Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/uXBJ7Tdwj3N-kuG5Mjo5HBKYknA.roa
File: uXBJ7Tdwj3N-kuG5Mjo5HBKYknA.roa (raw, json)
Hash identifier: q6C5AjixknLdTQoQFGxqBLa1kLAyR13+cRhJ9j0nkq0=
Subject key identifier: B9:70:49:ED:37:70:8F:73:7E:92:E1:B9:32:3A:39:1C:12:98:92:70
Certificate issuer: /CN=c9b232958097b5863eafd047bb315171eaa01fb7
Certificate serial: 01856FC279D343F38BCEFF6E5A17916217B8
Authority key identifier: C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/uXBJ7Tdwj3N-kuG5Mjo5HBKYknA.roa
Signing time: Sun 01 Jan 2023 23:54:54 +0000
ROA not before: Sun 01 Jan 2023 23:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25409
IP address blocks: 195.234.188.0/24 maxlen: 24
95.128.170.0/23 maxlen: 23
93.190.144.0/21 maxlen: 21
2a00:ff0::/48 maxlen: 48
2a00:ff0:fffe::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:79:d3:43:f3:8b:ce:ff:6e:5a:17:91:62:17:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9b232958097b5863eafd047bb315171eaa01fb7
Validity
Not Before: Jan 1 23:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b97049ed37708f737e92e1b9323a391c12989270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:65:a1:98:88:01:8c:74:c7:bd:50:17:ff:dc:
ac:45:de:93:9f:d6:ac:12:0a:47:d7:a7:3b:e4:f9:
77:ad:bc:de:a9:55:59:cc:dd:48:05:0b:b4:dc:f4:
99:ec:b3:d2:0d:0f:87:df:f6:06:ac:54:d7:f8:53:
7b:32:55:08:5a:cd:a6:5b:77:89:79:b7:46:46:57:
96:34:e9:80:22:4d:23:2d:d4:9d:41:3a:3a:7b:64:
a8:b3:c5:12:a8:0b:b7:a3:2c:de:5b:7f:eb:13:d7:
09:28:f0:5d:a6:36:0f:f7:64:66:8d:cf:5f:ff:00:
d4:d9:22:8a:6a:62:ba:f5:9b:2d:36:9c:11:c1:80:
69:87:6a:20:12:b5:45:db:be:21:7d:4e:bd:6c:d0:
31:8f:1c:ea:f0:6d:3e:f0:e4:47:7d:ae:72:c9:0a:
a5:e7:09:da:78:0c:fc:fc:b4:db:c9:f8:74:56:91:
4b:78:73:e1:2e:8a:52:07:a8:73:c7:bf:64:ea:ce:
04:a9:fe:7e:b9:8c:b4:26:57:b2:42:01:0e:4f:c1:
f7:6c:8f:79:ec:65:5e:4a:0f:e9:22:61:46:67:f8:
4c:0e:94:f9:63:d2:1b:fc:98:a3:25:57:7b:1c:8a:
32:90:6a:d0:57:81:08:3a:6a:ad:2b:c9:50:37:50:
86:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:70:49:ED:37:70:8F:73:7E:92:E1:B9:32:3A:39:1C:12:98:92:70
X509v3 Authority Key Identifier:
keyid:C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/uXBJ7Tdwj3N-kuG5Mjo5HBKYknA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.144.0/21
95.128.170.0/23
195.234.188.0/24
IPv6:
2a00:ff0::/48
2a00:ff0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
29:c7:f8:73:a3:f5:a8:9c:8c:8e:c9:28:34:6e:9e:81:cc:60:
d2:ec:c5:5a:85:7a:7b:87:82:01:31:22:aa:33:ef:e5:72:68:
eb:99:13:3a:8f:00:1c:8f:ff:53:4c:15:e1:f5:61:1f:bb:18:
f4:37:46:e6:d6:46:dc:77:f2:8e:ad:fb:cf:b1:d6:ee:72:90:
07:26:a6:ad:43:e4:a7:08:f4:f6:1a:c5:c9:69:91:ee:a0:02:
d4:46:38:cc:50:fa:2e:e9:2c:3d:fd:ea:62:88:8f:5c:ec:bd:
a5:9c:c6:c5:87:20:98:58:38:96:73:59:37:5c:2d:10:00:be:
b2:4e:bf:6c:89:c2:44:0a:f7:48:47:03:a8:e9:89:3c:02:c8:
cc:1a:69:da:34:bc:9c:47:44:35:3b:87:86:82:ec:64:01:fc:
d9:8c:a2:3e:42:cb:61:35:63:42:af:37:34:3f:9a:65:55:7d:
8c:e8:85:1e:77:f1:29:03:96:a0:fa:ff:76:af:fc:87:a6:73:
59:54:85:15:a3:54:14:cb:ef:48:28:9d:a8:1e:2b:27:b2:2f:
e5:86:d3:eb:48:64:9d:d2:1d:30:7a:f6:63:ea:30:c0:8f:07:
e1:eb:18:a4:59:e7:67:53:54:24:28:39:1d:07:6f:8c:f5:91:
71:96:bf:e7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvwnnTQ/OLzv9uWheRYhe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YjIzMjk1ODA5N2I1ODYzZWFmZDA0N2JiMzE1MTcxZWFh
MDFmYjcwHhcNMjMwMTAxMjM1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTcwNDllZDM3NzA4ZjczN2U5MmUxYjkzMjNhMzkxYzEyOTg5MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2WhmIgBjHTHvVAX/9ysRd6Tn9as
EgpH16c75Pl3rbzeqVVZzN1IBQu03PSZ7LPSDQ+H3/YGrFTX+FN7MlUIWs2mW3eJ
ebdGRleWNOmAIk0jLdSdQTo6e2Sos8USqAu3oyzeW3/rE9cJKPBdpjYP92Rmjc9f
/wDU2SKKamK69ZstNpwRwYBph2ogErVF274hfU69bNAxjxzq8G0+8ORHfa5yyQql
5wnaeAz8/LTbyfh0VpFLeHPhLopSB6hzx79k6s4Eqf5+uYy0JleyQgEOT8H3bI95
7GVeSg/pImFGZ/hMDpT5Y9Ib/JijJVd7HIoykGrQV4EIOmqtK8lQN1CGdwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLlwSe03cI9zfpLhuTI6ORwSmJJwMB8GA1UdIwQY
MBaAFMmyMpWAl7WGPq/QR7sxUXHqoB+3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUt
MDdiN2ZlZjA4NThmLzEvdVhCSjdUZHdqM04ta3VHNU1qbzVIQktZa25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUtMDdiN2ZlZjA4NThm
LzEveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQDXb6QAwQB
X4CqAwQAw+q8MBgEAgACMBIDBwAqAA/wAAADBwAqAA/w//4wDQYJKoZIhvcNAQEL
BQADggEBACnH+HOj9aicjI7JKDRunoHMYNLsxVqFenuHggExIqoz7+VyaOuZEzqP
AByP/1NMFeH1YR+7GPQ3RubWRtx38o6t+8+x1u5ykAcmpq1D5KcI9PYaxclpke6g
AtRGOMxQ+i7pLD396mKIj1zsvaWcxsWHIJhYOJZzWTdcLRAAvrJOv2yJwkQK90hH
A6jpiTwCyMwaado0vJxHRDU7h4aC7GQB/NmMoj5Cy2E1Y0KvNzQ/mmVVfYzohR53
8SkDlqD6/3av/Iemc1lUhRWjVBTL70gonageKyeyL+WG0+tIZJ3SHTB69mPqMMCP
B+HrGKRZ52dTVCQoOR0Hb4z1kXGWv+c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:37 2024 by rpki-client on console-fra.rpki-client.org