Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/UaCls0thdyNd6qD6icxucjnBkms.roa
File: UaCls0thdyNd6qD6icxucjnBkms.roa (raw, json)
Hash identifier: gc+uZzqCkDiZkwVIx19XaQjkuXu+rNcwYCg7d6Z+u2g=
Subject key identifier: 51:A0:A5:B3:4B:61:77:23:5D:EA:A0:FA:89:CC:6E:72:39:C1:92:6B
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018902C516664F7C849AD66F212F04353FFD
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/UaCls0thdyNd6qD6icxucjnBkms.roa
Signing time: Wed 28 Jun 2023 16:10:17 +0000
ROA not before: Wed 28 Jun 2023 16:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 94.26.89.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:c5:16:66:4f:7c:84:9a:d6:6f:21:2f:04:35:3f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 28 16:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51a0a5b34b6177235deaa0fa89cc6e7239c1926b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:c9:a9:c9:aa:ca:a2:0c:e2:1e:78:b8:e6:
a1:19:76:65:52:42:63:5c:40:06:04:fa:56:0c:e1:
97:7c:f3:88:35:9e:ba:e5:24:94:a8:5a:31:9c:8f:
58:b1:ce:02:75:9b:37:fd:df:03:30:b9:b7:94:61:
3c:68:50:66:ee:ec:68:79:c7:6c:15:48:e3:7b:f0:
41:5c:85:19:2f:65:8f:ef:63:d3:ff:ee:b8:86:c2:
75:c6:b4:82:ea:7a:d6:fd:fc:ce:31:c1:88:cd:a4:
1b:5e:88:09:13:ed:3d:57:9a:4a:ff:7c:ac:1d:a6:
2e:50:63:27:6d:08:c2:6d:e1:cf:2a:5c:93:f0:ec:
04:67:75:ce:97:00:c1:17:1b:43:9b:e9:80:e0:97:
95:17:49:2d:8b:61:e7:de:98:11:6c:ca:86:58:59:
dc:4a:47:7c:ef:48:86:e1:4d:79:c6:86:de:3a:dd:
19:a1:76:45:6f:06:32:e0:ea:1a:9b:97:75:fe:11:
ab:4a:86:85:25:1c:ab:c8:2d:33:ac:1b:3f:17:a0:
03:68:87:c7:6f:a6:02:58:4c:3c:ae:b1:12:90:f9:
6f:8f:b4:9a:45:01:8c:1a:81:f6:66:39:fc:8b:37:
05:19:be:75:16:d2:77:5b:2a:49:1f:2f:03:49:b7:
4b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A0:A5:B3:4B:61:77:23:5D:EA:A0:FA:89:CC:6E:72:39:C1:92:6B
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/UaCls0thdyNd6qD6icxucjnBkms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.210.0/24
93.152.212.0/24
93.152.217.0-93.152.218.255
93.152.222.0/24
93.152.226.0/23
94.26.89.0/24
212.102.105.0/24
Signature Algorithm: sha256WithRSAEncryption
73:5d:9a:31:a4:c1:62:87:41:20:11:b8:1a:20:23:19:e1:08:
a5:8b:d0:e6:7c:da:ab:11:64:df:1c:13:b9:2f:34:97:f2:bd:
cb:e2:0e:83:74:35:c4:58:7e:21:ba:02:c4:84:31:e2:48:cd:
d8:97:56:2f:50:6f:78:55:21:db:42:76:99:ae:50:6b:90:e6:
c8:c1:cf:16:a3:61:4b:0d:4b:8e:7d:42:68:f1:23:db:67:07:
0b:61:a7:5f:03:ea:d8:83:ad:a2:02:a3:10:4a:8d:fd:5c:7b:
4e:03:ee:4d:0b:1e:2c:76:a8:00:9a:27:b4:c3:f0:29:8a:4b:
c9:ec:07:0f:30:4f:6c:89:ce:22:15:60:cd:d5:24:cc:16:84:
ff:b5:e2:1b:a5:57:e1:86:5b:4a:b8:a8:dc:e8:0e:c8:27:11:
b0:69:2e:2a:db:08:6f:53:02:75:1d:92:26:1c:43:ef:ac:0f:
67:13:6d:fd:dd:82:6b:aa:26:84:0d:b3:83:c9:4b:c6:0e:a6:
f0:84:af:3f:d4:8e:34:4e:da:83:23:09:37:d8:71:45:f4:20:
7b:62:2e:a2:e0:13:ec:67:1f:f2:14:df:ca:5e:32:aa:f9:a1:
a1:74:3c:f1:27:dc:ca:ad:50:28:54:6e:3c:c1:a2:8f:11:ce:
fd:6c:c7:3c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYkCxRZmT3yEmtZvIS8ENT/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNjI4MTYxMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWEwYTViMzRiNjE3NzIzNWRlYWEwZmE4OWNjNmU3MjM5YzE5MjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBzJqcmqyqIM4h54uOahGXZlUkJj
XEAGBPpWDOGXfPOINZ665SSUqFoxnI9Ysc4CdZs3/d8DMLm3lGE8aFBm7uxoecds
FUjje/BBXIUZL2WP72PT/+64hsJ1xrSC6nrW/fzOMcGIzaQbXogJE+09V5pK/3ys
HaYuUGMnbQjCbeHPKlyT8OwEZ3XOlwDBFxtDm+mA4JeVF0kti2Hn3pgRbMqGWFnc
Skd870iG4U15xobeOt0ZoXZFbwYy4Ooam5d1/hGrSoaFJRyryC0zrBs/F6ADaIfH
b6YCWEw8rrESkPlvj7SaRQGMGoH2Zjn8izcFGb51FtJ3WypJHy8DSbdLxwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFGgpbNLYXcjXeqg+onMbnI5wZJrMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvVWFDbHMwdGhkeU5kNnFENmljeHVjam5Ca21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAXZjSAwQA
XZjUMAwDBABdmNkDBABdmNoDBABdmN4DBAFdmOIDBABeGlkDBADUZmkwDQYJKoZI
hvcNAQELBQADggEBAHNdmjGkwWKHQSARuBogIxnhCKWL0OZ82qsRZN8cE7kvNJfy
vcviDoN0NcRYfiG6AsSEMeJIzdiXVi9Qb3hVIdtCdpmuUGuQ5sjBzxajYUsNS459
QmjxI9tnBwthp18D6tiDraICoxBKjf1ce04D7k0LHix2qACaJ7TD8CmKS8nsBw8w
T2yJziIVYM3VJMwWhP+14hulV+GGW0q4qNzoDsgnEbBpLirbCG9TAnUdkiYcQ++s
D2cTbf3dgmuqJoQNs4PJS8YOpvCErz/UjjRO2oMjCTfYcUX0IHtiLqLgE+xnH/IU
38peMqr5oaF0PPEn3MqtUChUbjzBoo8Rzv1sxzw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org