba:7f:
8e:09:92:1d:7f:20:4b:7a:00:7f:e7:d5:4b:bc:da:9b:a3:4c:
92:d8:5e:ee:47:69:7b:a6:f1:81:24:7e:4e:7b:e7:ba:31:f8:
32:17:b8:4d:12:90:62:5c:35:5c:26:90:af:fe:3e:dc:c5:82:
3b:c9:0b:8d:ee:9c:af:cb:94:e5:78:49:dc:7e:44:d5:fc:9d:
ff:0d:7d:fd:5f:ca:2a:f5:82:e5:4c:19:f0:d8:e2:00:50:d4:
d3:fe:5e:21:92:ba:ba:93:f7:50:29:70:4a:f0:88:f9:3e:80:
c9:94:93:f7:e5:39:a0:98:be:19:0c:08:1c:b7:82:ab:eb:18:
2a:23:ad:0e:aa:84:52:a4:53:fa:c6:ab:2f:a5:07:6e:69:47:
45:4e:0e:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYn0Rs0aCA2DAXXazkd5WTLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNjViN2I3Yjg5OGZhYWVlNzA3NjdkMDk3MTVjNDM2YTgz
ZmNkYzIwHhcNMjMwODE0MTM0MDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTQwM2MxOGEzZWRmYTIzNjJjMzFjYjkxMTFhNThlMTIyNDljMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVaSCaqmxaqYAQ48VBAfee+4USmZ
svk8Zc+3DemRW7bmJAy/ig+6hG0g4xmMTCtIsQpuxK1mRf3Ng2GdorN0OHOB/qGl
Jlkg1/MGjfdqNBLNb8Ht/LkLNs67yngmSaJCj3lFXD0a9H0oyMI66sU0gAMY3bnC
tFBlZNOUITB4JjuI3XJwnpTTKkBiFNeAR+zSD2jq+FIQws8Z46p6TwVk0gGawDS6
5BUfXcwXyVY2b0zdEaR53gOjGP/ySD1JmzZSUdNUJg5HrPZdLfViw5Elv7w4tMWb
etWukn6Tsg2k4SxDxskfN2mNIMpsEnRdkWz7o+7HAvKQzaF858Yee+pXpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLlAPBij7fojYsMcuREaWOEiScM3MB8GA1UdIwQY
MBaAFB1lt7e4mPqu5wdn0JcVxDaoP83CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUt
OGZjMzczNzU3Njg0LzEvdVVBOEdLUHQtaU5pd3h5NUVScFk0U0pKd3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUtOGZjMzczNzU3Njg0
LzEvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQApNdqAwQA
pNdsAwQApNduAwQAuUToMA0GCSqGSIb3DQEBCwUAA4IBAQCPFHio05xPiCE888Hl
hwugObvlAD4E1YcHxbzzpXPgfkQwpu4b81U7ypmLG1Xezeasep2OWaM8DsiqnURJ
F9G2r7zL49vJYf/K+O0qaPaYjZsTnf2MoTctQycq1jCwQfOQsdBKeDePXp8Wun+O
CZIdfyBLegB/59VLvNqbo0yS2F7uR2l7pvGBJH5Oe+e6MfgyF7hNEpBiXDVcJpCv
/j7cxYI7yQuN7pyvy5TleEncfkTV/J3/DX39X8oq9YLlTBnw2OIAUNTT/l4hkrq6
k/dQKXBK8Ij5PoDJlJP35TmgmL4ZDAgct4Kr6xgqI60OqoRSpFP6xqsvpQduaUdF
Tg4d
-----END CERTIFICATE-----
Generated at Tue Aug 22 08:21:50 2023 by rpki-client on console-ams.rpki-client.org