Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ukFjoYAWgcleNCkUhqHBS-CEwdo.roa
File: ukFjoYAWgcleNCkUhqHBS-CEwdo.roa (raw, json)
Hash identifier: QtZJcOFRWFO1fsBdMiHZCaWC5qYtcnGAvv2Wnd0dEQo=
Subject key identifier: BA:41:63:A1:80:16:81:C9:5E:34:29:14:86:A1:C1:4B:E0:84:C1:DA
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018E0DC0779A80EF44A40664130B1E65F6F4
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ukFjoYAWgcleNCkUhqHBS-CEwdo.roa
Signing time: Tue 05 Mar 2024 08:35:01 +0000
ROA not before: Tue 05 Mar 2024 08:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206757
IP address blocks: 5.154.37.0/24 maxlen: 24
78.136.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:c0:77:9a:80:ef:44:a4:06:64:13:0b:1e:65:f6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Mar 5 08:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba4163a1801681c95e34291486a1c14be084c1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5e:c8:4c:3c:c7:20:da:30:dd:af:9a:f9:8f:
6f:bd:68:c7:39:bd:83:10:e0:6c:79:cb:ee:de:47:
ea:b5:4a:6a:c9:1a:56:3d:b4:09:34:29:ff:d6:93:
7c:84:84:c8:0d:40:c2:ed:c8:1d:d2:43:d9:42:f3:
4b:4d:5b:16:41:cf:4c:8c:7d:48:27:51:31:cd:55:
1f:ae:03:23:10:04:d3:2a:39:da:40:62:7f:41:86:
86:02:ad:96:95:4a:44:97:6e:46:98:e0:c9:2b:72:
49:c3:0b:b8:4c:ad:19:a8:2b:3f:31:0a:3c:1e:84:
c4:8c:24:2d:f7:e6:ad:27:27:1c:1c:c2:da:cc:f6:
1f:22:b4:67:97:00:4e:c4:8c:25:37:4b:d3:fb:d1:
39:ea:24:2b:86:d5:78:cb:69:62:62:0c:2c:c4:65:
79:6e:6b:bc:9a:2f:4f:0b:09:cc:f1:22:52:01:dc:
3b:5e:46:65:76:57:40:98:10:ee:9c:cb:13:41:32:
43:66:7a:3e:0c:f5:d0:6c:3c:f7:0c:d9:1d:2c:5a:
ac:59:f8:d6:01:4a:87:71:bb:74:82:f2:05:3e:97:
80:61:49:82:18:1b:e0:b7:49:59:27:c2:11:4d:0d:
11:16:e9:a6:a3:96:62:9f:43:fa:a2:a9:21:d2:4d:
d5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:41:63:A1:80:16:81:C9:5E:34:29:14:86:A1:C1:4B:E0:84:C1:DA
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ukFjoYAWgcleNCkUhqHBS-CEwdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.37.0/24
78.136.68.0/24
Signature Algorithm: sha256WithRSAEncryption
30:57:32:70:d2:34:5b:68:69:28:90:3d:e2:76:3e:55:66:1e:
af:41:3a:67:78:29:b1:f9:7e:07:07:29:94:bb:41:68:5a:19:
c2:70:49:bc:9c:a7:d3:83:9a:ea:d9:a8:fa:dc:64:6c:35:4d:
e7:40:66:e9:f0:87:ff:e4:66:93:9b:be:89:ba:4c:a9:ec:55:
44:fd:4a:0c:b1:83:ef:5e:4d:d2:b6:d8:79:f6:c0:d1:cd:eb:
b0:2c:8b:92:77:84:9b:cc:2e:e1:a8:76:2e:a8:1b:97:2e:57:
e6:c4:db:05:fc:20:8d:5d:f4:fa:da:c1:53:68:88:40:5c:78:
a1:01:27:bf:fb:9a:11:42:a4:b8:a3:f3:20:4f:f7:0c:0c:29:
cf:c6:61:c7:77:5f:43:fd:0d:9a:6c:46:ee:f9:5c:dc:de:be:
91:9f:45:b1:75:8a:f1:73:ea:32:98:20:54:2d:ca:70:1a:c7:
15:41:4a:e9:a5:80:5f:35:63:83:16:52:71:3a:bd:79:38:6e:
52:48:af:d1:b2:86:a4:a9:fb:49:4a:64:2f:2a:0d:de:a5:d4:
9f:24:5a:70:f1:3f:57:27:87:46:db:24:45:59:01:55:8d:2d:
23:bd:60:85:60:cc:a1:67:09:e1:8f:01:23:d9:c3:b5:ac:01:
49:2e:ff:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4NwHeagO9EpAZkEwseZfb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMzA1MDgzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQxNjNhMTgwMTY4MWM5NWUzNDI5MTQ4NmExYzE0YmUwODRjMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V7ITDzHINow3a+a+Y9vvWjHOb2D
EOBsecvu3kfqtUpqyRpWPbQJNCn/1pN8hITIDUDC7cgd0kPZQvNLTVsWQc9MjH1I
J1ExzVUfrgMjEATTKjnaQGJ/QYaGAq2WlUpEl25GmODJK3JJwwu4TK0ZqCs/MQo8
HoTEjCQt9+atJyccHMLazPYfIrRnlwBOxIwlN0vT+9E56iQrhtV4y2liYgwsxGV5
bmu8mi9PCwnM8SJSAdw7XkZldldAmBDunMsTQTJDZno+DPXQbDz3DNkdLFqsWfjW
AUqHcbt0gvIFPpeAYUmCGBvgt0lZJ8IRTQ0RFummo5Zin0P6oqkh0k3VRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLpBY6GAFoHJXjQpFIahwUvghMHaMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvdWtGam9ZQVdnY2xlTkNrVWhxSEJTLUNFd2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABZolAwQA
TohEMA0GCSqGSIb3DQEBCwUAA4IBAQAwVzJw0jRbaGkokD3idj5VZh6vQTpneCmx
+X4HBymUu0FoWhnCcEm8nKfTg5rq2aj63GRsNU3nQGbp8If/5GaTm76Jukyp7FVE
/UoMsYPvXk3Stth59sDRzeuwLIuSd4SbzC7hqHYuqBuXLlfmxNsF/CCNXfT62sFT
aIhAXHihASe/+5oRQqS4o/MgT/cMDCnPxmHHd19D/Q2abEbu+Vzc3r6Rn0WxdYrx
c+oymCBULcpwGscVQUrppYBfNWODFlJxOr15OG5SSK/RsoakqftJSmQvKg3epdSf
JFpw8T9XJ4dG2yRFWQFVjS0jvWCFYMyhZwnhjwEj2cO1rAFJLv+4
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:24:12 2025 by rpki-client