Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/uZCJdsSNGSviG_wxHQS1XeITs18.roa
File: uZCJdsSNGSviG_wxHQS1XeITs18.roa (raw, json)
Hash identifier: DNXKOKj88JB/lE3bepNTt8tRmSwyjxf3oS9ztD7BAoo=
Subject key identifier: B9:90:89:76:C4:8D:19:2B:E2:1B:FC:31:1D:04:B5:5D:E2:13:B3:5F
Certificate issuer: /CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Certificate serial: 018C2AA1460F99991146A26619B87B1FE213
Authority key identifier: 3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/uZCJdsSNGSviG_wxHQS1XeITs18.roa
Signing time: Sat 02 Dec 2023 13:04:21 +0000
ROA not before: Sat 02 Dec 2023 13:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51264
IP address blocks: 91.228.218.0/24 maxlen: 24
194.0.206.0/24 maxlen: 24
194.143.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Dec 2023 14:13:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:a1:46:0f:99:99:11:46:a2:66:19:b8:7b:1f:e2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Validity
Not Before: Dec 2 13:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9908976c48d192be21bfc311d04b55de213b35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:58:cf:ae:95:8d:e2:2c:f2:66:9e:28:f0:d1:
ef:d5:a6:0c:48:7d:3f:d3:f5:39:c9:e3:6d:a3:27:
d2:f0:c0:3c:b1:4c:eb:9c:60:14:c3:a0:a2:21:62:
40:f3:ca:49:a2:7b:b8:bf:3a:30:5a:0f:06:8f:a9:
a4:92:36:91:35:de:ae:cd:44:8d:41:ec:c6:b9:5c:
db:1c:ae:3b:9e:bc:db:1f:7d:bc:a9:4e:c5:41:a1:
8d:9c:dd:0a:45:9e:66:97:90:19:14:00:9d:09:7c:
a5:65:89:ae:45:88:b0:7c:ee:f2:9a:c2:17:ae:26:
78:4c:d8:04:fe:50:82:49:c5:1d:90:0e:c7:95:5d:
73:ff:30:32:02:be:86:9d:8d:d4:71:6c:54:89:87:
21:04:20:63:03:c7:09:47:39:12:f6:55:1e:c1:03:
c7:d8:1b:9d:a9:67:07:90:c8:30:06:2a:bc:fe:3a:
30:05:16:6e:9c:d7:4c:fc:ef:53:65:fb:9c:f4:66:
cc:ea:e6:d3:5c:2e:83:5e:28:d2:d0:48:ea:0f:82:
06:43:27:2e:b5:86:f3:47:f8:1a:80:dd:2f:ae:ce:
a5:c5:6c:39:3b:a7:ef:dd:fb:12:78:ce:63:bd:28:
9e:cd:fc:e6:dc:b7:2e:d8:bb:b1:80:7b:a1:5b:31:
9c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:90:89:76:C4:8D:19:2B:E2:1B:FC:31:1D:04:B5:5D:E2:13:B3:5F
X509v3 Authority Key Identifier:
keyid:3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/uZCJdsSNGSviG_wxHQS1XeITs18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.218.0/24
194.0.206.0/24
194.143.146.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ab:f0:97:1e:5f:e6:eb:96:fa:0f:0c:8b:d1:71:d2:75:db:
60:cc:e1:70:5f:f9:de:04:95:32:a8:33:54:f4:d9:85:17:51:
c1:a9:9e:6b:71:fc:ea:25:9f:37:a6:6c:69:0b:93:a1:74:cb:
d3:72:4d:49:26:80:42:b4:db:f4:6e:11:08:e2:88:70:2f:dd:
87:25:9d:2e:03:a7:fb:c4:52:f1:9d:b1:3d:9c:78:3c:24:e1:
76:cd:38:87:91:ba:e8:f1:6a:d3:aa:b9:95:1d:83:f9:cd:5f:
81:ba:11:a8:0a:9f:ad:0c:7f:82:b7:38:44:b0:30:9f:95:d8:
d0:9e:61:b4:52:54:e8:41:17:64:a0:f2:01:34:fa:a4:c0:b5:
e0:b9:c5:8d:72:1a:54:8c:91:31:d3:62:86:85:ae:65:0c:b5:
70:f2:0d:80:a7:43:cc:8a:05:86:f7:c0:92:bf:3c:16:27:44:
a5:2d:cc:25:54:2d:ca:34:cb:6f:00:23:31:1a:bf:74:c4:9a:
25:4c:51:75:76:25:8e:f5:6a:b0:98:16:87:ca:ff:30:97:ea:
e9:02:68:c3:86:b1:31:f8:87:8f:d3:92:b2:91:b6:f5:24:92:
ca:6a:03:98:17:63:d5:cf:34:51:27:41:72:c7:b1:a4:49:73:
b0:f2:79:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwqoUYPmZkRRqJmGbh7H+ITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDMyNzdiN2NhNzlkMGU5ZTA3ZmM0YTRiMzE4MDQxZGY0
MTVjYjMwHhcNMjMxMjAyMTMwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTkwODk3NmM0OGQxOTJiZTIxYmZjMzExZDA0YjU1ZGUyMTNiMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFjPrpWN4izyZp4o8NHv1aYMSH0/
0/U5yeNtoyfS8MA8sUzrnGAUw6CiIWJA88pJonu4vzowWg8Gj6mkkjaRNd6uzUSN
QezGuVzbHK47nrzbH328qU7FQaGNnN0KRZ5ml5AZFACdCXylZYmuRYiwfO7ymsIX
riZ4TNgE/lCCScUdkA7HlV1z/zAyAr6GnY3UcWxUiYchBCBjA8cJRzkS9lUewQPH
2BudqWcHkMgwBiq8/jowBRZunNdM/O9TZfuc9GbM6ubTXC6DXijS0EjqD4IGQycu
tYbzR/gagN0vrs6lxWw5O6fv3fsSeM5jvSiezfzm3Lcu2LuxgHuhWzGcOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLmQiXbEjRkr4hv8MR0EtV3iE7NfMB8GA1UdIwQY
MBaAFD5DJ3t8p50Ongf8SksxgEHfQVyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUt
M2NmMmE0NjIyZmJjLzEvdVpDSmRzU05HU3ZpR193eEhRUzFYZUlUczE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUtM2NmMmE0NjIyZmJj
LzEvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+TaAwQA
wgDOAwQAwo+SMA0GCSqGSIb3DQEBCwUAA4IBAQBHq/CXHl/m65b6DwyL0XHSddtg
zOFwX/neBJUyqDNU9NmFF1HBqZ5rcfzqJZ83pmxpC5OhdMvTck1JJoBCtNv0bhEI
4ohwL92HJZ0uA6f7xFLxnbE9nHg8JOF2zTiHkbro8WrTqrmVHYP5zV+BuhGoCp+t
DH+CtzhEsDCfldjQnmG0UlToQRdkoPIBNPqkwLXgucWNchpUjJEx02KGha5lDLVw
8g2Ap0PMigWG98CSvzwWJ0SlLcwlVC3KNMtvACMxGr90xJolTFF1diWO9WqwmBaH
yv8wl+rpAmjDhrEx+IeP05Kykbb1JJLKagOYF2PVzzRRJ0Fyx7GkSXOw8nlj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:43 2024 by rpki-client on console-fra.rpki-client.org