Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/Uu1sXnE2U2FoRBjH3a4XPGxQDFU.roa
File: Uu1sXnE2U2FoRBjH3a4XPGxQDFU.roa (raw, json)
Hash identifier: ikw4nkdt62FaF0E+JV2rDEvLokgp2dvxclq3GPZqg2k=
Subject key identifier: 52:ED:6C:5E:71:36:53:61:68:44:18:C7:DD:AE:17:3C:6C:50:0C:55
Certificate issuer: /CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Certificate serial: 018BECF7C0C2080B38786098F768807E0D7B
Authority key identifier: DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/Uu1sXnE2U2FoRBjH3a4XPGxQDFU.roa
Signing time: Mon 20 Nov 2023 13:42:21 +0000
ROA not before: Mon 20 Nov 2023 13:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6681
IP address blocks: 89.150.33.0/24 maxlen: 24
193.200.64.0/24 maxlen: 24
193.200.65.0/24 maxlen: 24
195.191.234.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:f7:c0:c2:08:0b:38:78:60:98:f7:68:80:7e:0d:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbcab4859536cf996596ef19d2a64611d036fe4
Validity
Not Before: Nov 20 13:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52ed6c5e71365361684418c7ddae173c6c500c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:21:4b:1e:36:70:4e:3c:51:dd:49:22:d7:59:
ef:06:7f:d1:1b:82:d9:8d:90:61:36:c1:9c:24:fc:
ea:5f:50:e7:df:c9:41:6c:f8:a8:9b:52:b6:d8:d7:
34:a9:41:81:e5:48:b0:10:38:5c:c2:ab:93:39:90:
4a:9c:e7:5f:b4:10:96:74:c6:ca:86:65:f9:82:28:
c5:fe:41:c5:49:ee:f4:20:87:e6:3d:41:2b:92:02:
8b:2e:72:5f:c2:be:fb:f9:ef:91:0f:e6:95:e4:af:
e6:34:45:fe:39:54:be:d3:50:3b:ef:7a:c1:21:58:
c8:06:f1:53:9d:38:97:68:cd:db:fc:62:8d:9c:15:
71:5e:01:0e:94:92:de:6c:d7:02:10:e7:d7:6f:25:
41:2f:c4:5a:0f:5f:2b:3b:4d:90:ae:fd:87:d6:4e:
bd:7c:55:b7:8e:c8:85:77:ae:69:d1:89:4f:81:f3:
c9:3a:b3:21:9b:53:0d:04:3a:8b:ec:64:8e:66:1b:
ca:ec:a1:05:bb:b6:56:8b:39:bd:b4:e7:16:54:0a:
33:9b:ac:d8:6e:5e:bf:40:31:33:20:0b:16:a3:b3:
96:e9:4e:c0:4d:4c:4f:bb:4e:96:99:05:fb:15:9f:
92:f2:8d:af:bd:2f:96:49:9d:26:ca:35:65:52:3d:
0c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:ED:6C:5E:71:36:53:61:68:44:18:C7:DD:AE:17:3C:6C:50:0C:55
X509v3 Authority Key Identifier:
keyid:DC:BC:AB:48:59:53:6C:F9:96:59:6E:F1:9D:2A:64:61:1D:03:6F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/Uu1sXnE2U2FoRBjH3a4XPGxQDFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ca9274-3a94-4f1a-bee2-266fe2737b8f/1/3LyrSFlTbPmWWW7xnSpkYR0Db-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.33.0/24
193.200.64.0/23
195.191.234.0/24
Signature Algorithm: sha256WithRSAEncryption
85:65:95:f3:1f:66:58:ca:0d:f5:7b:2d:b4:51:39:50:c2:0d:
c7:80:d7:89:a4:2c:0f:a0:b5:97:81:04:df:d1:08:b2:45:ea:
f3:9a:58:c2:8e:30:42:08:26:9f:b5:45:80:a6:95:4f:34:84:
1a:1d:b0:81:81:99:55:c8:71:00:3d:49:ab:01:8d:81:f3:42:
a9:56:44:d6:00:bc:a0:63:8f:f2:51:09:f6:02:27:50:b9:36:
d9:c6:7a:b2:20:22:06:eb:22:e4:86:16:2d:1d:7c:79:f2:9c:
95:e3:6f:d6:7c:11:08:ef:f0:68:93:3e:8d:9c:45:ee:73:06:
e3:42:37:8c:00:93:6f:23:19:3e:7c:da:8f:3e:44:97:78:c9:
85:f8:9b:86:c7:7d:c3:e9:77:5c:f8:02:49:f6:d0:40:7f:4f:
52:e9:f6:b3:26:3c:5b:dd:33:b2:00:80:c4:9e:78:f7:7f:4c:
ed:1e:f8:34:8e:6c:ab:eb:83:bf:c8:b1:1e:06:c7:0c:2f:81:
09:76:78:98:8e:92:d6:e0:df:73:c2:70:bf:55:68:77:47:88:
cc:b3:09:05:14:b8:51:20:42:b3:10:d4:fd:7b:ff:5c:a4:41:
37:df:1a:6f:8d:b4:9a:7d:09:0d:92:af:c9:27:7a:83:c5:6b:
7b:77:b6:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvs98DCCAs4eGCY92iAfg17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYmNhYjQ4NTk1MzZjZjk5NjU5NmVmMTlkMmE2NDYxMWQw
MzZmZTQwHhcNMjMxMTIwMTM0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmVkNmM1ZTcxMzY1MzYxNjg0NDE4YzdkZGFlMTczYzZjNTAwYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSFLHjZwTjxR3Uki11nvBn/RG4LZ
jZBhNsGcJPzqX1Dn38lBbPiom1K22Nc0qUGB5UiwEDhcwquTOZBKnOdftBCWdMbK
hmX5gijF/kHFSe70IIfmPUErkgKLLnJfwr77+e+RD+aV5K/mNEX+OVS+01A773rB
IVjIBvFTnTiXaM3b/GKNnBVxXgEOlJLebNcCEOfXbyVBL8RaD18rO02Qrv2H1k69
fFW3jsiFd65p0YlPgfPJOrMhm1MNBDqL7GSOZhvK7KEFu7ZWizm9tOcWVAozm6zY
bl6/QDEzIAsWo7OW6U7ATUxPu06WmQX7FZ+S8o2vvS+WSZ0myjVlUj0M8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFLtbF5xNlNhaEQYx92uFzxsUAxVMB8GA1UdIwQY
MBaAFNy8q0hZU2z5lllu8Z0qZGEdA2/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0x5clNGbFRiUG1XV1c3eG5TcGtZUjBEYi1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9jYTkyNzQtM2E5NC00ZjFhLWJlZTIt
MjY2ZmUyNzM3YjhmLzEvVXUxc1huRTJVMkZvUkJqSDNhNFhQR3hRREZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9jYTkyNzQtM2E5NC00ZjFhLWJlZTItMjY2ZmUyNzM3Yjhm
LzEvM0x5clNGbFRiUG1XV1c3eG5TcGtZUjBEYi1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWZYhAwQB
wchAAwQAw7/qMA0GCSqGSIb3DQEBCwUAA4IBAQCFZZXzH2ZYyg31ey20UTlQwg3H
gNeJpCwPoLWXgQTf0QiyRerzmljCjjBCCCaftUWAppVPNIQaHbCBgZlVyHEAPUmr
AY2B80KpVkTWALygY4/yUQn2AidQuTbZxnqyICIG6yLkhhYtHXx58pyV42/WfBEI
7/Bokz6NnEXucwbjQjeMAJNvIxk+fNqPPkSXeMmF+JuGx33D6Xdc+AJJ9tBAf09S
6fazJjxb3TOyAIDEnnj3f0ztHvg0jmyr64O/yLEeBscML4EJdniYjpLW4N9zwnC/
VWh3R4jMswkFFLhRIEKzENT9e/9cpEE33xpvjbSafQkNkq/JJ3qDxWt7d7Zx
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:14:55 2024 by rpki-client on console.sobornost.net