Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/uzXFbxigJdH1Qtdl7SfQgdrdOR0.roa
File: uzXFbxigJdH1Qtdl7SfQgdrdOR0.roa (raw, json)
Hash identifier: iSbzdAQrzbjvOsRmrSneSjvzUSvt+Dpr0iEMFU5OSI0=
Subject key identifier: BB:35:C5:6F:18:A0:25:D1:F5:42:D7:65:ED:27:D0:81:DA:DD:39:1D
Certificate issuer: /CN=10a5985cba32a877d3215bbc228cb07d0400917b
Certificate serial: 01856CF8577DE4DA570C2414E9E4F0C02FD9
Authority key identifier: 10:A5:98:5C:BA:32:A8:77:D3:21:5B:BC:22:8C:B0:7D:04:00:91:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKWYXLoyqHfTIVu8IoywfQQAkXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/uzXFbxigJdH1Qtdl7SfQgdrdOR0.roa
Signing time: Sun 01 Jan 2023 10:54:52 +0000
ROA not before: Sun 01 Jan 2023 10:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21660
IP address blocks: 185.89.151.0/24 maxlen: 24
185.89.148.0/23 maxlen: 23
185.89.150.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:57:7d:e4:da:57:0c:24:14:e9:e4:f0:c0:2f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a5985cba32a877d3215bbc228cb07d0400917b
Validity
Not Before: Jan 1 10:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb35c56f18a025d1f542d765ed27d081dadd391d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:70:e1:af:b5:10:74:2c:b6:b4:b6:c6:4c:69:
3c:d1:8a:6d:4b:b8:84:db:d4:8a:aa:4b:88:9c:ae:
dd:b5:15:dc:95:7d:35:53:12:02:b1:9d:46:e3:86:
a3:0f:d3:f8:71:1f:2c:ee:c8:f2:86:4d:da:af:b7:
84:f8:38:42:fe:95:0a:c9:df:7d:2b:57:3f:71:46:
99:14:4d:be:a9:69:a2:4f:8c:ac:9b:ba:06:b3:4e:
dc:14:9d:8d:90:45:9a:06:87:e8:a6:26:70:03:20:
f2:9f:3d:15:44:d2:8a:a5:11:a6:11:72:9e:3a:23:
bc:88:16:bf:cd:fd:1f:b4:01:2e:14:e7:85:9b:36:
3a:67:80:d4:1b:2c:6f:c5:3c:0d:df:0b:b5:22:c9:
7f:4d:7a:da:04:ad:87:62:5e:e9:27:b1:c9:b9:24:
bd:fb:e1:1b:70:86:c4:79:bd:a3:d2:af:86:ca:dd:
d7:1b:df:a6:09:1c:62:11:c8:42:13:7f:13:61:7a:
24:30:06:87:b3:ae:3e:4c:8b:8b:8b:cc:78:52:db:
35:d8:28:e8:73:15:17:33:32:0b:f4:ea:a3:a5:0d:
f4:f0:2d:7e:95:f0:99:ca:d9:3e:6e:96:83:54:8e:
47:99:99:be:eb:62:90:68:2b:be:fe:ae:74:f4:6d:
48:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:35:C5:6F:18:A0:25:D1:F5:42:D7:65:ED:27:D0:81:DA:DD:39:1D
X509v3 Authority Key Identifier:
keyid:10:A5:98:5C:BA:32:A8:77:D3:21:5B:BC:22:8C:B0:7D:04:00:91:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKWYXLoyqHfTIVu8IoywfQQAkXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/uzXFbxigJdH1Qtdl7SfQgdrdOR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/041d0f-be8d-4148-bcba-d70f28515fbd/1/EKWYXLoyqHfTIVu8IoywfQQAkXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.148.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:45:12:69:a5:b4:74:ce:48:ae:bc:fd:8a:c9:a2:29:e2:86:
d0:d6:d4:c2:3a:c3:89:2d:8f:e1:0c:df:41:29:80:04:22:17:
17:27:3a:c6:e2:1e:65:10:98:f6:6f:e8:8b:f6:9e:69:3e:2c:
c5:08:e5:e4:5a:ec:6c:ce:1b:9e:3e:a5:9e:7c:49:a3:07:3f:
18:d0:76:56:7b:4b:99:85:d9:e2:7c:e5:e0:4b:24:67:2f:c2:
b3:06:df:77:cf:cd:dc:c3:fb:db:63:c3:64:87:96:1f:4b:b8:
ae:5a:77:46:c9:b6:fa:50:03:7f:14:90:8d:31:14:b5:72:b8:
af:54:2a:f9:45:40:8e:b4:2f:fe:0b:80:68:a2:3e:b9:93:75:
27:5e:f6:4e:41:c0:c6:50:24:00:dd:18:4d:35:24:22:ea:e0:
7c:c1:02:c2:6a:4c:c5:0a:0a:1a:30:7a:08:5b:b7:4a:b5:a8:
84:1a:ab:a6:7e:4c:c6:18:39:ba:ef:a2:cc:67:49:a5:36:a3:
c2:dd:75:24:6a:80:a7:6a:41:4a:f9:17:70:8a:e0:fa:ad:7b:
45:b3:af:fe:15:03:8d:04:f6:93:bd:17:13:4e:02:91:5b:e6:
c2:81:7f:af:80:ac:ad:9d:c5:be:69:25:70:86:e4:c2:d1:9c:
0b:39:1a:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+Fd95NpXDCQU6eTwwC/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYTU5ODVjYmEzMmE4NzdkMzIxNWJiYzIyOGNiMDdkMDQw
MDkxN2IwHhcNMjMwMTAxMTA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM1YzU2ZjE4YTAyNWQxZjU0MmQ3NjVlZDI3ZDA4MWRhZGQzOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHDhr7UQdCy2tLbGTGk80YptS7iE
29SKqkuInK7dtRXclX01UxICsZ1G44ajD9P4cR8s7sjyhk3ar7eE+DhC/pUKyd99
K1c/cUaZFE2+qWmiT4ysm7oGs07cFJ2NkEWaBofopiZwAyDynz0VRNKKpRGmEXKe
OiO8iBa/zf0ftAEuFOeFmzY6Z4DUGyxvxTwN3wu1Isl/TXraBK2HYl7pJ7HJuSS9
++EbcIbEeb2j0q+Gyt3XG9+mCRxiEchCE38TYXokMAaHs64+TIuLi8x4Uts12Cjo
cxUXMzIL9OqjpQ308C1+lfCZytk+bpaDVI5HmZm+62KQaCu+/q509G1IQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLs1xW8YoCXR9ULXZe0n0IHa3TkdMB8GA1UdIwQY
MBaAFBClmFy6Mqh30yFbvCKMsH0EAJF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUtXWVhMb3lxSGZUSVZ1OElveXdmUVFBa1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wNDFkMGYtYmU4ZC00MTQ4LWJjYmEt
ZDcwZjI4NTE1ZmJkLzEvdXpYRmJ4aWdKZEgxUXRkbDdTZlFnZHJkT1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wNDFkMGYtYmU4ZC00MTQ4LWJjYmEtZDcwZjI4NTE1ZmJk
LzEvRUtXWVhMb3lxSGZUSVZ1OElveXdmUVFBa1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVmUMA0G
CSqGSIb3DQEBCwUAA4IBAQA7RRJppbR0zkiuvP2KyaIp4obQ1tTCOsOJLY/hDN9B
KYAEIhcXJzrG4h5lEJj2b+iL9p5pPizFCOXkWuxszhuePqWefEmjBz8Y0HZWe0uZ
hdnifOXgSyRnL8KzBt93z83cw/vbY8Nkh5YfS7iuWndGybb6UAN/FJCNMRS1criv
VCr5RUCOtC/+C4Booj65k3UnXvZOQcDGUCQA3RhNNSQi6uB8wQLCakzFCgoaMHoI
W7dKtaiEGqumfkzGGDm676LMZ0mlNqPC3XUkaoCnakFK+RdwiuD6rXtFs6/+FQON
BPaTvRcTTgKRW+bCgX+vgKytncW+aSVwhuTC0ZwLORqF
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:45 2024 by rpki-client on console-fra.rpki-client.org