Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/uwxF8C3QaQ4oIMadyNlPfPtobKA.roa
File: uwxF8C3QaQ4oIMadyNlPfPtobKA.roa (raw, json)
Hash identifier: G+vFG/00ynLnEcIBPn7g0iorTpTmOlYpGy/wpLcXh3E=
Subject key identifier: BB:0C:45:F0:2D:D0:69:0E:28:20:C6:9D:C8:D9:4F:7C:FB:68:6C:A0
Certificate issuer: /CN=c070ee8dc8378086960182e3309226717e83e407
Certificate serial: 0187340E23026FA0F0D99987B26F9B5669C2
Authority key identifier: C0:70:EE:8D:C8:37:80:86:96:01:82:E3:30:92:26:71:7E:83:E4:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHDujcg3gIaWAYLjMJImcX6D5Ac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/uwxF8C3QaQ4oIMadyNlPfPtobKA.roa
Signing time: Thu 30 Mar 2023 19:45:54 +0000
ROA not before: Thu 30 Mar 2023 19:45:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25082
IP address blocks: 91.215.68.0/24 maxlen: 24
91.203.143.0/24 maxlen: 24
91.203.140.0/24 maxlen: 24
91.203.140.0/22 maxlen: 22
91.203.141.0/24 maxlen: 24
91.203.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:34:0e:23:02:6f:a0:f0:d9:99:87:b2:6f:9b:56:69:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c070ee8dc8378086960182e3309226717e83e407
Validity
Not Before: Mar 30 19:45:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb0c45f02dd0690e2820c69dc8d94f7cfb686ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:58:f7:7a:80:52:3f:e3:8f:48:bf:f3:ab:fb:
76:60:be:1d:1e:bf:0c:73:7b:b5:58:00:b9:8b:a7:
b0:b4:90:a0:c4:a9:5e:9c:0f:b3:32:db:23:63:f0:
98:0d:eb:82:3e:1c:e5:27:e5:35:ab:85:9f:40:d0:
0e:7d:e3:0a:c8:40:08:0e:d9:69:ec:eb:a0:63:24:
b5:e5:77:29:14:86:f0:bb:a6:3c:92:ab:6d:dd:0c:
f3:5e:8e:e4:23:ac:c9:d0:7e:1b:54:20:6d:12:7c:
17:3a:b3:73:e4:83:be:21:8a:8f:ad:9a:8a:df:a7:
6e:7c:34:6f:48:fa:b1:be:07:01:54:d4:ac:17:da:
d3:5a:b2:7b:ef:e6:f4:fe:41:39:c9:37:dd:3a:a3:
7b:84:ec:e9:22:8c:e8:c2:ab:bd:d6:42:a2:8f:8a:
04:f6:b8:66:fe:fa:ec:b9:18:bb:c1:83:42:71:de:
ed:6d:c4:55:cf:9b:ac:c9:2f:df:4f:39:9e:50:59:
eb:b5:00:c5:a6:ad:83:7d:db:b9:b2:3c:33:40:b3:
89:2c:9b:0c:41:df:0c:e7:f4:88:3a:66:da:01:cb:
fc:8e:b5:05:d6:8a:30:09:01:9b:af:51:8f:c8:d1:
d6:6b:07:54:f2:3b:7c:92:15:eb:ba:7b:fa:a9:48:
d1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0C:45:F0:2D:D0:69:0E:28:20:C6:9D:C8:D9:4F:7C:FB:68:6C:A0
X509v3 Authority Key Identifier:
keyid:C0:70:EE:8D:C8:37:80:86:96:01:82:E3:30:92:26:71:7E:83:E4:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHDujcg3gIaWAYLjMJImcX6D5Ac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/uwxF8C3QaQ4oIMadyNlPfPtobKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/wHDujcg3gIaWAYLjMJImcX6D5Ac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.140.0/22
91.215.68.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:d3:9a:31:8a:b4:46:9b:19:9a:db:6c:76:ef:8c:c5:ba:71:
4d:74:46:71:be:01:69:b7:12:35:a6:d6:46:ea:53:30:55:a2:
99:f8:ee:c4:9b:7a:fd:fd:c2:d4:a5:57:38:87:ef:50:30:05:
0a:9b:61:91:5f:67:38:0b:a5:36:41:21:77:b9:69:df:33:a8:
87:28:24:1d:7a:6c:9d:8d:d5:d2:f7:bf:8d:fd:cf:e8:d4:d5:
a6:fb:57:da:df:19:58:92:42:dd:66:d9:da:66:ba:66:4f:8f:
8a:cd:6e:a2:28:12:f8:3e:68:ff:ee:d9:ac:3e:a2:d0:27:8e:
21:d6:af:f2:f7:e3:f7:89:56:1a:81:36:5a:b0:2c:f0:16:cf:
5b:0f:40:e4:31:8f:b7:66:3c:38:7d:a2:ab:42:f1:17:f5:f9:
c0:b1:3a:f4:72:be:be:c0:32:4b:af:38:9d:7c:7f:ef:1d:43:
3b:67:88:f6:61:ae:f7:88:80:0c:9f:26:57:64:89:ee:82:e6:
0a:32:10:4d:8e:af:73:88:83:b0:e8:6d:b6:c8:55:32:99:91:
33:c9:20:21:72:ee:73:17:52:ae:24:79:f6:f0:99:72:ce:ec:
86:8d:ce:5f:d4:c3:52:25:20:47:53:9d:8d:7a:de:8f:4f:0d:
65:9a:a1:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYc0DiMCb6Dw2ZmHsm+bVmnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzBlZThkYzgzNzgwODY5NjAxODJlMzMwOTIyNjcxN2U4
M2U0MDcwHhcNMjMwMzMwMTk0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjBjNDVmMDJkZDA2OTBlMjgyMGM2OWRjOGQ5NGY3Y2ZiNjg2Y2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlj3eoBSP+OPSL/zq/t2YL4dHr8M
c3u1WAC5i6ewtJCgxKlenA+zMtsjY/CYDeuCPhzlJ+U1q4WfQNAOfeMKyEAIDtlp
7OugYyS15XcpFIbwu6Y8kqtt3QzzXo7kI6zJ0H4bVCBtEnwXOrNz5IO+IYqPrZqK
36dufDRvSPqxvgcBVNSsF9rTWrJ77+b0/kE5yTfdOqN7hOzpIozowqu91kKij4oE
9rhm/vrsuRi7wYNCcd7tbcRVz5usyS/fTzmeUFnrtQDFpq2Dfdu5sjwzQLOJLJsM
Qd8M5/SIOmbaAcv8jrUF1oowCQGbr1GPyNHWawdU8jt8khXrunv6qUjRjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLsMRfAt0GkOKCDGncjZT3z7aGygMB8GA1UdIwQY
MBaAFMBw7o3IN4CGlgGC4zCSJnF+g+QHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hEdWpjZzNnSWFXQVlMak1KSW1jWDZENUFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8yYTM2NTUtOTQxYi00NmQ4LTg3ODkt
NDVhN2I2OTc4NDkzLzEvdXd4RjhDM1FhUTRvSU1hZHlObFBmUHRvYktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8yYTM2NTUtOTQxYi00NmQ4LTg3ODktNDVhN2I2OTc4NDkz
LzEvd0hEdWpjZzNnSWFXQVlMak1KSW1jWDZENUFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8uMAwQA
W9dEMA0GCSqGSIb3DQEBCwUAA4IBAQBc05oxirRGmxma22x274zFunFNdEZxvgFp
txI1ptZG6lMwVaKZ+O7Em3r9/cLUpVc4h+9QMAUKm2GRX2c4C6U2QSF3uWnfM6iH
KCQdemydjdXS97+N/c/o1NWm+1fa3xlYkkLdZtnaZrpmT4+KzW6iKBL4Pmj/7tms
PqLQJ44h1q/y9+P3iVYagTZasCzwFs9bD0DkMY+3Zjw4faKrQvEX9fnAsTr0cr6+
wDJLrzidfH/vHUM7Z4j2Ya73iIAMnyZXZInuguYKMhBNjq9ziIOw6G22yFUymZEz
ySAhcu5zF1KuJHn28JlyzuyGjc5f1MNSJSBHU52Net6PTw1lmqG+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:58 2024 by rpki-client on console-fra.rpki-client.org