Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/UtzNmyf2gb6-njHCGp5J35hLNB8.roa
File: UtzNmyf2gb6-njHCGp5J35hLNB8.roa (raw, json)
Hash identifier: gWN9QN/1+QnOYqTTi11gimpckGWns44S73S0mOL90f4=
Subject key identifier: 52:DC:CD:9B:27:F6:81:BE:BE:9E:31:C2:1A:9E:49:DF:98:4B:34:1F
Certificate issuer: /CN=50aa99eb8c1b18b1aa7d4245ce481fb888fbf254
Certificate serial: 01856DD41DDA8D46B81C3804D4DD7E6F1955
Authority key identifier: 50:AA:99:EB:8C:1B:18:B1:AA:7D:42:45:CE:48:1F:B8:88:FB:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UKqZ64wbGLGqfUJFzkgfuIj78lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/UtzNmyf2gb6-njHCGp5J35hLNB8.roa
Signing time: Sun 01 Jan 2023 14:54:55 +0000
ROA not before: Sun 01 Jan 2023 14:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50401
IP address blocks: 91.242.192.0/23 maxlen: 23
91.242.194.0/23 maxlen: 23
91.242.196.0/23 maxlen: 23
91.242.198.0/23 maxlen: 23
91.222.112.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:1d:da:8d:46:b8:1c:38:04:d4:dd:7e:6f:19:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50aa99eb8c1b18b1aa7d4245ce481fb888fbf254
Validity
Not Before: Jan 1 14:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52dccd9b27f681bebe9e31c21a9e49df984b341f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ca:d6:c0:13:d5:72:db:7f:bb:29:47:2b:3a:
a2:cf:32:a0:ac:12:57:f2:5e:b0:f4:9b:af:67:7f:
ad:40:3f:60:25:fc:b0:f5:af:05:3d:c9:5d:5c:e7:
a5:46:7f:58:73:a3:45:f7:9c:b2:88:ab:f2:d2:71:
a4:8a:48:93:ec:e0:b0:db:83:fc:8f:9b:9c:a1:cf:
0c:02:ec:00:17:fc:18:af:5b:5c:a0:54:0c:99:db:
9b:e1:41:a5:e3:ef:74:00:5a:c1:b6:d6:f8:be:43:
2a:98:9c:50:73:98:c0:a2:7c:2a:d6:9e:91:70:81:
2e:be:69:68:a6:95:db:de:0e:f8:c0:7f:6b:a5:ae:
27:b5:2e:9d:d5:69:92:59:3b:7f:21:1f:d1:14:5a:
5f:47:5b:15:8b:34:b9:59:63:07:4f:58:24:be:db:
0a:29:56:75:cf:00:0e:ab:3d:f9:88:51:19:74:b1:
b3:35:93:7e:ed:da:28:a1:20:4f:bb:82:db:52:8d:
3b:9b:29:f5:07:af:2b:bb:55:dc:da:a7:f5:7e:1d:
6c:64:a7:45:b4:c1:68:39:ab:75:4e:aa:c1:9d:5a:
9e:51:be:a2:06:34:1b:7b:9e:88:61:43:dd:07:00:
d7:41:67:57:f2:ba:c2:d6:5f:27:8e:3d:47:c2:ed:
0e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DC:CD:9B:27:F6:81:BE:BE:9E:31:C2:1A:9E:49:DF:98:4B:34:1F
X509v3 Authority Key Identifier:
keyid:50:AA:99:EB:8C:1B:18:B1:AA:7D:42:45:CE:48:1F:B8:88:FB:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UKqZ64wbGLGqfUJFzkgfuIj78lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/UtzNmyf2gb6-njHCGp5J35hLNB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/088677-80be-4130-b360-1cf6fd9f80fa/1/UKqZ64wbGLGqfUJFzkgfuIj78lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.112.0/22
91.242.192.0/21
Signature Algorithm: sha256WithRSAEncryption
94:ab:5f:44:6a:b3:c0:e8:4d:cf:dd:c7:97:b0:31:7a:30:75:
df:5e:86:bb:1c:4e:a7:00:2b:cd:0c:6d:1e:61:40:bf:d0:00:
dc:80:ce:30:17:3f:73:23:f4:c2:e6:a1:fc:05:d9:05:b2:ae:
30:e3:1b:37:60:a4:a4:88:cd:90:65:88:cd:ab:8e:9e:15:de:
7f:78:c1:e4:1b:b4:f8:18:cd:ab:8f:1b:2d:68:32:47:47:45:
a4:56:7a:b1:3e:66:9d:34:9a:e4:cb:c3:26:00:38:5c:44:5a:
49:89:48:89:95:1c:35:9b:dc:5d:32:1c:ae:db:cc:d9:12:c3:
fb:06:1b:3e:bf:07:16:ef:a9:e2:f4:77:33:db:db:e8:f7:73:
ff:32:68:da:3d:42:4e:44:46:13:b8:f0:fc:77:7a:e5:ac:6c:
29:50:25:5a:bf:de:46:53:67:21:3e:f4:27:3f:3b:1d:14:9e:
9a:75:cf:92:1b:04:b0:ca:98:22:54:14:58:bc:a9:a3:94:a8:
5d:d6:57:29:89:60:a0:b7:13:93:42:5a:41:07:51:10:fe:ef:
b2:1d:2c:03:92:8d:e7:80:ab:77:a3:42:fb:51:08:d0:3e:56:
ff:b9:81:67:6c:a7:d4:44:50:d9:2a:89:d2:69:7b:e9:ea:ef:
fb:e9:8b:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt1B3ajUa4HDgE1N1+bxlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYWE5OWViOGMxYjE4YjFhYTdkNDI0NWNlNDgxZmI4ODhm
YmYyNTQwHhcNMjMwMTAxMTQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRjY2Q5YjI3ZjY4MWJlYmU5ZTMxYzIxYTllNDlkZjk4NGIzNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMrWwBPVctt/uylHKzqizzKgrBJX
8l6w9JuvZ3+tQD9gJfyw9a8FPcldXOelRn9Yc6NF95yyiKvy0nGkikiT7OCw24P8
j5ucoc8MAuwAF/wYr1tcoFQMmdub4UGl4+90AFrBttb4vkMqmJxQc5jAonwq1p6R
cIEuvmloppXb3g74wH9rpa4ntS6d1WmSWTt/IR/RFFpfR1sVizS5WWMHT1gkvtsK
KVZ1zwAOqz35iFEZdLGzNZN+7doooSBPu4LbUo07myn1B68ru1Xc2qf1fh1sZKdF
tMFoOat1TqrBnVqeUb6iBjQbe56IYUPdBwDXQWdX8rrC1l8njj1Hwu0OTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFLczZsn9oG+vp4xwhqeSd+YSzQfMB8GA1UdIwQY
MBaAFFCqmeuMGxixqn1CRc5IH7iI+/JUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUtxWjY0d2JHTEdxZlVKRnprZ2Z1SWo3OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wODg2NzctODBiZS00MTMwLWIzNjAt
MWNmNmZkOWY4MGZhLzEvVXR6Tm15ZjJnYjYtbmpIQ0dwNUozNWhMTkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wODg2NzctODBiZS00MTMwLWIzNjAtMWNmNmZkOWY4MGZh
LzEvVUtxWjY0d2JHTEdxZlVKRnprZ2Z1SWo3OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW95wAwQD
W/LAMA0GCSqGSIb3DQEBCwUAA4IBAQCUq19EarPA6E3P3ceXsDF6MHXfXoa7HE6n
ACvNDG0eYUC/0ADcgM4wFz9zI/TC5qH8BdkFsq4w4xs3YKSkiM2QZYjNq46eFd5/
eMHkG7T4GM2rjxstaDJHR0WkVnqxPmadNJrky8MmADhcRFpJiUiJlRw1m9xdMhyu
28zZEsP7Bhs+vwcW76ni9Hcz29vo93P/MmjaPUJOREYTuPD8d3rlrGwpUCVav95G
U2chPvQnPzsdFJ6adc+SGwSwypgiVBRYvKmjlKhd1lcpiWCgtxOTQlpBB1EQ/u+y
HSwDko3ngKt3o0L7UQjQPlb/uYFnbKfURFDZKonSaXvp6u/76YvC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:23 2024 by rpki-client on console-ams.rpki-client.org