Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/UYBfZA8SXkIHGKGRi6O4S3lp_q8.roa
File: UYBfZA8SXkIHGKGRi6O4S3lp_q8.roa (raw, json)
Hash identifier: I8ouFi8wLWbBlJ8ZCczZdnrJdaEBVABvGmL+OzUJKv8=
Subject key identifier: 51:80:5F:64:0F:12:5E:42:07:18:A1:91:8B:A3:B8:4B:79:69:FE:AF
Certificate issuer: /CN=ff70868f0c2c218765fa6b53ab9af065ff339f06
Certificate serial: 01856C8A545D2DC6E5A9B44265D1300F2CD1
Authority key identifier: FF:70:86:8F:0C:2C:21:87:65:FA:6B:53:AB:9A:F0:65:FF:33:9F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_3CGjwwsIYdl-mtTq5rwZf8znwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/UYBfZA8SXkIHGKGRi6O4S3lp_q8.roa
Signing time: Sun 01 Jan 2023 08:54:42 +0000
ROA not before: Sun 01 Jan 2023 08:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207872
IP address blocks: 185.213.44.0/24 maxlen: 24
178.236.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:54:5d:2d:c6:e5:a9:b4:42:65:d1:30:0f:2c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff70868f0c2c218765fa6b53ab9af065ff339f06
Validity
Not Before: Jan 1 08:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51805f640f125e420718a1918ba3b84b7969feaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1a:6f:14:3c:63:08:3a:3e:8b:e0:e7:3e:53:
82:41:9e:0f:94:50:8d:fe:88:1e:d7:e9:d9:6d:62:
32:5f:22:03:cc:1f:9f:2f:c3:4a:28:a2:9d:1d:7a:
1c:3c:ce:04:37:1b:7f:b4:4f:ec:e7:6d:61:19:dc:
87:4a:f9:64:58:c9:32:fd:e5:65:07:8c:9c:26:0d:
3c:b2:c7:aa:8a:44:0c:9b:71:8e:e7:ae:52:66:e2:
7d:d9:7d:8c:97:21:b5:19:44:52:cc:a6:8b:5d:6c:
32:bb:fc:01:a2:e6:ac:fc:0d:5d:e6:7e:11:83:d6:
88:8d:c5:d7:6c:4e:80:87:37:80:da:28:ec:c2:3f:
ed:0e:e5:a9:9d:e0:04:21:b1:6d:77:56:b3:cb:00:
6b:05:8d:26:4c:fe:5a:11:76:cc:ad:fa:7e:53:8d:
83:24:16:00:f8:6f:70:ee:0f:46:cc:90:8e:b3:7a:
5e:55:f3:42:86:fd:8b:77:62:13:7f:3a:04:85:da:
a1:a3:86:5a:64:cb:2d:27:e2:fa:3d:40:3c:d0:76:
59:46:73:bc:78:7a:6a:a5:06:38:80:f0:5f:61:37:
01:79:a5:75:0b:d5:3a:2f:75:21:ad:eb:9f:33:a3:
75:43:7b:cb:21:32:98:97:ec:8e:aa:4b:5e:fe:4a:
de:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:80:5F:64:0F:12:5E:42:07:18:A1:91:8B:A3:B8:4B:79:69:FE:AF
X509v3 Authority Key Identifier:
keyid:FF:70:86:8F:0C:2C:21:87:65:FA:6B:53:AB:9A:F0:65:FF:33:9F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3CGjwwsIYdl-mtTq5rwZf8znwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/UYBfZA8SXkIHGKGRi6O4S3lp_q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/354b3b-5d76-49d5-a56c-007c4e58527e/1/_3CGjwwsIYdl-mtTq5rwZf8znwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.203.0/24
185.213.44.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7f:1c:76:f2:28:93:70:8b:57:22:44:c2:61:38:44:c1:b8:
0a:16:06:44:3c:b4:4d:a8:dd:0e:58:00:f7:55:9c:f2:b5:7d:
31:65:06:fd:e9:a4:86:06:a9:3b:bc:b8:f8:02:a5:9a:48:ca:
a8:43:bd:31:18:eb:54:dc:c4:4c:0c:6c:a0:27:88:69:73:17:
cd:da:d6:70:79:8b:1d:c1:f3:3a:48:36:1a:eb:58:16:44:63:
3a:c7:81:48:25:d7:1f:fa:c3:68:01:5f:2e:3f:bd:e2:23:be:
33:d1:18:ff:7f:eb:70:e9:4f:1a:26:3e:79:66:c6:ab:8a:06:
d8:02:e6:59:04:eb:d8:b7:25:82:82:24:d6:5d:b6:c0:03:96:
d6:19:fb:19:58:14:62:3c:35:4a:f1:98:22:fb:9b:0f:59:77:
ac:ab:52:1f:f3:2a:5f:d9:7e:c4:df:0f:7e:5c:0e:27:1f:d5:
2d:3f:b6:a3:60:14:d0:7a:87:0d:2e:44:63:8a:eb:0a:d3:93:
c5:a9:34:59:fc:2b:08:45:56:fe:f7:f2:da:f4:87:4b:19:7f:
ec:e1:5b:ce:56:20:1b:f1:e3:b7:50:11:a7:94:66:26:f1:77:
6b:8b:dc:f9:9d:e8:79:f1:2d:a8:6f:e8:e4:3b:fe:b1:34:e5:
f9:75:1c:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsilRdLcblqbRCZdEwDyzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzA4NjhmMGMyYzIxODc2NWZhNmI1M2FiOWFmMDY1ZmYz
MzlmMDYwHhcNMjMwMTAxMDg1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTgwNWY2NDBmMTI1ZTQyMDcxOGExOTE4YmEzYjg0Yjc5NjlmZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihpvFDxjCDo+i+DnPlOCQZ4PlFCN
/oge1+nZbWIyXyIDzB+fL8NKKKKdHXocPM4ENxt/tE/s521hGdyHSvlkWMky/eVl
B4ycJg08sseqikQMm3GO565SZuJ92X2MlyG1GURSzKaLXWwyu/wBouas/A1d5n4R
g9aIjcXXbE6AhzeA2ijswj/tDuWpneAEIbFtd1azywBrBY0mTP5aEXbMrfp+U42D
JBYA+G9w7g9GzJCOs3peVfNChv2Ld2ITfzoEhdqho4ZaZMstJ+L6PUA80HZZRnO8
eHpqpQY4gPBfYTcBeaV1C9U6L3UhreufM6N1Q3vLITKYl+yOqkte/kre7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFGAX2QPEl5CBxihkYujuEt5af6vMB8GA1UdIwQY
MBaAFP9who8MLCGHZfprU6ua8GX/M58GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNDR2p3d3NJWWRsLW10VHE1cndaZjh6bndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNTRiM2ItNWQ3Ni00OWQ1LWE1NmMt
MDA3YzRlNTg1MjdlLzEvVVlCZlpBOFNYa0lIR0tHUmk2TzRTM2xwX3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNTRiM2ItNWQ3Ni00OWQ1LWE1NmMtMDA3YzRlNTg1Mjdl
LzEvXzNDR2p3d3NJWWRsLW10VHE1cndaZjh6bndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsuzLAwQA
udUsMA0GCSqGSIb3DQEBCwUAA4IBAQBjfxx28iiTcItXIkTCYThEwbgKFgZEPLRN
qN0OWAD3VZzytX0xZQb96aSGBqk7vLj4AqWaSMqoQ70xGOtU3MRMDGygJ4hpcxfN
2tZweYsdwfM6SDYa61gWRGM6x4FIJdcf+sNoAV8uP73iI74z0Rj/f+tw6U8aJj55
ZsarigbYAuZZBOvYtyWCgiTWXbbAA5bWGfsZWBRiPDVK8Zgi+5sPWXesq1If8ypf
2X7E3w9+XA4nH9UtP7ajYBTQeocNLkRjiusK05PFqTRZ/CsIRVb+9/La9IdLGX/s
4VvOViAb8eO3UBGnlGYm8Xdri9z5neh58S2ob+jkO/6xNOX5dRz0
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:10 2024 by rpki-client on console.sobornost.net