Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/UNs-HGdEWHn8EEf8lFpeZW90V7o.roa
File: UNs-HGdEWHn8EEf8lFpeZW90V7o.roa (raw, json)
Hash identifier: NHdKp38bvLMJHAdoLM5Yk+pJGi2airCmXBxo6+8TxlQ=
Subject key identifier: 50:DB:3E:1C:67:44:58:79:FC:10:47:FC:94:5A:5E:65:6F:74:57:BA
Certificate issuer: /CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Certificate serial: 018CC348FC5B337A8D956E83FFD012DB4452
Authority key identifier: 5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/UNs-HGdEWHn8EEf8lFpeZW90V7o.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 807
IP address blocks: 193.57.173.0/24 maxlen: 24
193.57.200.0/24 maxlen: 24
193.57.223.0/24 maxlen: 24
193.57.224.0/24 maxlen: 24
2a0f:8640::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fc:5b:33:7a:8d:95:6e:83:ff:d0:12:db:44:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50db3e1c67445879fc1047fc945a5e656f7457ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a3:65:a6:a8:a0:4f:c2:83:c3:1d:56:c0:73:
f1:b6:d6:fd:88:d6:a8:47:46:6e:cd:28:db:fa:54:
a5:fb:71:5c:7f:39:c4:24:f6:3f:ec:91:55:27:10:
99:66:c8:d8:ca:9a:84:d9:d2:9e:ee:8e:8c:3e:43:
89:70:09:ba:30:c2:a3:ed:34:d0:f0:b5:11:7e:c2:
62:7f:1c:b4:74:4c:30:96:9d:98:9c:c9:17:aa:a4:
0a:22:20:74:91:7a:05:82:12:62:22:2e:44:b6:3e:
33:32:56:b6:23:55:56:f0:40:50:02:c1:29:f2:c7:
f6:24:7c:5c:90:37:43:a9:e4:78:77:ab:ad:e9:96:
f9:ff:88:3f:e5:42:99:04:1d:27:1b:42:19:d3:e3:
70:eb:28:92:7f:29:b1:e6:2e:3a:c6:a0:fd:b3:da:
e4:16:c5:20:7e:f4:72:5b:59:4c:7d:1e:6a:e6:15:
ca:92:08:12:f4:c1:90:36:5a:14:b6:52:f8:e3:20:
09:47:e6:c7:a2:42:7e:b1:8f:99:17:d6:3a:4d:a2:
23:6d:ce:46:a9:b9:b6:15:6a:3a:6e:aa:28:01:cc:
34:af:ed:65:7e:68:76:8d:18:3f:dd:10:c6:8a:be:
37:08:1d:bd:73:f9:2e:99:b6:d0:b1:df:2f:22:90:
8a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DB:3E:1C:67:44:58:79:FC:10:47:FC:94:5A:5E:65:6F:74:57:BA
X509v3 Authority Key Identifier:
keyid:5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/UNs-HGdEWHn8EEf8lFpeZW90V7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.173.0/24
193.57.200.0/24
193.57.223.0-193.57.224.255
IPv6:
2a0f:8640::/29
Signature Algorithm: sha256WithRSAEncryption
1e:7e:7e:c7:de:38:9c:d3:df:40:6d:32:cb:b0:2f:f6:d5:a0:
1e:26:98:30:8e:24:2d:53:35:58:b4:bd:5b:3c:e2:a3:90:8c:
a0:7f:b4:cf:06:d9:4c:8d:da:c9:10:0b:dc:db:97:f2:37:ae:
ee:71:05:2e:87:47:c6:a6:e1:67:33:51:49:5c:1e:fd:73:74:
b8:73:0b:38:de:1a:7b:e4:6c:f2:99:11:e2:0c:87:04:1b:17:
69:5f:69:76:b3:77:de:9f:f2:87:5f:ea:46:ac:86:b8:17:e5:
8e:a0:25:0b:1e:19:e2:85:26:36:c0:2d:bc:99:53:ee:d3:90:
44:d0:27:07:33:2e:43:c4:5c:eb:ec:3c:12:7b:b4:df:6e:04:
3c:9f:86:90:a1:75:fb:52:1d:69:70:2f:cd:53:ad:1f:33:bb:
01:53:2a:00:e4:49:eb:ad:39:eb:3a:ef:df:fd:7a:9e:c9:66:
03:74:53:27:ad:7f:1b:46:94:d0:eb:04:6f:63:d8:e9:4d:41:
47:e7:d8:4c:1b:d2:b0:02:43:26:8c:87:ac:6f:c2:74:13:96:
d2:2b:ba:8a:3c:8b:bc:e8:f2:7d:d6:44:12:d0:0e:94:ef:69:
57:05:ae:25:4e:fa:db:f3:f4:75:57:54:dc:63:01:46:89:7b:
66:99:bf:27
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzDSPxbM3qNlW6D/9AS20RSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViY2Q0MGQxMGI1NmYzYjUzMmZhMGRmZDAxZDgxN2VmOTNk
YTFhMzQwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGRiM2UxYzY3NDQ1ODc5ZmMxMDQ3ZmM5NDVhNWU2NTZmNzQ1N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqNlpqigT8KDwx1WwHPxttb9iNao
R0ZuzSjb+lSl+3FcfznEJPY/7JFVJxCZZsjYypqE2dKe7o6MPkOJcAm6MMKj7TTQ
8LURfsJifxy0dEwwlp2YnMkXqqQKIiB0kXoFghJiIi5Etj4zMla2I1VW8EBQAsEp
8sf2JHxckDdDqeR4d6ut6Zb5/4g/5UKZBB0nG0IZ0+Nw6yiSfymx5i46xqD9s9rk
FsUgfvRyW1lMfR5q5hXKkggS9MGQNloUtlL44yAJR+bHokJ+sY+ZF9Y6TaIjbc5G
qbm2FWo6bqooAcw0r+1lfmh2jRg/3RDGir43CB29c/kumbbQsd8vIpCKMwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFDbPhxnRFh5/BBH/JRaXmVvdFe6MB8GA1UdIwQY
MBaAFFvNQNELVvO1MvoN/QHYF++T2ho0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzIt
YTJjZTFjYzhiODdmLzEvVU5zLUhHZEVXSG44RUVmOGxGcGVaVzkwVjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzItYTJjZTFjYzhiODdm
LzEvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwTmtAwQA
wTnIMAwDBADBOd8DBADBOeAwDQQCAAIwBwMFAyoPhkAwDQYJKoZIhvcNAQELBQAD
ggEBAB5+fsfeOJzT30BtMsuwL/bVoB4mmDCOJC1TNVi0vVs84qOQjKB/tM8G2UyN
2skQC9zbl/I3ru5xBS6HR8am4WczUUlcHv1zdLhzCzjeGnvkbPKZEeIMhwQbF2lf
aXazd96f8odf6kashrgX5Y6gJQseGeKFJjbALbyZU+7TkETQJwczLkPEXOvsPBJ7
tN9uBDyfhpChdftSHWlwL81TrR8zuwFTKgDkSeutOes679/9ep7JZgN0UyetfxtG
lNDrBG9j2OlNQUfn2Ewb0rACQyaMh6xvwnQTltIruoo8i7zo8n3WRBLQDpTvaVcF
riVO+tvz9HVXVNxjAUaJe2aZvyc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:02 2025 by rpki-client