Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/UoPsSoe5EH4CnzZ_3viEyikTzI0.roa
File: UoPsSoe5EH4CnzZ_3viEyikTzI0.roa (raw, json)
Hash identifier: i/cah6j2FyCggWJJ/Qjwe/r+M82yOW7FNiw30dABSl8=
Subject key identifier: 52:83:EC:4A:87:B9:10:7E:02:9F:36:7F:DE:F8:84:CA:29:13:CC:8D
Certificate issuer: /CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Certificate serial: 01856E6FAE87BBA4D37B5D09ADE680388E78
Authority key identifier: 93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/UoPsSoe5EH4CnzZ_3viEyikTzI0.roa
Signing time: Sun 01 Jan 2023 17:44:50 +0000
ROA not before: Sun 01 Jan 2023 17:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57928
IP address blocks: 185.49.120.0/22 maxlen: 22
185.49.123.0/24 maxlen: 24
2a01:4fe0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:ae:87:bb:a4:d3:7b:5d:09:ad:e6:80:38:8e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Validity
Not Before: Jan 1 17:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5283ec4a87b9107e029f367fdef884ca2913cc8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:9d:f1:1a:37:68:4c:b0:9e:e3:39:0f:8c:
b2:7f:7a:b8:56:cd:2b:6b:c1:58:c2:cf:03:5f:48:
ec:c7:32:80:ec:df:87:40:4e:c4:9b:c2:ff:5b:66:
0e:9b:c0:d6:f9:42:78:e8:d9:f3:3e:5d:0c:44:9d:
6b:58:19:2e:05:d1:8a:a7:09:90:d0:c9:b0:8c:9f:
a6:4c:90:52:0b:79:fd:7a:ec:3d:d4:7b:28:50:56:
56:26:c9:d2:4c:f5:d9:29:95:1d:f6:31:13:07:b8:
6d:38:d9:69:94:9e:d1:00:48:c3:91:b6:2c:81:60:
b7:6d:88:25:a5:61:f3:a8:62:4a:cf:ac:94:84:56:
b9:bd:76:6d:25:3f:47:a0:17:26:5d:ce:15:ea:5d:
05:b7:df:87:b0:b1:04:07:f8:0e:15:f7:23:1d:63:
d3:f8:b6:3d:1a:6a:67:3b:1e:c2:ff:ab:92:c4:33:
f2:45:1b:f2:88:83:ec:b3:ab:9d:96:39:38:b6:fb:
5f:89:5e:57:12:26:79:a4:3e:2c:7f:5d:37:28:16:
76:2a:fe:05:12:5f:5b:24:99:b0:41:a1:5e:e2:80:
f2:93:0a:61:a2:4d:59:58:11:25:ca:c6:45:18:87:
28:c0:8e:62:ba:6b:bf:6b:76:57:fd:d4:ce:7e:49:
32:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:83:EC:4A:87:B9:10:7E:02:9F:36:7F:DE:F8:84:CA:29:13:CC:8D
X509v3 Authority Key Identifier:
keyid:93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/UoPsSoe5EH4CnzZ_3viEyikTzI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/kzSoL9wI8OjeXYSNN34Mxdl3mb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.120.0/22
IPv6:
2a01:4fe0::/32
Signature Algorithm: sha256WithRSAEncryption
49:c5:cb:d2:f8:3c:40:20:e8:bf:12:83:4c:f3:28:29:ad:5b:
cc:eb:46:b1:ca:12:18:90:3b:97:b4:48:75:90:e7:5c:ba:51:
01:63:a9:dd:14:33:ab:74:e2:9b:d1:4a:99:2f:8b:7a:d8:83:
8e:b4:62:7c:67:d2:b8:3f:ff:7e:f2:9d:1e:e2:f4:08:ec:b5:
b5:a2:e9:77:2e:72:2b:6c:24:11:d3:6a:3d:be:9a:38:9e:e6:
38:ec:d5:b5:47:52:dd:4c:e6:db:da:64:1c:e8:d4:bf:f9:66:
73:f6:a2:8d:e2:bf:8c:8d:d7:98:0e:64:ce:17:26:b0:8b:1a:
98:de:c3:f3:55:ce:af:3c:7b:90:e2:ff:fd:15:5c:94:d6:36:
d5:b5:00:cf:4d:0d:a8:ef:e6:0f:9f:ed:be:56:b3:78:8d:ab:
45:bf:5f:03:ed:2c:84:11:aa:1d:a6:5a:6c:9c:2b:d0:b1:52:
7f:60:25:0c:18:20:62:ea:a1:d1:d2:3f:c6:72:53:b4:a0:3e:
20:11:30:36:c9:16:f8:41:da:71:85:d2:7d:58:b8:cf:28:ea:
dc:7c:17:f7:84:f0:db:e2:b1:13:32:dc:4f:cd:ce:7d:ae:9b:
6b:db:e6:3d:ca:b0:55:22:62:8c:5a:ae:36:a7:ef:4f:92:0e:
7c:70:f6:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVub66Hu6TTe10JreaAOI54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzRhODJmZGMwOGYwZThkZTVkODQ4ZDM3N2UwY2M1ZDk3
Nzk5YmYwHhcNMjMwMTAxMTc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjgzZWM0YTg3YjkxMDdlMDI5ZjM2N2ZkZWY4ODRjYTI5MTNjYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/6d8Ro3aEywnuM5D4yyf3q4Vs0r
a8FYws8DX0jsxzKA7N+HQE7Em8L/W2YOm8DW+UJ46NnzPl0MRJ1rWBkuBdGKpwmQ
0MmwjJ+mTJBSC3n9euw91HsoUFZWJsnSTPXZKZUd9jETB7htONlplJ7RAEjDkbYs
gWC3bYglpWHzqGJKz6yUhFa5vXZtJT9HoBcmXc4V6l0Ft9+HsLEEB/gOFfcjHWPT
+LY9GmpnOx7C/6uSxDPyRRvyiIPss6udljk4tvtfiV5XEiZ5pD4sf103KBZ2Kv4F
El9bJJmwQaFe4oDykwphok1ZWBElysZFGIcowI5iumu/a3ZX/dTOfkky7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFKD7EqHuRB+Ap82f974hMopE8yNMB8GA1UdIwQY
MBaAFJM0qC/cCPDo3l2EjTd+DMXZd5m/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pTb0w5d0k4T2plWFlTTk4zNE14ZGwzbWI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iYjZlN2UtYWIxZC00ZGE1LTljOTYt
ZmY2OGU5MjI1ZjdkLzEvVW9Qc1NvZTVFSDRDbnpaXzN2aUV5aWtUekkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iYjZlN2UtYWIxZC00ZGE1LTljOTYtZmY2OGU5MjI1Zjdk
LzEva3pTb0w5d0k4T2plWFlTTk4zNE14ZGwzbWI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTF4MA0E
AgACMAcDBQAqAU/gMA0GCSqGSIb3DQEBCwUAA4IBAQBJxcvS+DxAIOi/EoNM8ygp
rVvM60axyhIYkDuXtEh1kOdculEBY6ndFDOrdOKb0UqZL4t62IOOtGJ8Z9K4P/9+
8p0e4vQI7LW1oul3LnIrbCQR02o9vpo4nuY47NW1R1LdTObb2mQc6NS/+WZz9qKN
4r+MjdeYDmTOFyawixqY3sPzVc6vPHuQ4v/9FVyU1jbVtQDPTQ2o7+YPn+2+VrN4
jatFv18D7SyEEaodplpsnCvQsVJ/YCUMGCBi6qHR0j/GclO0oD4gETA2yRb4Qdpx
hdJ9WLjPKOrcfBf3hPDb4rETMtxPzc59rptr2+Y9yrBVImKMWq42p+9Pkg58cPaO
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:28 2024 by rpki-client on console-ams.rpki-client.org