Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d348b5-151c-4aa5-bd09-ef5d5011ca77/1/saCfc4kip4QdxqAGCceHAZuApfs.roa
File: saCfc4kip4QdxqAGCceHAZuApfs.roa (raw, json)
Hash identifier: DKObyLE3BTsMUJ8Y2apMY+crfg2Q510aHzrhYAMpmOA=
Subject key identifier: B1:A0:9F:73:89:22:A7:84:1D:C6:A0:06:09:C7:87:01:9B:80:A5:FB
Certificate issuer: /CN=50a06a453fcd5f26faf4822c4b459098dcaff039
Certificate serial: 01856C65C899558C6245EB6C1E0964C9D960
Authority key identifier: 50:A0:6A:45:3F:CD:5F:26:FA:F4:82:2C:4B:45:90:98:DC:AF:F0:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UKBqRT_NXyb69IIsS0WQmNyv8Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d348b5-151c-4aa5-bd09-ef5d5011ca77/1/saCfc4kip4QdxqAGCceHAZuApfs.roa
Signing time: Sun 01 Jan 2023 08:14:47 +0000
ROA not before: Sun 01 Jan 2023 08:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1759
IP address blocks: 193.143.8.0/21 maxlen: 24
193.143.240.0/21 maxlen: 24
91.195.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:c8:99:55:8c:62:45:eb:6c:1e:09:64:c9:d9:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50a06a453fcd5f26faf4822c4b459098dcaff039
Validity
Not Before: Jan 1 08:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1a09f738922a7841dc6a00609c787019b80a5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f0:7e:82:14:6b:ec:f4:df:a7:fa:1c:16:b2:
54:50:85:4b:1a:5f:df:b6:14:8c:5f:a7:4c:52:0c:
7b:ce:15:90:e7:6e:aa:17:f2:eb:c8:20:0a:5d:a4:
d7:80:7a:88:50:a9:55:6f:e8:18:26:3f:f3:9c:9e:
a1:c7:95:60:12:39:cc:25:89:98:66:f0:c1:cc:f8:
60:c4:a1:da:7f:0b:b1:22:af:c0:f1:21:be:9d:bf:
66:f0:65:fa:3e:8c:7f:11:59:42:ca:54:cd:c7:c0:
fa:ba:3f:4f:2b:6b:9b:c4:a4:8d:72:4a:00:b9:85:
58:08:3a:6f:bb:ed:d2:57:41:a5:1e:e6:1b:de:02:
1d:28:3e:28:47:d6:d6:f0:d4:95:93:fc:bd:fd:db:
84:4f:b3:7f:9a:6b:7c:c1:c2:36:23:7a:6e:0b:78:
d9:0f:78:16:3c:0e:1c:6d:f5:17:8f:0b:6a:a4:eb:
a1:8f:01:63:ba:69:55:df:d0:e8:60:1d:d6:df:a8:
38:d6:20:fc:ca:d6:f5:c6:94:f4:ca:e8:b4:f7:89:
ee:c0:47:7a:ad:57:d3:44:c2:c0:12:73:2a:70:80:
b9:66:8f:f3:b4:d3:2f:c6:5b:63:49:f9:03:0d:91:
5e:a9:9d:8f:d2:9a:0b:8b:75:58:f4:92:a0:2b:60:
d3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A0:9F:73:89:22:A7:84:1D:C6:A0:06:09:C7:87:01:9B:80:A5:FB
X509v3 Authority Key Identifier:
keyid:50:A0:6A:45:3F:CD:5F:26:FA:F4:82:2C:4B:45:90:98:DC:AF:F0:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UKBqRT_NXyb69IIsS0WQmNyv8Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d348b5-151c-4aa5-bd09-ef5d5011ca77/1/saCfc4kip4QdxqAGCceHAZuApfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d348b5-151c-4aa5-bd09-ef5d5011ca77/1/UKBqRT_NXyb69IIsS0WQmNyv8Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.246.0/23
193.143.8.0/21
193.143.240.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:a6:a1:9d:91:6b:73:a9:cb:c0:d3:74:5c:fc:51:64:21:94:
22:55:d1:3a:81:a7:9a:d4:7b:ff:a0:9a:26:b0:36:5c:52:61:
e5:d5:14:80:d7:4f:0f:c3:9d:59:69:cf:5a:80:e6:46:8d:06:
48:8c:bd:b4:2a:2a:ec:c7:aa:ea:7c:bf:a2:bc:2f:60:58:8c:
d9:f4:30:6d:22:84:ae:c9:53:c3:a4:46:cd:c2:ec:d4:71:2c:
32:8d:19:f1:f5:95:e7:51:f9:ee:9e:cc:86:37:36:a6:33:db:
38:76:6c:1a:1b:90:4d:05:e4:fb:96:ce:a7:56:2b:e7:cc:7a:
a7:a0:7a:37:97:01:81:b0:24:11:21:7b:56:4c:b8:22:fa:9a:
67:38:05:db:c5:a1:a9:54:5c:af:95:94:36:d6:cc:84:e2:36:
be:fe:54:8c:e2:63:b1:c2:97:58:39:5a:c4:03:0b:de:d6:c4:
15:55:d7:f4:6c:ee:bb:ed:d0:04:f9:d6:1a:32:69:6f:5c:65:
25:f9:bb:4d:18:c7:a1:4b:e0:1f:d2:53:db:e3:f9:c9:81:76:
4a:24:e5:ef:7b:c1:a4:4d:ac:07:e2:26:aa:90:4e:73:21:c8:
2f:d6:aa:e0:00:8f:fc:95:cf:bc:ef:b6:9c:8a:25:81:3c:e8:
fb:c4:64:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsZciZVYxiRetsHglkydlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYTA2YTQ1M2ZjZDVmMjZmYWY0ODIyYzRiNDU5MDk4ZGNh
ZmYwMzkwHhcNMjMwMTAxMDgxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWEwOWY3Mzg5MjJhNzg0MWRjNmEwMDYwOWM3ODcwMTliODBhNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/B+ghRr7PTfp/ocFrJUUIVLGl/f
thSMX6dMUgx7zhWQ526qF/LryCAKXaTXgHqIUKlVb+gYJj/znJ6hx5VgEjnMJYmY
ZvDBzPhgxKHafwuxIq/A8SG+nb9m8GX6Pox/EVlCylTNx8D6uj9PK2ubxKSNckoA
uYVYCDpvu+3SV0GlHuYb3gIdKD4oR9bW8NSVk/y9/duET7N/mmt8wcI2I3puC3jZ
D3gWPA4cbfUXjwtqpOuhjwFjumlV39DoYB3W36g41iD8ytb1xpT0yui094nuwEd6
rVfTRMLAEnMqcIC5Zo/ztNMvxltjSfkDDZFeqZ2P0poLi3VY9JKgK2DT8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLGgn3OJIqeEHcagBgnHhwGbgKX7MB8GA1UdIwQY
MBaAFFCgakU/zV8m+vSCLEtFkJjcr/A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUtCcVJUX05YeWI2OUlJc1MwV1FtTnl2OERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMzQ4YjUtMTUxYy00YWE1LWJkMDkt
ZWY1ZDUwMTFjYTc3LzEvc2FDZmM0a2lwNFFkeHFBR0NjZUhBWnVBcGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMzQ4YjUtMTUxYy00YWE1LWJkMDktZWY1ZDUwMTFjYTc3
LzEvVUtCcVJUX05YeWI2OUlJc1MwV1FtTnl2OERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8P2AwQD
wY8IAwQDwY/wMA0GCSqGSIb3DQEBCwUAA4IBAQBMpqGdkWtzqcvA03Rc/FFkIZQi
VdE6gaea1Hv/oJomsDZcUmHl1RSA108Pw51Zac9agOZGjQZIjL20Kirsx6rqfL+i
vC9gWIzZ9DBtIoSuyVPDpEbNwuzUcSwyjRnx9ZXnUfnunsyGNzamM9s4dmwaG5BN
BeT7ls6nVivnzHqnoHo3lwGBsCQRIXtWTLgi+ppnOAXbxaGpVFyvlZQ21syE4ja+
/lSM4mOxwpdYOVrEAwve1sQVVdf0bO677dAE+dYaMmlvXGUl+btNGMehS+Af0lPb
4/nJgXZKJOXve8GkTawH4iaqkE5zIcgv1qrgAI/8lc+877aciiWBPOj7xGTb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:39 2024 by rpki-client on console-ams.rpki-client.org