Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/UQRQzpMSkldGi1B7hVZdPwbxbSY.roa
File: UQRQzpMSkldGi1B7hVZdPwbxbSY.roa (raw, json)
Hash identifier: ZnmCfiDnqAB1YFJZrd8ML2b2ochrHU/fZ2q/Dc09y6A=
Subject key identifier: 51:04:50:CE:93:12:92:57:46:8B:50:7B:85:56:5D:3F:06:F1:6D:26
Certificate issuer: /CN=8d281989c3b6e58fdc9534ee7eb3e260d1d87749
Certificate serial: 018571553E090D9E20645B96BA7712577B33
Authority key identifier: 8D:28:19:89:C3:B6:E5:8F:DC:95:34:EE:7E:B3:E2:60:D1:D8:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jSgZicO25Y_clTTufrPiYNHYd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/UQRQzpMSkldGi1B7hVZdPwbxbSY.roa
Signing time: Mon 02 Jan 2023 07:14:49 +0000
ROA not before: Mon 02 Jan 2023 07:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43754
IP address blocks: 185.166.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:3e:09:0d:9e:20:64:5b:96:ba:77:12:57:7b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d281989c3b6e58fdc9534ee7eb3e260d1d87749
Validity
Not Before: Jan 2 07:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=510450ce93129257468b507b85565d3f06f16d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7d:90:7e:75:fc:b5:a0:e2:e9:df:87:21:2a:
af:0b:80:f9:43:13:5d:97:4f:b0:04:c0:87:35:48:
f9:8c:2a:ac:11:41:36:20:49:b6:83:9a:7b:62:11:
1d:7d:1c:3c:33:4f:8c:d4:0e:a6:47:c7:8c:b6:e8:
9f:74:d9:12:24:fe:b9:98:ff:63:e1:20:04:c6:79:
0c:65:1b:82:6e:da:04:dd:8e:23:03:20:77:79:e7:
76:db:94:13:c5:9e:7f:60:c2:00:bf:be:1e:e7:91:
a8:da:af:9f:e2:6a:a4:11:0a:30:81:03:d6:87:28:
01:14:5d:ce:96:42:26:63:6e:f2:48:2e:0a:94:f9:
c7:89:f4:19:eb:6a:a6:51:6d:8a:f1:1d:e4:4e:40:
58:94:60:69:15:eb:e2:88:45:b2:26:ca:05:61:85:
77:80:1e:c1:7c:06:63:a4:b7:41:6f:b3:d8:26:a6:
02:fd:28:42:b2:73:a4:7e:ac:08:05:da:01:53:c5:
f7:bb:49:69:71:08:89:37:4e:b3:49:c1:cd:52:e5:
99:5e:0b:ec:36:46:da:fe:fe:ed:bb:38:cb:82:83:
55:cf:f4:3f:a1:c1:e2:d5:c3:77:02:80:76:af:bf:
bc:d4:ea:74:cc:00:d1:34:8d:aa:a2:55:2b:3c:21:
06:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:04:50:CE:93:12:92:57:46:8B:50:7B:85:56:5D:3F:06:F1:6D:26
X509v3 Authority Key Identifier:
keyid:8D:28:19:89:C3:B6:E5:8F:DC:95:34:EE:7E:B3:E2:60:D1:D8:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jSgZicO25Y_clTTufrPiYNHYd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/UQRQzpMSkldGi1B7hVZdPwbxbSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/jSgZicO25Y_clTTufrPiYNHYd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.115.0/24
Signature Algorithm: sha256WithRSAEncryption
99:09:6c:3b:d3:c9:77:a3:fc:a1:de:eb:a5:12:53:9a:95:7f:
8a:76:14:53:d7:3c:ee:bb:85:2f:67:66:8c:07:1c:a6:77:ac:
c5:2d:0b:b9:99:45:5c:4a:27:00:a1:21:2c:be:8e:b2:8e:5f:
47:0c:75:5d:2a:a0:02:82:d2:cc:c3:85:9f:dc:ae:4e:93:dd:
f3:92:8d:6c:1a:68:fa:69:8f:bc:0f:eb:80:ca:c4:05:77:73:
37:f2:c8:0e:d2:cf:d0:18:bf:46:21:06:82:98:5d:9f:5e:ba:
f8:07:62:7b:bc:be:67:48:91:6a:28:6d:77:4f:57:bb:8a:c0:
21:71:15:b7:32:3d:f9:cd:43:18:64:2d:71:29:c9:ea:4f:02:
f3:71:4b:48:64:a9:bf:c6:3e:61:2f:19:70:8f:1f:bb:5a:29:
8a:65:2f:43:65:c4:3d:6f:9c:0a:2f:55:bf:84:c8:29:25:18:
b9:4f:5e:6f:4a:95:5f:6f:81:39:d0:f1:86:dc:97:b2:38:6c:
de:cc:fe:e8:ca:ff:43:0c:e0:06:b3:bc:2a:7f:3e:3f:0c:ae:
b8:4a:dc:3b:bc:ec:a5:d3:55:b1:5c:bc:d8:4d:ea:3b:f1:41:
40:11:08:50:ee:03:d7:e7:1c:6e:3b:1e:cc:e6:8c:87:b8:27:
7d:dc:26:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVT4JDZ4gZFuWuncSV3szMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMjgxOTg5YzNiNmU1OGZkYzk1MzRlZTdlYjNlMjYwZDFk
ODc3NDkwHhcNMjMwMTAyMDcxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTA0NTBjZTkzMTI5MjU3NDY4YjUwN2I4NTU2NWQzZjA2ZjE2ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi32QfnX8taDi6d+HISqvC4D5QxNd
l0+wBMCHNUj5jCqsEUE2IEm2g5p7YhEdfRw8M0+M1A6mR8eMtuifdNkSJP65mP9j
4SAExnkMZRuCbtoE3Y4jAyB3eed225QTxZ5/YMIAv74e55Go2q+f4mqkEQowgQPW
hygBFF3OlkImY27ySC4KlPnHifQZ62qmUW2K8R3kTkBYlGBpFeviiEWyJsoFYYV3
gB7BfAZjpLdBb7PYJqYC/ShCsnOkfqwIBdoBU8X3u0lpcQiJN06zScHNUuWZXgvs
Nkba/v7tuzjLgoNVz/Q/ocHi1cN3AoB2r7+81Op0zADRNI2qolUrPCEG1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEEUM6TEpJXRotQe4VWXT8G8W0mMB8GA1UdIwQY
MBaAFI0oGYnDtuWP3JU07n6z4mDR2HdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalNnWmljTzI1WV9jbFRUdWZyUGlZTkhZZDBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8zYmFlODYtYThmYy00M2U2LTgwMWEt
YmNhODBlNDdjNTczLzEvVVFSUXpwTVNrbGRHaTFCN2hWWmRQd2J4YlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8zYmFlODYtYThmYy00M2U2LTgwMWEtYmNhODBlNDdjNTcz
LzEvalNnWmljTzI1WV9jbFRUdWZyUGlZTkhZZDBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaZzMA0G
CSqGSIb3DQEBCwUAA4IBAQCZCWw708l3o/yh3uulElOalX+KdhRT1zzuu4UvZ2aM
Bxymd6zFLQu5mUVcSicAoSEsvo6yjl9HDHVdKqACgtLMw4Wf3K5Ok93zko1sGmj6
aY+8D+uAysQFd3M38sgO0s/QGL9GIQaCmF2fXrr4B2J7vL5nSJFqKG13T1e7isAh
cRW3Mj35zUMYZC1xKcnqTwLzcUtIZKm/xj5hLxlwjx+7WimKZS9DZcQ9b5wKL1W/
hMgpJRi5T15vSpVfb4E50PGG3JeyOGzezP7oyv9DDOAGs7wqfz4/DK64Stw7vOyl
01WxXLzYTeo78UFAEQhQ7gPX5xxuOx7M5oyHuCd93Cao
-----END CERTIFICATE-----
Generated at Tue Jan 2 02:56:34 2024 by rpki-client on console.sobornost.net