Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/un3fcakfu85AHUmFzWrhnTKNf5I.roa
File: un3fcakfu85AHUmFzWrhnTKNf5I.roa (raw, json)
Hash identifier: ZiRAATRf8V2HOvB5cL4hgquX/QLOBrWvdsRBePnCGVE=
Subject key identifier: BA:7D:DF:71:A9:1F:BB:CE:40:1D:49:85:CD:6A:E1:9D:32:8D:7F:92
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 0185F3D96193263E11F58B3F3A6F991C675F
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/un3fcakfu85AHUmFzWrhnTKNf5I.roa
Signing time: Fri 27 Jan 2023 15:29:47 +0000
ROA not before: Fri 27 Jan 2023 15:29:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 92.240.201.0/24 maxlen: 24
89.185.86.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 15:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:d9:61:93:26:3e:11:f5:8b:3f:3a:6f:99:1c:67:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 27 15:29:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba7ddf71a91fbbce401d4985cd6ae19d328d7f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:48:82:07:2a:5a:0e:99:e4:be:57:1d:fa:12:
9f:9a:0b:64:22:66:f4:fe:81:79:da:79:ff:16:24:
2e:67:c2:26:31:f8:8b:15:f2:b2:24:5e:05:32:db:
e6:f0:c5:a0:d0:7c:8d:4c:1c:2f:54:40:23:ae:49:
d3:37:ba:43:49:3c:e9:ed:b4:5d:f6:0c:57:c5:bc:
fe:90:73:a9:1d:f8:eb:01:23:9e:e8:d0:9d:3c:7b:
ed:b1:58:58:d7:0d:1b:cc:72:ac:c8:08:3e:22:0e:
f3:68:ee:10:28:30:8e:2b:00:64:c2:19:84:09:a6:
90:a4:15:fb:ec:52:a8:54:c6:68:29:72:df:98:f3:
2a:68:e3:59:54:cd:d1:27:b6:91:31:3a:76:91:91:
64:ce:e4:d1:31:3d:0c:23:2d:1b:24:9f:86:08:1e:
3a:88:4c:32:b9:e6:53:b0:13:80:85:8d:0f:a2:af:
fb:d5:eb:c7:fc:19:12:5c:9c:c9:7b:0a:94:99:00:
fc:56:40:b6:9e:55:a5:e5:e6:69:76:cd:7a:a1:d9:
c1:b0:24:b2:c7:3f:74:5e:77:99:de:37:3f:ee:9a:
1b:8b:06:7b:36:29:aa:7a:b5:df:be:f2:36:6a:52:
d5:52:fc:d1:97:f9:7a:a5:69:98:49:1b:fe:91:78:
22:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7D:DF:71:A9:1F:BB:CE:40:1D:49:85:CD:6A:E1:9D:32:8D:7F:92
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/un3fcakfu85AHUmFzWrhnTKNf5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.86.0/23
92.240.201.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:80:99:86:78:81:84:0c:e8:29:21:ce:94:8d:30:86:eb:71:
b2:95:59:ff:19:5f:1d:8b:71:a4:f9:0f:33:51:88:7c:4a:7f:
dc:46:2d:0b:ea:1d:3a:84:56:b2:37:8d:50:46:d5:30:03:58:
fa:5c:7c:83:46:3c:08:44:03:fa:7b:3e:86:d0:fe:27:27:61:
a7:54:0f:63:a8:68:52:40:9d:ff:77:47:0a:e9:7b:5d:68:4f:
e3:05:70:3d:f5:78:d2:3e:7e:7a:f4:4d:f4:89:d5:ad:7d:7e:
81:e8:37:32:cd:4d:dd:ff:3c:2d:43:ce:0c:84:17:b3:1c:81:
95:25:c9:28:0b:39:8e:cc:6b:6a:41:bd:05:30:b2:1a:f9:84:
4f:30:14:77:f5:48:69:36:6b:78:a0:8b:2e:0e:48:0f:7e:5b:
a7:95:42:94:83:a0:95:26:c4:43:84:f1:f6:cd:05:a7:c4:53:
80:60:37:c6:1e:92:14:b8:88:1d:c3:a0:0c:3e:23:4b:45:eb:
1a:6e:63:64:72:38:c8:88:af:54:a4:cb:50:e6:78:68:d1:f1:
c3:fd:a6:70:64:5e:49:32:7d:8e:20:ce:10:01:ac:15:b4:00:
dc:dd:d1:83:13:ec:65:35:11:6b:cd:78:e6:3a:f4:e2:f6:c7:
e9:d7:82:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXz2WGTJj4R9Ys/Om+ZHGdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjMwMTI3MTUyOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTdkZGY3MWE5MWZiYmNlNDAxZDQ5ODVjZDZhZTE5ZDMyOGQ3ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEiCBypaDpnkvlcd+hKfmgtkImb0
/oF52nn/FiQuZ8ImMfiLFfKyJF4FMtvm8MWg0HyNTBwvVEAjrknTN7pDSTzp7bRd
9gxXxbz+kHOpHfjrASOe6NCdPHvtsVhY1w0bzHKsyAg+Ig7zaO4QKDCOKwBkwhmE
CaaQpBX77FKoVMZoKXLfmPMqaONZVM3RJ7aRMTp2kZFkzuTRMT0MIy0bJJ+GCB46
iEwyueZTsBOAhY0Poq/71evH/BkSXJzJewqUmQD8VkC2nlWl5eZpds16odnBsCSy
xz90XneZ3jc/7pobiwZ7NimqerXfvvI2alLVUvzRl/l6pWmYSRv+kXgiewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLp933GpH7vOQB1Jhc1q4Z0yjX+SMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvdW4zZmNha2Z1ODVBSFVtRnpXcmhuVEtOZjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWblWAwQA
XPDJMA0GCSqGSIb3DQEBCwUAA4IBAQBtgJmGeIGEDOgpIc6UjTCG63GylVn/GV8d
i3Gk+Q8zUYh8Sn/cRi0L6h06hFayN41QRtUwA1j6XHyDRjwIRAP6ez6G0P4nJ2Gn
VA9jqGhSQJ3/d0cK6XtdaE/jBXA99XjSPn569E30idWtfX6B6DcyzU3d/zwtQ84M
hBezHIGVJckoCzmOzGtqQb0FMLIa+YRPMBR39UhpNmt4oIsuDkgPflunlUKUg6CV
JsRDhPH2zQWnxFOAYDfGHpIUuIgdw6AMPiNLResabmNkcjjIiK9UpMtQ5nho0fHD
/aZwZF5JMn2OIM4QAawVtADc3dGDE+xlNRFrzXjmOvTi9sfp14L6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org