Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e177f7-6348-4744-ad9c-76189bd4a040/1/cUW8Cgy22yVOIsf5aq1bDTUMPNg.roa
File: cUW8Cgy22yVOIsf5aq1bDTUMPNg.roa (raw, json)
Hash identifier: a8g0EmROfg0IilI/VwIedrovDJNfVUIbzcSMS9Qfkk0=
Subject key identifier: 71:45:BC:0A:0C:B6:DB:25:4E:22:C7:F9:6A:AD:5B:0D:35:0C:3C:D8
Certificate issuer: /CN=e86360db81f505c5e9a9b5ad10a81c64f4a85bd2
Certificate serial: 0185709E039EE585D80DAF5222A847B3BFB9
Authority key identifier: E8:63:60:DB:81:F5:05:C5:E9:A9:B5:AD:10:A8:1C:64:F4:A8:5B:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6GNg24H1BcXpqbWtEKgcZPSoW9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/e177f7-6348-4744-ad9c-76189bd4a040/1/cUW8Cgy22yVOIsf5aq1bDTUMPNg.roa
Signing time: Mon 02 Jan 2023 03:54:41 +0000
ROA not before: Mon 02 Jan 2023 03:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202382
IP address blocks: 194.62.200.0/22 maxlen: 24
185.152.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:9e:03:9e:e5:85:d8:0d:af:52:22:a8:47:b3:bf:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e86360db81f505c5e9a9b5ad10a81c64f4a85bd2
Validity
Not Before: Jan 2 03:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7145bc0a0cb6db254e22c7f96aad5b0d350c3cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:10:0b:14:87:34:ba:62:b7:16:b9:a2:f4:3a:
3c:82:8e:27:99:87:e8:7c:08:ae:73:19:fe:54:95:
87:c7:8a:0b:93:48:44:67:db:8a:d7:df:de:cb:ef:
d3:25:1f:2e:a6:dc:ff:aa:91:d4:21:46:9b:39:51:
86:24:cf:92:b7:22:49:c9:1d:f8:e9:5f:c4:70:4d:
00:2e:23:c6:f0:76:db:79:c5:63:fc:d3:73:c2:d9:
77:a5:c6:1b:30:e6:7b:3d:79:3d:dc:23:2c:f0:95:
c7:b9:34:d3:36:1d:56:da:d2:b4:94:34:ca:cb:c8:
b9:6f:c7:82:03:92:21:4a:1e:a2:03:ec:1c:1d:4e:
47:90:cf:db:f1:cf:f0:74:9c:a4:c3:9e:9a:5c:6a:
20:9c:bc:43:9c:0c:63:18:c9:57:8e:82:7e:16:75:
39:63:94:6a:01:8e:19:2f:91:62:4c:b2:cf:b2:df:
dd:80:3a:37:1b:24:ab:e6:42:a2:bb:f4:06:89:fe:
5f:ae:a1:f4:e5:20:40:07:ff:16:a1:e0:b6:56:2b:
21:75:4d:be:6b:7b:cf:69:71:6c:76:87:45:9a:e7:
48:29:97:79:56:53:68:e7:74:98:83:a0:0f:49:07:
1e:40:10:b7:9f:b0:d0:e3:07:02:cf:72:52:8b:b8:
de:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:45:BC:0A:0C:B6:DB:25:4E:22:C7:F9:6A:AD:5B:0D:35:0C:3C:D8
X509v3 Authority Key Identifier:
keyid:E8:63:60:DB:81:F5:05:C5:E9:A9:B5:AD:10:A8:1C:64:F4:A8:5B:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6GNg24H1BcXpqbWtEKgcZPSoW9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e177f7-6348-4744-ad9c-76189bd4a040/1/cUW8Cgy22yVOIsf5aq1bDTUMPNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e177f7-6348-4744-ad9c-76189bd4a040/1/6GNg24H1BcXpqbWtEKgcZPSoW9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.252.0/22
194.62.200.0/22
Signature Algorithm: sha256WithRSAEncryption
29:46:48:63:15:f7:e5:a1:d2:b1:a9:92:68:8a:b1:2a:80:a0:
d5:c5:6c:f4:4c:a1:11:c9:cf:58:26:dc:26:ca:4d:de:07:d6:
92:7a:89:55:be:9a:ab:46:00:01:e4:5d:9e:f9:0f:fe:a3:54:
ad:26:7f:69:ac:1f:ea:6c:d7:6d:f7:31:e5:cd:98:c3:df:ff:
8e:41:60:8d:80:18:a5:8a:3c:e1:d8:01:ec:6d:c4:77:db:0b:
55:3c:fb:33:bd:53:27:e8:b3:c0:29:89:80:e4:1a:9e:c6:0a:
5e:46:6a:13:93:79:f5:a6:bd:00:de:f8:8f:c9:ba:56:3d:40:
ce:d5:bc:29:dc:c9:3c:7a:ad:86:ff:73:a6:af:0d:4e:bc:8b:
98:af:67:94:ad:3c:46:bb:e1:11:d8:50:e5:dc:5e:a7:4b:a8:
ca:0e:d6:9e:e0:8b:64:21:5c:d3:cd:0c:3c:d5:24:f3:14:b3:
9a:9a:a3:1e:45:01:58:da:63:77:20:da:d8:cb:d1:31:6d:89:
3b:77:25:49:10:23:b6:18:5d:0e:39:08:85:1f:13:12:0a:87:
0f:e2:01:57:79:4e:af:73:cc:1c:fe:8c:b8:4f:26:3e:5c:39:
38:ac:6c:8a:78:bf:60:ff:bc:5c:d2:5e:19:e5:d5:b5:97:98:
0d:01:e1:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwngOe5YXYDa9SIqhHs7+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NjM2MGRiODFmNTA1YzVlOWE5YjVhZDEwYTgxYzY0ZjRh
ODViZDIwHhcNMjMwMTAyMDM1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQ1YmMwYTBjYjZkYjI1NGUyMmM3Zjk2YWFkNWIwZDM1MGMzY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRALFIc0umK3Frmi9Do8go4nmYfo
fAiucxn+VJWHx4oLk0hEZ9uK19/ey+/TJR8uptz/qpHUIUabOVGGJM+StyJJyR34
6V/EcE0ALiPG8HbbecVj/NNzwtl3pcYbMOZ7PXk93CMs8JXHuTTTNh1W2tK0lDTK
y8i5b8eCA5IhSh6iA+wcHU5HkM/b8c/wdJykw56aXGognLxDnAxjGMlXjoJ+FnU5
Y5RqAY4ZL5FiTLLPst/dgDo3GySr5kKiu/QGif5frqH05SBAB/8WoeC2VishdU2+
a3vPaXFsdodFmudIKZd5VlNo53SYg6APSQceQBC3n7DQ4wcCz3JSi7je+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHFFvAoMttslTiLH+WqtWw01DDzYMB8GA1UdIwQY
MBaAFOhjYNuB9QXF6am1rRCoHGT0qFvSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkdOZzI0SDFCY1hwcWJXdEVLZ2NaUFNvVzlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMTc3ZjctNjM0OC00NzQ0LWFkOWMt
NzYxODliZDRhMDQwLzEvY1VXOENneTIyeVZPSXNmNWFxMWJEVFVNUE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMTc3ZjctNjM0OC00NzQ0LWFkOWMtNzYxODliZDRhMDQw
LzEvNkdOZzI0SDFCY1hwcWJXdEVLZ2NaUFNvVzlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZj8AwQC
wj7IMA0GCSqGSIb3DQEBCwUAA4IBAQApRkhjFfflodKxqZJoirEqgKDVxWz0TKER
yc9YJtwmyk3eB9aSeolVvpqrRgAB5F2e+Q/+o1StJn9prB/qbNdt9zHlzZjD3/+O
QWCNgBilijzh2AHsbcR32wtVPPszvVMn6LPAKYmA5BqexgpeRmoTk3n1pr0A3viP
ybpWPUDO1bwp3Mk8eq2G/3Omrw1OvIuYr2eUrTxGu+ER2FDl3F6nS6jKDtae4Itk
IVzTzQw81STzFLOamqMeRQFY2mN3INrYy9ExbYk7dyVJECO2GF0OOQiFHxMSCocP
4gFXeU6vc8wc/oy4TyY+XDk4rGyKeL9g/7xc0l4Z5dW1l5gNAeF7
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:35 2024 by rpki-client on console-ams.rpki-client.org