Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/u4rCGvm20vQ9F8aUXxo-9wz_tnM.roa
File: u4rCGvm20vQ9F8aUXxo-9wz_tnM.roa (raw, json)
Hash identifier: YLS1z4XnO7bkz6KWrWItuurL+sI0FDbsWlxW2Y5N6gM=
Subject key identifier: BB:8A:C2:1A:F9:B6:D2:F4:3D:17:C6:94:5F:1A:3E:F7:0C:FF:B6:73
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0194D614FA075694B4F26ACC2B89828087E6
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/u4rCGvm20vQ9F8aUXxo-9wz_tnM.roa
Signing time: Wed 05 Feb 2025 12:28:06 +0000
ROA not before: Wed 05 Feb 2025 12:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.0.0/24 maxlen: 24
144.56.7.0/24 maxlen: 24
144.56.8.0/24 maxlen: 24
144.56.9.0/24 maxlen: 24
144.56.10.0/24 maxlen: 24
144.56.11.0/24 maxlen: 24
144.56.12.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 08:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:14:fa:07:56:94:b4:f2:6a:cc:2b:89:82:80:87:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Feb 5 12:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb8ac21af9b6d2f43d17c6945f1a3ef70cffb673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ab:31:54:5d:49:20:f1:51:c0:40:81:4d:53:
58:e5:7f:87:07:8f:d4:21:42:0e:7a:df:50:5a:57:
7d:7c:52:37:01:3a:02:3b:49:91:4d:16:f2:a4:d2:
21:4d:0d:f2:37:ee:dc:e2:0c:46:75:3e:08:ac:be:
9f:34:68:c9:9f:4a:dc:01:5b:4a:e5:c7:68:d7:7f:
06:39:b0:f5:1d:eb:18:e3:99:94:b2:05:ef:c7:7e:
08:1c:2b:4a:36:52:ce:ec:51:e8:24:27:fc:15:01:
92:4c:6d:99:1c:71:83:b5:48:2e:7f:b9:e3:78:00:
b9:ba:76:29:fe:67:44:a4:02:fa:23:a9:e6:c2:9e:
e2:17:a5:f9:76:4c:59:cb:04:00:e3:e2:63:79:c7:
8b:3a:b1:76:42:d0:f2:79:5b:d2:85:18:e9:01:fd:
0b:8f:03:59:fc:c9:94:c8:5f:8c:86:72:da:4f:b7:
88:76:fe:4d:97:bc:f2:5e:e4:7b:8b:81:dc:5d:03:
28:6a:61:eb:5d:7e:c6:1a:29:9c:56:b9:83:ec:0b:
7f:c2:cb:38:5b:0f:3b:3b:d6:26:07:69:c2:64:d7:
62:9f:31:22:64:58:0c:d4:83:f5:39:d1:e7:7e:f1:
c6:51:8f:8b:8d:3c:54:9c:93:5c:f0:83:f6:c5:c6:
fb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8A:C2:1A:F9:B6:D2:F4:3D:17:C6:94:5F:1A:3E:F7:0C:FF:B6:73
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/u4rCGvm20vQ9F8aUXxo-9wz_tnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.0.0/24
144.56.7.0-144.56.13.255
Signature Algorithm: sha256WithRSAEncryption
30:ac:cd:54:ed:77:83:c4:10:5c:8c:9a:03:2e:52:7d:17:55:
3e:8f:0c:4f:69:b2:f0:69:d2:59:90:70:f8:dd:f8:ad:82:fa:
a9:92:40:7e:38:89:94:a5:86:bd:81:b4:2d:5c:23:8a:b5:e9:
a2:6e:46:67:5a:75:70:f6:3c:d2:71:1a:fe:48:1a:25:de:23:
21:d4:c3:f6:3c:32:86:2c:2c:f9:48:3f:de:8f:9d:78:2b:e2:
52:77:28:ff:74:f3:f3:7e:07:42:0d:eb:aa:bd:4a:bc:e0:f2:
1c:18:b4:7e:08:d0:e6:ee:06:34:7d:de:74:30:61:98:78:94:
b5:b4:02:55:24:e7:bf:ba:19:e7:e8:ee:9d:1a:b3:1e:a6:4e:
49:89:8a:ff:aa:34:9a:d8:01:52:8e:42:9c:8f:41:af:5b:5d:
e7:65:b4:c4:4e:ec:5b:82:03:e3:9f:ee:ed:9f:05:34:64:09:
a3:97:87:15:78:f8:e0:4a:f0:da:4c:28:1f:0c:97:92:ae:cd:
c6:a6:43:2b:13:2d:8a:22:de:8b:ba:aa:2e:1d:ff:39:c7:3b:
3f:6b:49:46:e7:b1:e4:ae:cf:14:91:60:36:f0:ae:6b:d6:e9:
a6:b2:4b:cf:f0:d5:b0:73:95:31:d9:a6:fc:2f:c7:b0:27:06:
68:74:3f:4e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTWFPoHVpS08mrMK4mCgIfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwMjA1MTIyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjhhYzIxYWY5YjZkMmY0M2QxN2M2OTQ1ZjFhM2VmNzBjZmZiNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6sxVF1JIPFRwECBTVNY5X+HB4/U
IUIOet9QWld9fFI3AToCO0mRTRbypNIhTQ3yN+7c4gxGdT4IrL6fNGjJn0rcAVtK
5cdo138GObD1HesY45mUsgXvx34IHCtKNlLO7FHoJCf8FQGSTG2ZHHGDtUguf7nj
eAC5unYp/mdEpAL6I6nmwp7iF6X5dkxZywQA4+JjeceLOrF2QtDyeVvShRjpAf0L
jwNZ/MmUyF+MhnLaT7eIdv5Nl7zyXuR7i4HcXQMoamHrXX7GGimcVrmD7At/wss4
Ww87O9YmB2nCZNdinzEiZFgM1IP1OdHnfvHGUY+LjTxUnJNc8IP2xcb7YwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLuKwhr5ttL0PRfGlF8aPvcM/7ZzMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvdTRyQ0d2bTIwdlE5RjhhVVh4by05d3pfdG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAkDgAMAwD
BACQOAcDBAGQOAwwDQYJKoZIhvcNAQELBQADggEBADCszVTtd4PEEFyMmgMuUn0X
VT6PDE9psvBp0lmQcPjd+K2C+qmSQH44iZSlhr2BtC1cI4q16aJuRmdadXD2PNJx
Gv5IGiXeIyHUw/Y8MoYsLPlIP96PnXgr4lJ3KP908/N+B0IN66q9Srzg8hwYtH4I
0ObuBjR93nQwYZh4lLW0AlUk57+6Gefo7p0asx6mTkmJiv+qNJrYAVKOQpyPQa9b
XedltMRO7FuCA+Of7u2fBTRkCaOXhxV4+OBK8NpMKB8Ml5KuzcamQysTLYoi3ou6
qi4d/znHOz9rSUbnseSuzxSRYDbwrmvW6aayS8/w1bBzlTHZpvwvx7AnBmh0P04=
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:27:30 2025 by rpki-client