Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/UYW5bagiWnahfVThyhhWVPwgy_M.roa
File: UYW5bagiWnahfVThyhhWVPwgy_M.roa (raw, json)
Hash identifier: YKtwdiqXLvgO2Z4Ll+14bd7fD4zVSUSqRTvMn4H3TgQ=
Subject key identifier: 51:85:B9:6D:A8:22:5A:76:A1:7D:54:E1:CA:18:56:54:FC:20:CB:F3
Certificate issuer: /CN=0f92c52f86009879c177092f7cd83418b4df8cab
Certificate serial: 01856F26BAD52806FA9011B1B75E40DBA46C
Authority key identifier: 0F:92:C5:2F:86:00:98:79:C1:77:09:2F:7C:D8:34:18:B4:DF:8C:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/UYW5bagiWnahfVThyhhWVPwgy_M.roa
Signing time: Sun 01 Jan 2023 21:04:47 +0000
ROA not before: Sun 01 Jan 2023 21:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 81.28.112.0/20 maxlen: 24
188.123.160.0/19 maxlen: 24
185.175.248.0/22 maxlen: 24
82.212.64.0/18 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:ba:d5:28:06:fa:90:11:b1:b7:5e:40:db:a4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f92c52f86009879c177092f7cd83418b4df8cab
Validity
Not Before: Jan 1 21:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5185b96da8225a76a17d54e1ca185654fc20cbf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f6:f9:0e:12:74:d2:de:25:f6:e8:06:02:10:
ca:bf:08:53:89:70:0c:e2:f3:66:b6:46:8d:9e:c5:
97:75:87:42:bf:f7:52:6b:58:c4:9c:a2:ef:da:16:
91:6c:4f:3d:c8:56:f1:da:fa:94:06:7b:38:ab:f9:
2b:b7:a8:fc:56:7f:3b:ee:7e:d3:be:76:c2:75:4b:
7c:d6:85:04:88:f0:db:6a:3d:e6:2b:f3:e0:36:27:
14:e5:5b:10:4a:a3:91:e2:33:f9:ad:47:c4:5d:11:
ee:fc:ac:94:cd:e4:1c:1e:1e:94:61:45:08:97:8c:
d3:13:b7:00:c3:cc:c9:62:89:b2:96:c4:46:2b:81:
8f:90:03:cc:cd:dd:4b:fa:1b:9d:4a:21:c0:e4:a6:
af:00:1b:3d:4e:2f:4e:3a:43:04:82:7d:d1:4a:80:
64:91:4e:19:5d:52:34:60:cd:f7:2d:22:55:e6:63:
16:75:93:61:3d:55:1d:6e:48:38:55:88:30:10:04:
14:39:45:4b:fe:a5:a5:11:41:d2:c0:e3:4b:eb:db:
c7:3d:50:18:52:04:07:1d:02:b7:4b:88:85:21:7c:
4a:c2:e3:1a:ae:84:6a:08:10:fe:3d:cf:1c:80:51:
13:74:e8:e0:7a:05:88:d7:4e:3e:24:84:ca:2d:4e:
d9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:85:B9:6D:A8:22:5A:76:A1:7D:54:E1:CA:18:56:54:FC:20:CB:F3
X509v3 Authority Key Identifier:
keyid:0F:92:C5:2F:86:00:98:79:C1:77:09:2F:7C:D8:34:18:B4:DF:8C:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5LFL4YAmHnBdwkvfNg0GLTfjKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/UYW5bagiWnahfVThyhhWVPwgy_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e8c287-f049-4595-86eb-0be209ffbaec/1/D5LFL4YAmHnBdwkvfNg0GLTfjKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.28.112.0/20
82.212.64.0/18
185.175.248.0/22
188.123.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:95:f9:5c:55:a1:a2:78:2f:de:a0:3e:cd:cf:c4:fa:ad:42:
79:f3:51:5c:ed:2b:35:26:c6:00:f5:a8:53:e0:9f:a5:57:3a:
45:8f:3b:2c:c6:7e:66:55:fb:6a:a6:a8:49:cd:44:06:bf:bc:
1f:2e:0d:fa:06:62:9a:4c:6c:b7:28:45:88:40:7b:c6:fd:91:
c8:5b:bf:92:a5:fd:63:75:f6:65:b8:55:b2:3b:48:59:65:eb:
3e:47:2f:e9:0c:8e:80:a6:28:36:d4:e2:bc:cb:d7:2f:97:b2:
e6:40:49:54:79:5f:e8:12:3e:57:93:54:de:2c:db:6a:56:c9:
5e:95:4c:72:db:e2:51:d9:db:9c:87:fa:36:26:04:20:d6:a1:
b1:69:5e:62:38:6e:94:26:ce:e5:5c:7f:a9:c0:da:ef:43:61:
58:c4:70:bb:b3:a5:c0:d0:db:a4:1f:da:43:ca:c2:b7:7f:4c:
2f:64:a9:6f:3f:30:5d:a9:45:30:f1:f9:36:4e:82:df:67:03:
20:55:dd:a7:98:e3:60:7f:04:96:c7:b5:3f:54:15:32:be:53:
2d:0a:c2:7d:c4:5b:65:39:14:4b:74:8d:e6:53:cf:dc:70:10:
67:cd:23:4b:57:88:33:13:ca:72:72:57:3b:f7:70:63:44:c0:
c7:b8:5e:4d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvJrrVKAb6kBGxt15A26RsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOTJjNTJmODYwMDk4NzljMTc3MDkyZjdjZDgzNDE4YjRk
ZjhjYWIwHhcNMjMwMTAxMjEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg1Yjk2ZGE4MjI1YTc2YTE3ZDU0ZTFjYTE4NTY1NGZjMjBjYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fb5DhJ00t4l9ugGAhDKvwhTiXAM
4vNmtkaNnsWXdYdCv/dSa1jEnKLv2haRbE89yFbx2vqUBns4q/krt6j8Vn877n7T
vnbCdUt81oUEiPDbaj3mK/PgNicU5VsQSqOR4jP5rUfEXRHu/KyUzeQcHh6UYUUI
l4zTE7cAw8zJYomylsRGK4GPkAPMzd1L+hudSiHA5KavABs9Ti9OOkMEgn3RSoBk
kU4ZXVI0YM33LSJV5mMWdZNhPVUdbkg4VYgwEAQUOUVL/qWlEUHSwONL69vHPVAY
UgQHHQK3S4iFIXxKwuMaroRqCBD+Pc8cgFETdOjgegWI104+JITKLU7ZAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFGFuW2oIlp2oX1U4coYVlT8IMvzMB8GA1UdIwQY
MBaAFA+SxS+GAJh5wXcJL3zYNBi034yrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVMRkw0WUFtSG5CZHdrdmZOZzBHTFRmaktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOGMyODctZjA0OS00NTk1LTg2ZWIt
MGJlMjA5ZmZiYWVjLzEvVVlXNWJhZ2lXbmFoZlZUaHloaFdWUHdneV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOGMyODctZjA0OS00NTk1LTg2ZWItMGJlMjA5ZmZiYWVj
LzEvRDVMRkw0WUFtSG5CZHdrdmZOZzBHTFRmaktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEURxwAwQG
UtRAAwQCua/4AwQFvHugMA0GCSqGSIb3DQEBCwUAA4IBAQCwlflcVaGieC/eoD7N
z8T6rUJ581Fc7Ss1JsYA9ahT4J+lVzpFjzssxn5mVftqpqhJzUQGv7wfLg36BmKa
TGy3KEWIQHvG/ZHIW7+Spf1jdfZluFWyO0hZZes+Ry/pDI6Apig21OK8y9cvl7Lm
QElUeV/oEj5Xk1TeLNtqVslelUxy2+JR2duch/o2JgQg1qGxaV5iOG6UJs7lXH+p
wNrvQ2FYxHC7s6XA0NukH9pDysK3f0wvZKlvPzBdqUUw8fk2ToLfZwMgVd2nmONg
fwSWx7U/VBUyvlMtCsJ9xFtlORRLdI3mU8/ccBBnzSNLV4gzE8pyclc793BjRMDH
uF5N
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:17:04 2024 by rpki-client on console-ams.rpki-client.org