Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/u_ritdzk5aoPW9HaRth5bbEtSn8.roa
File: u_ritdzk5aoPW9HaRth5bbEtSn8.roa (raw, json)
Hash identifier: To2Oi1Tp5wV0+GHLK6wqNX/HkT3j+9sQzYGdoBSk9C0=
Subject key identifier: BB:FA:E2:B5:DC:E4:E5:AA:0F:5B:D1:DA:46:D8:79:6D:B1:2D:4A:7F
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 018906B8BF26BA823E3D64C2616343DE82A3
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/u_ritdzk5aoPW9HaRth5bbEtSn8.roa
Signing time: Thu 29 Jun 2023 10:35:18 +0000
ROA not before: Thu 29 Jun 2023 10:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 84.239.43.0/24 maxlen: 24
84.239.41.0/24 maxlen: 24
84.239.50.0/24 maxlen: 24
84.239.48.0/24 maxlen: 24
84.239.47.0/24 maxlen: 24
84.239.45.0/24 maxlen: 24
84.239.52.0/24 maxlen: 24
84.239.10.0/24 maxlen: 24
84.239.7.0/24 maxlen: 24
84.239.6.0/24 maxlen: 24
84.239.5.0/24 maxlen: 24
84.239.17.0/24 maxlen: 24
84.239.16.0/24 maxlen: 24
84.239.12.0/24 maxlen: 24
84.239.18.0/24 maxlen: 24
84.239.31.0/24 maxlen: 24
84.239.30.0/24 maxlen: 24
84.239.29.0/24 maxlen: 24
84.239.28.0/24 maxlen: 24
84.239.27.0/24 maxlen: 24
84.239.25.0/24 maxlen: 24
84.239.37.0/24 maxlen: 24
84.239.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:b8:bf:26:ba:82:3e:3d:64:c2:61:63:43:de:82:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jun 29 10:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbfae2b5dce4e5aa0f5bd1da46d8796db12d4a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3a:c4:f2:32:5e:7e:a0:00:c6:58:94:77:3e:
81:12:f2:21:ef:17:b0:5b:ae:94:bc:0f:6e:b0:d0:
cf:14:2f:99:7f:31:74:a5:e5:2c:75:55:60:3c:54:
6b:a0:70:03:b0:25:50:df:8a:52:09:36:c0:39:38:
f3:f7:be:96:e3:af:72:7c:ff:77:8b:c7:f1:16:4a:
4d:f7:05:5a:f4:50:f8:b3:fd:b8:c0:e4:24:55:83:
ec:f5:58:6e:0a:5c:38:e2:4a:b6:b8:9d:61:07:2d:
d5:c9:0e:96:7f:60:a5:12:84:a3:ed:d8:ec:b1:75:
e8:78:38:b8:c1:ef:e2:f7:be:46:31:d3:ba:ae:0e:
25:32:a3:46:ae:e2:7f:d7:29:dc:75:81:4c:3b:18:
ce:69:49:e9:43:df:67:cb:11:4a:18:da:72:f8:3b:
b1:da:7b:40:50:88:5a:25:9c:2f:f6:67:2a:02:80:
53:76:18:9f:a7:ce:9f:3b:fe:5e:f1:9d:78:36:12:
29:32:80:dd:55:c5:1a:20:12:6c:c4:40:ea:2e:e5:
df:a8:0d:30:00:04:a1:3b:58:d9:f0:53:2b:4c:3b:
28:93:1c:3b:55:09:bc:4a:89:33:e2:e7:b2:38:a9:
36:84:81:19:10:a6:0d:31:b4:90:2b:8b:97:ab:c3:
0c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FA:E2:B5:DC:E4:E5:AA:0F:5B:D1:DA:46:D8:79:6D:B1:2D:4A:7F
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/u_ritdzk5aoPW9HaRth5bbEtSn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.5.0-84.239.7.255
84.239.10.0/24
84.239.12.0/24
84.239.16.0-84.239.18.255
84.239.25.0/24
84.239.27.0-84.239.31.255
84.239.33.0/24
84.239.37.0/24
84.239.41.0/24
84.239.43.0/24
84.239.45.0/24
84.239.47.0-84.239.48.255
84.239.50.0/24
84.239.52.0/24
Signature Algorithm: sha256WithRSAEncryption
59:c2:31:52:78:d4:ff:72:05:90:e4:2d:5c:82:bd:ad:55:ed:
4a:9b:44:fd:06:32:4f:ce:e0:e6:a4:46:0c:6d:38:97:30:56:
74:c8:d9:aa:a4:bd:64:b3:4f:8d:d3:d4:61:7a:49:c7:58:41:
69:10:03:25:69:b6:74:12:71:0c:e3:9b:ed:03:34:cf:af:cc:
16:49:22:a9:31:08:28:5c:49:c8:38:cf:fc:41:7f:71:67:c5:
4c:b9:4f:3c:8e:fb:f2:2e:d5:ff:a3:2a:46:49:11:55:58:ba:
65:cc:03:01:cf:7c:46:64:91:1d:b7:10:99:e8:ca:d8:35:b9:
79:8f:ad:13:9c:fb:d2:19:1a:5a:26:27:68:73:2a:43:c6:25:
a2:39:d4:da:f0:4a:98:b6:5b:f3:6c:65:f7:13:24:4e:f0:5c:
e6:9f:6c:a0:fa:75:bd:07:48:43:b1:74:f3:f4:a9:59:37:50:
39:f3:94:55:fc:b3:c9:3b:0a:bb:56:f5:e7:0e:ca:89:c7:af:
74:4a:c8:97:82:b5:2c:45:83:bc:40:8d:78:b0:97:28:05:89:
4e:de:1d:96:07:2f:bc:2e:42:eb:f9:6d:da:5d:b5:d8:08:8c:
c6:92:4b:2f:0f:94:37:73:0a:40:5a:a7:d3:3f:5e:7b:04:22:
3c:26:d7:c3
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYkGuL8muoI+PWTCYWND3oKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjMwNjI5MTAzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZhZTJiNWRjZTRlNWFhMGY1YmQxZGE0NmQ4Nzk2ZGIxMmQ0YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjrE8jJefqAAxliUdz6BEvIh7xew
W66UvA9usNDPFC+ZfzF0peUsdVVgPFRroHADsCVQ34pSCTbAOTjz976W469yfP93
i8fxFkpN9wVa9FD4s/24wOQkVYPs9VhuClw44kq2uJ1hBy3VyQ6Wf2ClEoSj7djs
sXXoeDi4we/i975GMdO6rg4lMqNGruJ/1yncdYFMOxjOaUnpQ99nyxFKGNpy+Dux
2ntAUIhaJZwv9mcqAoBTdhifp86fO/5e8Z14NhIpMoDdVcUaIBJsxEDqLuXfqA0w
AAShO1jZ8FMrTDsokxw7VQm8Sokz4ueyOKk2hIEZEKYNMbSQK4uXq8MMJQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFLv64rXc5OWqD1vR2kbYeW2xLUp/MB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvdV9yaXRkems1YW9QVzlIYVJ0aDViYkV0U244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdDAMAwQAVO8F
AwQDVO8AAwQAVO8KAwQAVO8MMAwDBARU7xADBABU7xIDBABU7xkwDAMEAFTvGwME
BVTvAAMEAFTvIQMEAFTvJQMEAFTvKQMEAFTvKwMEAFTvLTAMAwQAVO8vAwQAVO8w
AwQAVO8yAwQAVO80MA0GCSqGSIb3DQEBCwUAA4IBAQBZwjFSeNT/cgWQ5C1cgr2t
Ve1Km0T9BjJPzuDmpEYMbTiXMFZ0yNmqpL1ks0+N09RheknHWEFpEAMlabZ0EnEM
45vtAzTPr8wWSSKpMQgoXEnIOM/8QX9xZ8VMuU88jvvyLtX/oypGSRFVWLplzAMB
z3xGZJEdtxCZ6MrYNbl5j60TnPvSGRpaJidocypDxiWiOdTa8EqYtlvzbGX3EyRO
8Fzmn2yg+nW9B0hDsXTz9KlZN1A585RV/LPJOwq7VvXnDsqJx690SsiXgrUsRYO8
QI14sJcoBYlO3h2WBy+8LkLr+W3aXbXYCIzGkksvD5Q3cwpAWqfTP157BCI8JtfD
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:07 2024 by rpki-client on console-fra.rpki-client.org