Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/UFId11ef2OHa1F2HzMFxIezoEAA.roa
File: UFId11ef2OHa1F2HzMFxIezoEAA.roa (raw, json)
Hash identifier: QuWZMWkmKQUCeZM/LO5YaJLU+YrHc3hZC2MLkEW3BNo=
Subject key identifier: 50:52:1D:D7:57:9F:D8:E1:DA:D4:5D:87:CC:C1:71:21:EC:E8:10:00
Certificate issuer: /CN=7d645e584f1ef9a881f1fbbc4d27a3423de3dff1
Certificate serial: 01856D53CE80704C39E42B4D57A63A2D92BB
Authority key identifier: 7D:64:5E:58:4F:1E:F9:A8:81:F1:FB:BC:4D:27:A3:42:3D:E3:DF:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/UFId11ef2OHa1F2HzMFxIezoEAA.roa
Signing time: Sun 01 Jan 2023 12:34:46 +0000
ROA not before: Sun 01 Jan 2023 12:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35369
IP address blocks: 83.164.128.0/17 maxlen: 32
185.121.40.0/22 maxlen: 24
2a00:1860::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:ce:80:70:4c:39:e4:2b:4d:57:a6:3a:2d:92:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d645e584f1ef9a881f1fbbc4d27a3423de3dff1
Validity
Not Before: Jan 1 12:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50521dd7579fd8e1dad45d87ccc17121ece81000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:60:f9:11:7b:69:f6:f0:ff:a4:9d:ce:f9:79:
fd:b7:27:9d:c7:f6:2b:7c:0c:f2:87:2b:10:64:0d:
bc:a2:66:95:76:38:4f:c9:86:4b:55:cb:bf:f8:ce:
74:95:1e:10:d0:d6:7b:31:2a:94:68:4c:ef:15:aa:
a7:37:07:7e:67:d6:c8:37:aa:1b:5d:96:fe:34:8a:
dc:11:a0:56:19:b6:c2:5b:f1:bf:12:f2:46:4a:03:
64:45:7b:3f:54:65:80:20:05:4d:7d:c9:37:f5:e7:
65:b4:9d:75:82:90:27:49:ed:ff:7f:9c:fe:02:86:
01:04:35:24:df:30:cc:c0:70:42:26:35:7f:48:49:
db:09:1e:59:ba:a6:ab:f8:2d:e1:9f:ba:52:75:78:
7c:3c:4f:73:62:6d:8f:bd:45:7c:33:6b:12:fb:28:
a4:55:82:13:5b:52:3c:eb:53:21:bd:14:4e:a4:bb:
b8:59:ce:0e:26:a4:0d:f0:41:08:3a:c4:2d:85:ee:
78:94:7f:bb:08:6e:f9:be:1a:df:00:0a:37:47:ea:
36:fd:06:ba:ca:81:94:75:fc:fe:6d:4e:cf:91:e1:
95:b9:97:1e:f6:65:37:48:8f:e5:93:e2:9e:2f:72:
f0:72:af:63:98:07:ba:df:72:77:7c:68:b8:5e:a8:
3b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:52:1D:D7:57:9F:D8:E1:DA:D4:5D:87:CC:C1:71:21:EC:E8:10:00
X509v3 Authority Key Identifier:
keyid:7D:64:5E:58:4F:1E:F9:A8:81:F1:FB:BC:4D:27:A3:42:3D:E3:DF:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/UFId11ef2OHa1F2HzMFxIezoEAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/fWReWE8e-aiB8fu8TSejQj3j3_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.164.128.0/17
185.121.40.0/22
IPv6:
2a00:1860::/32
Signature Algorithm: sha256WithRSAEncryption
87:f9:ea:7f:50:1d:d7:87:60:e3:9c:0e:b1:5c:52:dc:0a:09:
e5:7a:e7:3b:d9:9f:16:59:8b:8b:9b:9b:b5:be:75:4e:74:a0:
e0:b4:0d:c7:9a:1f:f9:90:20:35:74:25:b9:9c:ac:82:9e:35:
4e:18:c6:54:16:c6:80:e1:d7:cd:f7:23:cf:17:d7:43:e2:fd:
63:58:34:63:24:0d:d5:cb:75:5d:43:d6:17:3e:f4:0f:78:8d:
06:80:7d:15:03:7c:02:1e:44:0a:54:b3:27:bf:89:63:4a:2e:
1b:a4:3b:75:4b:a7:3d:c0:d4:9f:43:25:78:d4:af:97:86:08:
a6:67:2b:7f:bf:2f:94:50:37:7a:e3:34:cc:70:49:38:43:bc:
dd:ca:93:78:76:8f:ea:75:52:92:b6:6a:44:63:fe:81:5c:c3:
92:66:b5:f7:1d:09:89:d6:02:06:41:47:25:a3:ef:f9:a5:21:
a5:49:f7:1c:68:c8:83:2f:28:3f:38:4f:49:3d:95:bb:c2:c0:
d1:26:74:99:a3:e3:bf:5c:77:85:6a:a9:78:61:61:9e:cd:ae:
df:f7:06:e2:f3:62:c0:96:ec:a6:80:ac:98:4d:3c:54:c4:27:
08:ea:96:fd:31:46:2b:70:03:99:36:d2:c6:b6:52:d1:3f:56:
26:53:a4:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtU86AcEw55CtNV6Y6LZK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjQ1ZTU4NGYxZWY5YTg4MWYxZmJiYzRkMjdhMzQyM2Rl
M2RmZjEwHhcNMjMwMTAxMTIzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDUyMWRkNzU3OWZkOGUxZGFkNDVkODdjY2MxNzEyMWVjZTgxMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmD5EXtp9vD/pJ3O+Xn9tyedx/Yr
fAzyhysQZA28omaVdjhPyYZLVcu/+M50lR4Q0NZ7MSqUaEzvFaqnNwd+Z9bIN6ob
XZb+NIrcEaBWGbbCW/G/EvJGSgNkRXs/VGWAIAVNfck39edltJ11gpAnSe3/f5z+
AoYBBDUk3zDMwHBCJjV/SEnbCR5Zuqar+C3hn7pSdXh8PE9zYm2PvUV8M2sS+yik
VYITW1I861MhvRROpLu4Wc4OJqQN8EEIOsQthe54lH+7CG75vhrfAAo3R+o2/Qa6
yoGUdfz+bU7PkeGVuZce9mU3SI/lk+KeL3Lwcq9jmAe633J3fGi4Xqg7YwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFBSHddXn9jh2tRdh8zBcSHs6BAAMB8GA1UdIwQY
MBaAFH1kXlhPHvmogfH7vE0no0I949/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldSZVdFOGUtYWlCOGZ1OFRTZWpRajNqM19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wZDFjMzMtOTExNy00YTExLWJiZmUt
ZGI4MWExOGUyNDJlLzEvVUZJZDExZWYyT0hhMUYySHpNRnhJZXpvRUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wZDFjMzMtOTExNy00YTExLWJiZmUtZGI4MWExOGUyNDJl
LzEvZldSZVdFOGUtYWlCOGZ1OFRTZWpRajNqM19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHU6SAAwQC
uXkoMA0EAgACMAcDBQAqABhgMA0GCSqGSIb3DQEBCwUAA4IBAQCH+ep/UB3Xh2Dj
nA6xXFLcCgnleuc72Z8WWYuLm5u1vnVOdKDgtA3Hmh/5kCA1dCW5nKyCnjVOGMZU
FsaA4dfN9yPPF9dD4v1jWDRjJA3Vy3VdQ9YXPvQPeI0GgH0VA3wCHkQKVLMnv4lj
Si4bpDt1S6c9wNSfQyV41K+XhgimZyt/vy+UUDd64zTMcEk4Q7zdypN4do/qdVKS
tmpEY/6BXMOSZrX3HQmJ1gIGQUclo+/5pSGlSfccaMiDLyg/OE9JPZW7wsDRJnSZ
o+O/XHeFaql4YWGeza7f9wbi82LAluymgKyYTTxUxCcI6pb9MUYrcAOZNtLGtlLR
P1YmU6Ss
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:21 2024 by rpki-client on console-ams.rpki-client.org