Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/kUKAzTbiq-J_EunV00teVREUOYU.roa
File: kUKAzTbiq-J_EunV00teVREUOYU.roa (raw, json)
Hash identifier: Zowc1vORoAKZi0iDjTKYHWsE4eki5v2XNkZE7+GB6r0=
Subject key identifier: 91:42:80:CD:36:E2:AB:E2:7F:12:E9:D5:D3:4B:5E:55:11:14:39:85
Certificate issuer: /CN=016e5e31fa8716aaa54e18fcdcfed3fc94db90b5
Certificate serial: 01856CEF33461FE9B3F96D042A69B0559C16
Authority key identifier: 01:6E:5E:31:FA:87:16:AA:A5:4E:18:FC:DC:FE:D3:FC:94:DB:90:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/kUKAzTbiq-J_EunV00teVREUOYU.roa
Signing time: Sun 01 Jan 2023 10:44:53 +0000
ROA not before: Sun 01 Jan 2023 10:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200161
IP address blocks: 83.217.24.0/22 maxlen: 24
185.30.17.231/32 maxlen: 32
212.8.236.0/22 maxlen: 24
185.30.16.0/22 maxlen: 24
2a00:a960::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:33:46:1f:e9:b3:f9:6d:04:2a:69:b0:55:9c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=016e5e31fa8716aaa54e18fcdcfed3fc94db90b5
Validity
Not Before: Jan 1 10:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=914280cd36e2abe27f12e9d5d34b5e5511143985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7a:df:34:b0:51:37:59:2d:40:fc:b8:90:79:
16:3e:ad:72:8d:74:ff:d4:06:84:8a:0b:14:a2:d9:
a4:34:84:58:77:48:95:dc:9a:20:5e:06:a1:0a:f9:
e9:16:10:fa:13:5a:ca:49:cd:5b:fc:59:40:b1:ed:
83:58:0b:d2:ce:65:39:c1:a2:cc:88:3d:9b:6d:b3:
0c:55:86:b2:15:e5:16:a1:f7:da:0c:ea:55:40:2c:
2f:da:aa:d4:74:b7:26:96:13:0b:66:16:c0:ee:df:
ac:ea:c4:fb:7d:69:1c:32:dc:31:59:86:34:10:4a:
c6:36:61:8c:02:ef:06:04:59:51:d1:10:59:62:68:
73:ca:dc:c2:5f:d5:31:c0:68:a0:0d:40:51:77:81:
64:64:07:ee:ed:53:de:97:69:fa:15:fd:81:9d:b6:
04:f2:04:6e:dd:6d:1e:4d:a1:79:2b:e5:b8:2c:35:
0c:8d:81:9e:61:be:09:ac:c6:1d:4b:1f:6e:e2:03:
b6:02:97:af:91:c1:5e:84:1d:79:cf:7a:bc:8a:ee:
2e:61:fd:e8:42:8e:98:62:ee:6f:c7:22:bf:3b:53:
49:d5:4c:4c:0d:7d:16:d0:bd:d8:39:53:87:a4:5a:
ae:7a:0f:40:d5:5d:64:00:5e:15:95:cc:cd:6e:51:
3e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:42:80:CD:36:E2:AB:E2:7F:12:E9:D5:D3:4B:5E:55:11:14:39:85
X509v3 Authority Key Identifier:
keyid:01:6E:5E:31:FA:87:16:AA:A5:4E:18:FC:DC:FE:D3:FC:94:DB:90:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AW5eMfqHFqqlThj83P7T_JTbkLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/kUKAzTbiq-J_EunV00teVREUOYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/af4ef8-ed07-4acd-a42f-c96c2ce859e5/1/AW5eMfqHFqqlThj83P7T_JTbkLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.217.24.0/22
185.30.16.0/22
212.8.236.0/22
IPv6:
2a00:a960::/32
Signature Algorithm: sha256WithRSAEncryption
50:9e:10:9c:bc:81:0c:44:53:7b:e2:6b:d5:c1:28:b3:f7:76:
ab:7a:7a:c5:d2:b0:08:76:07:0e:57:3b:02:58:be:b0:db:92:
35:e7:fb:fb:46:ad:39:5a:47:94:62:39:6c:c3:96:71:76:0b:
15:fd:2b:bf:0a:df:30:21:1f:39:28:c0:11:32:a2:ff:91:a6:
30:0a:5e:0a:40:15:ce:cc:9b:c5:33:f7:e8:e3:10:16:14:c9:
bb:2b:a3:96:ee:b0:f6:04:17:2d:a7:68:23:8a:7f:a5:6c:c6:
b8:3d:15:5b:2f:1f:48:20:97:03:ea:06:0d:7e:76:f4:bb:26:
b2:6c:5a:21:45:18:a5:50:47:0d:0b:4b:13:54:99:b5:c8:09:
96:f0:52:bb:02:2f:02:59:90:0b:98:ac:97:c9:19:7d:69:99:
62:5c:d4:62:6f:e2:ff:8a:06:d4:48:e3:c8:99:19:4c:0c:f7:
4c:c5:01:31:29:bd:a8:a3:f3:ee:73:be:58:18:1b:78:88:c6:
ff:74:b5:34:9e:e2:75:37:f6:40:28:49:80:64:66:9b:0e:e2:
4e:17:bd:52:c4:54:e1:b8:d6:d1:04:34:7d:f2:49:50:ef:cc:
bc:eb:95:d8:43:52:cf:a0:a6:c1:2a:d8:85:0f:31:8e:39:c5:
db:f3:b7:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVs7zNGH+mz+W0EKmmwVZwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNmU1ZTMxZmE4NzE2YWFhNTRlMThmY2RjZmVkM2ZjOTRk
YjkwYjUwHhcNMjMwMTAxMTA0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTQyODBjZDM2ZTJhYmUyN2YxMmU5ZDVkMzRiNWU1NTExMTQzOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnrfNLBRN1ktQPy4kHkWPq1yjXT/
1AaEigsUotmkNIRYd0iV3JogXgahCvnpFhD6E1rKSc1b/FlAse2DWAvSzmU5waLM
iD2bbbMMVYayFeUWoffaDOpVQCwv2qrUdLcmlhMLZhbA7t+s6sT7fWkcMtwxWYY0
EErGNmGMAu8GBFlR0RBZYmhzytzCX9UxwGigDUBRd4FkZAfu7VPel2n6Ff2BnbYE
8gRu3W0eTaF5K+W4LDUMjYGeYb4JrMYdSx9u4gO2ApevkcFehB15z3q8iu4uYf3o
Qo6YYu5vxyK/O1NJ1UxMDX0W0L3YOVOHpFqueg9A1V1kAF4VlczNblE+hwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJFCgM024qvifxLp1dNLXlURFDmFMB8GA1UdIwQY
MBaAFAFuXjH6hxaqpU4Y/Nz+0/yU25C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVc1ZU1mcUhGcXFsVGhqODNQN1RfSlRia0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9hZjRlZjgtZWQwNy00YWNkLWE0MmYt
Yzk2YzJjZTg1OWU1LzEva1VLQXpUYmlxLUpfRXVuVjAwdGVWUkVVT1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9hZjRlZjgtZWQwNy00YWNkLWE0MmYtYzk2YzJjZTg1OWU1
LzEvQVc1ZU1mcUhGcXFsVGhqODNQN1RfSlRia0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCU9kYAwQC
uR4QAwQC1AjsMA0EAgACMAcDBQAqAKlgMA0GCSqGSIb3DQEBCwUAA4IBAQBQnhCc
vIEMRFN74mvVwSiz93arenrF0rAIdgcOVzsCWL6w25I15/v7Rq05WkeUYjlsw5Zx
dgsV/Su/Ct8wIR85KMARMqL/kaYwCl4KQBXOzJvFM/fo4xAWFMm7K6OW7rD2BBct
p2gjin+lbMa4PRVbLx9IIJcD6gYNfnb0uyaybFohRRilUEcNC0sTVJm1yAmW8FK7
Ai8CWZALmKyXyRl9aZliXNRib+L/igbUSOPImRlMDPdMxQExKb2oo/Puc75YGBt4
iMb/dLU0nuJ1N/ZAKEmAZGabDuJOF71SxFThuNbRBDR98klQ78y865XYQ1LPoKbB
KtiFDzGOOcXb87d5
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:31 2024 by rpki-client on console-fra.rpki-client.org