Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/UEs9VH73_0klEvaaNekNR85EjfY.roa
File: UEs9VH73_0klEvaaNekNR85EjfY.roa (raw, json)
Hash identifier: uyU+xDuwnHZV5daXFSuk2fU3AbiqXd6T6MgyfVrQOro=
Subject key identifier: 50:4B:3D:54:7E:F7:FF:49:25:12:F6:9A:35:E9:0D:47:CE:44:8D:F6
Certificate issuer: /CN=58ec149761a5d84b8c49e2c9936bbb748033fe66
Certificate serial: 018AE12E80005F0774D8211F713CDDC8F84B
Authority key identifier: 58:EC:14:97:61:A5:D8:4B:8C:49:E2:C9:93:6B:BB:74:80:33:FE:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/UEs9VH73_0klEvaaNekNR85EjfY.roa
Signing time: Fri 29 Sep 2023 13:43:55 +0000
ROA not before: Fri 29 Sep 2023 13:43:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3278
IP address blocks: 194.180.2.0/24 maxlen: 24
194.180.1.0/24 maxlen: 24
194.180.4.0/23 maxlen: 23
194.180.4.0/24 maxlen: 24
194.180.3.0/24 maxlen: 24
194.180.0.0/24 maxlen: 24
194.180.0.0/22 maxlen: 22
194.180.5.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:2e:80:00:5f:07:74:d8:21:1f:71:3c:dd:c8:f8:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ec149761a5d84b8c49e2c9936bbb748033fe66
Validity
Not Before: Sep 29 13:43:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=504b3d547ef7ff492512f69a35e90d47ce448df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:54:01:e8:ce:e6:f8:f8:30:17:d3:06:22:e0:
30:4f:7f:b5:b6:1d:8e:40:bb:39:68:db:ff:59:c8:
76:fc:5b:f0:72:80:dc:5f:97:74:37:01:6c:fd:08:
6e:ce:3c:12:53:2d:fb:ae:9f:77:49:a5:ad:7a:39:
4d:a6:70:6e:bf:0a:1e:05:f1:04:8f:96:2f:d8:56:
74:35:35:b8:8e:b5:6b:9d:ec:ed:78:cc:9e:26:9a:
4a:f2:cb:73:a3:e8:08:d4:53:ec:63:ca:b8:0c:b5:
e4:48:a4:5c:d5:61:ec:91:dd:84:2f:80:6b:29:52:
2f:14:23:f5:a4:b3:39:25:e6:b0:bc:cf:1d:7a:34:
d3:7f:48:f9:90:83:23:f3:9c:aa:66:c1:e2:26:11:
46:49:91:f0:17:22:b9:0d:21:8f:cd:df:65:4e:43:
10:7b:5f:df:5b:9a:09:80:45:7e:b5:6b:3a:16:8c:
e3:f2:80:7b:7b:b2:35:7c:13:86:0c:2d:d9:e5:7b:
f1:86:a5:d3:cb:ac:44:4b:93:d0:81:f1:1f:2f:02:
f8:3e:cf:25:30:d2:99:92:c2:9a:16:dc:11:e1:22:
65:ca:c7:e4:53:71:d2:51:0b:36:7e:8b:32:44:1c:
0b:79:6c:4b:9e:4b:79:af:e9:ff:a5:31:90:0e:c2:
68:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4B:3D:54:7E:F7:FF:49:25:12:F6:9A:35:E9:0D:47:CE:44:8D:F6
X509v3 Authority Key Identifier:
keyid:58:EC:14:97:61:A5:D8:4B:8C:49:E2:C9:93:6B:BB:74:80:33:FE:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/UEs9VH73_0klEvaaNekNR85EjfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.0.0-194.180.5.255
Signature Algorithm: sha256WithRSAEncryption
70:4b:05:c9:15:a2:62:0c:06:50:3c:8b:2e:36:f0:3b:62:c2:
95:b4:ae:d5:54:29:c6:4f:c0:d7:2a:0c:96:0d:d4:aa:e9:9c:
dc:65:55:3e:17:de:aa:73:a1:21:35:87:9c:0b:95:ee:35:89:
93:09:33:2b:31:b0:1c:3d:50:c5:a1:0d:48:f5:82:e3:bf:18:
62:50:be:7a:67:18:98:78:d8:1e:2b:88:c3:74:ca:36:a2:83:
a0:c3:27:cc:32:0a:ce:35:87:e5:45:e4:f3:5d:05:4c:08:82:
56:e6:9e:c7:90:fc:65:59:3a:eb:27:91:07:28:cf:3a:65:e7:
64:62:1e:46:5f:85:f4:e4:26:86:eb:97:df:69:4f:09:94:e2:
9f:b7:f1:88:61:87:ce:b6:6c:fb:66:db:c0:43:5e:17:31:41:
5e:8f:16:53:33:90:5c:bf:3e:a4:c2:d8:8c:7b:c1:a5:0e:48:
39:d5:dd:bd:69:8d:ca:ce:c6:ab:1b:3a:29:52:27:76:c9:f2:
bd:cd:07:ad:55:d4:de:45:6a:9f:7b:29:1e:57:36:99:f9:52:
d8:e7:45:6a:05:dc:6e:98:8f:f9:7a:4b:31:4a:5f:17:af:14:
4a:6d:0e:53:9f:2f:3b:a3:81:a7:30:c5:64:9f:66:37:d0:35:
ae:0d:f0:ef
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYrhLoAAXwd02CEfcTzdyPhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZWMxNDk3NjFhNWQ4NGI4YzQ5ZTJjOTkzNmJiYjc0ODAz
M2ZlNjYwHhcNMjMwOTI5MTM0MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDRiM2Q1NDdlZjdmZjQ5MjUxMmY2OWEzNWU5MGQ0N2NlNDQ4ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolQB6M7m+PgwF9MGIuAwT3+1th2O
QLs5aNv/Wch2/FvwcoDcX5d0NwFs/QhuzjwSUy37rp93SaWtejlNpnBuvwoeBfEE
j5Yv2FZ0NTW4jrVrnezteMyeJppK8stzo+gI1FPsY8q4DLXkSKRc1WHskd2EL4Br
KVIvFCP1pLM5JeawvM8dejTTf0j5kIMj85yqZsHiJhFGSZHwFyK5DSGPzd9lTkMQ
e1/fW5oJgEV+tWs6Fozj8oB7e7I1fBOGDC3Z5XvxhqXTy6xES5PQgfEfLwL4Ps8l
MNKZksKaFtwR4SJlysfkU3HSUQs2fosyRBwLeWxLnkt5r+n/pTGQDsJouwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFFBLPVR+9/9JJRL2mjXpDUfORI32MB8GA1UdIwQY
MBaAFFjsFJdhpdhLjEniyZNru3SAM/5mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV093VWwyR2wyRXVNU2VMSmsydTdkSUF6X21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9iNGFkOWMtMGQwYi00YzNkLTg1MzMt
ZGJmNjJmYzViZWIwLzEvVUVzOVZINzNfMGtsRXZhYU5la05SODVFamZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9iNGFkOWMtMGQwYi00YzNkLTg1MzMtZGJmNjJmYzViZWIw
LzEvV093VWwyR2wyRXVNU2VMSmsydTdkSUF6X21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwLCtAME
AcK0BDANBgkqhkiG9w0BAQsFAAOCAQEAcEsFyRWiYgwGUDyLLjbwO2LClbSu1VQp
xk/A1yoMlg3Uqumc3GVVPhfeqnOhITWHnAuV7jWJkwkzKzGwHD1QxaENSPWC478Y
YlC+emcYmHjYHiuIw3TKNqKDoMMnzDIKzjWH5UXk810FTAiCVuaex5D8ZVk66yeR
ByjPOmXnZGIeRl+F9OQmhuuX32lPCZTin7fxiGGHzrZs+2bbwENeFzFBXo8WUzOQ
XL8+pMLYjHvBpQ5IOdXdvWmNys7Gqxs6KVIndsnyvc0HrVXU3kVqn3spHlc2mflS
2OdFagXcbpiP+XpLMUpfF68USm0OU58vO6OBpzDFZJ9mN9A1rg3w7w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:11 2024 by rpki-client on console.sobornost.net