Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/kuF--CFY0csTPvl_59WbBm39eXs.roa
File: kuF--CFY0csTPvl_59WbBm39eXs.roa (raw, json)
Hash identifier: +oOvYzEuQ649TA1ExC2xKxs6gFUQJxljSfzu73DaKLU=
Subject key identifier: 92:E1:7E:F8:21:58:D1:CB:13:3E:F9:7F:E7:D5:9B:06:6D:FD:79:7B
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 01892CA9AC7914A9C5578CD72A4BB7BA36FE
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/kuF--CFY0csTPvl_59WbBm39eXs.roa
Signing time: Thu 06 Jul 2023 19:24:24 +0000
ROA not before: Thu 06 Jul 2023 19:24:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200462
IP address blocks: 94.247.43.0/24 maxlen: 32
2.58.54.0/24 maxlen: 24
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
45.86.124.0/22 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2c:a9:ac:79:14:a9:c5:57:8c:d7:2a:4b:b7:ba:36:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jul 6 19:24:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92e17ef82158d1cb133ef97fe7d59b066dfd797b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9b:ce:81:c8:dc:82:c1:e6:62:32:ab:2f:e4:
46:5d:68:54:09:93:20:bb:42:eb:06:cf:22:6b:3e:
2f:ab:85:20:da:15:b5:67:e7:ca:0a:4f:48:f2:52:
24:a0:79:d0:29:e4:63:9f:14:c8:17:1f:31:7c:57:
a8:54:c0:dc:1f:39:13:c3:a8:ad:3a:5c:9b:c9:6e:
f9:b1:5f:71:ca:b5:d1:d7:e6:c6:a7:04:f1:ec:2c:
6c:2d:fb:42:5c:a2:5e:56:0f:96:d8:79:a6:46:21:
f0:1d:08:90:e8:ba:19:76:34:94:48:1c:cf:b8:d8:
be:c6:7d:3b:86:eb:19:ae:b5:d9:5b:a2:c0:e0:ed:
99:f7:d0:60:b0:c3:c0:58:78:9b:2a:9e:77:aa:75:
74:f5:49:ff:58:f9:1c:a8:73:0c:2b:4d:d0:51:f1:
3f:2e:f3:e3:13:8a:52:fd:25:36:08:fe:e5:f0:fd:
01:cc:3b:1a:af:aa:f3:52:4f:01:7d:a0:5a:5a:bb:
ea:66:5d:b8:f4:ec:46:0d:2b:59:01:87:df:55:8e:
c1:78:fa:5f:2f:0a:8f:5c:5a:ba:35:f2:e2:67:d4:
83:c5:2c:91:bc:ee:8b:6c:d3:5b:62:d5:a4:5d:04:
ab:f7:00:cd:f9:ab:fa:7c:5a:17:c7:a7:f9:92:f3:
ba:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E1:7E:F8:21:58:D1:CB:13:3E:F9:7F:E7:D5:9B:06:6D:FD:79:7B
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/kuF--CFY0csTPvl_59WbBm39eXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0-2.58.54.255
5.180.192.0/23
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
67:2d:b3:c1:b8:fa:6c:ae:4e:6c:2c:74:00:71:35:83:dc:d4:
b1:5f:09:9a:eb:56:e6:83:f4:dd:e9:f1:f6:ef:44:5c:2f:28:
31:81:3f:5c:e5:0e:d1:9b:14:8e:48:2f:26:c3:5a:68:16:1e:
a7:32:99:46:74:51:3d:86:63:8e:66:54:d8:f4:13:1d:8d:04:
53:c5:c8:22:75:48:a6:15:68:6b:9a:7e:58:a2:c4:be:61:9c:
9d:2c:d5:80:78:fb:6b:10:05:82:6d:25:41:43:cf:a5:70:3d:
06:b4:83:13:22:b9:a8:dd:40:94:d9:11:37:4b:ad:a7:9a:9f:
b3:29:88:ba:02:7f:ca:42:d6:aa:f4:05:35:d9:7f:93:2d:e3:
e5:24:a9:bd:57:82:c8:11:d0:a0:cd:47:e1:1d:48:92:24:a1:
6c:b1:ad:50:cb:3c:27:b3:7d:45:7d:86:bf:f0:5d:9b:b8:ea:
3f:86:fd:68:60:44:b6:5b:43:6b:1d:dd:4a:5c:96:64:61:25:
42:25:f6:cb:d1:f6:79:d6:4c:68:45:75:ef:30:33:d2:20:80:
09:26:38:d3:ea:0f:d6:a1:5c:dc:78:35:bd:7e:ff:60:22:29:
06:b2:04:fe:dc:3c:3e:0d:10:86:65:ad:39:ec:5e:aa:29:ef:
44:d0:54:72
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYksqax5FKnFV4zXKku3ujb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwNzA2MTkyNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmUxN2VmODIxNThkMWNiMTMzZWY5N2ZlN2Q1OWIwNjZkZmQ3OTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipvOgcjcgsHmYjKrL+RGXWhUCZMg
u0LrBs8iaz4vq4Ug2hW1Z+fKCk9I8lIkoHnQKeRjnxTIFx8xfFeoVMDcHzkTw6it
OlybyW75sV9xyrXR1+bGpwTx7CxsLftCXKJeVg+W2HmmRiHwHQiQ6LoZdjSUSBzP
uNi+xn07husZrrXZW6LA4O2Z99BgsMPAWHibKp53qnV09Un/WPkcqHMMK03QUfE/
LvPjE4pS/SU2CP7l8P0BzDsar6rzUk8BfaBaWrvqZl249OxGDStZAYffVY7BePpf
LwqPXFq6NfLiZ9SDxSyRvO6LbNNbYtWkXQSr9wDN+av6fFoXx6f5kvO6rQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFJLhfvghWNHLEz75f+fVmwZt/Xl7MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEva3VGLS1DRlkwY3NUUHZsXzU5V2JCbTM5ZVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAmBAIAATAgMAwDBAICOjQD
BAACOjYDBAEFtMADBAItVnwDBABe9yswLQQCAAIwJwMHACoA+CYACAMHBCoHb8AA
EAMFACoJ4cADBQMqDIkAAwUDKg7egDANBgkqhkiG9w0BAQsFAAOCAQEAZy2zwbj6
bK5ObCx0AHE1g9zUsV8JmutW5oP03enx9u9EXC8oMYE/XOUO0ZsUjkgvJsNaaBYe
pzKZRnRRPYZjjmZU2PQTHY0EU8XIInVIphVoa5p+WKLEvmGcnSzVgHj7axAFgm0l
QUPPpXA9BrSDEyK5qN1AlNkRN0utp5qfsymIugJ/ykLWqvQFNdl/ky3j5SSpvVeC
yBHQoM1H4R1IkiShbLGtUMs8J7N9RX2Gv/Bdm7jqP4b9aGBEtltDax3dSlyWZGEl
QiX2y9H2edZMaEV17zAz0iCACSY40+oP1qFc3Hg1vX7/YCIpBrIE/tw8Pg0QhmWt
OexeqinvRNBUcg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org