Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/uQ-nkmRq52aDCdK-caOr9Cp3A_Y.roa
File: uQ-nkmRq52aDCdK-caOr9Cp3A_Y.roa (raw, json)
Hash identifier: zlkLpp8Sr5WuTFfCX0e9I3GdZ+8NuyTxx1X/32cHRzI=
Subject key identifier: B9:0F:A7:92:64:6A:E7:66:83:09:D2:BE:71:A3:AB:F4:2A:77:03:F6
Certificate issuer: /CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Certificate serial: 018B3D96106DA8AC5788BB03911242734437
Authority key identifier: C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/uQ-nkmRq52aDCdK-caOr9Cp3A_Y.roa
Signing time: Tue 17 Oct 2023 12:22:06 +0000
ROA not before: Tue 17 Oct 2023 12:22:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5410
IP address blocks: 194.117.192.0/20 maxlen: 24
195.36.128.0/17 maxlen: 24
176.128.0.0/10 maxlen: 24
194.158.96.0/19 maxlen: 24
5.48.0.0/14 maxlen: 24
164.177.0.0/17 maxlen: 24
128.78.0.0/15 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 08:58:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:96:10:6d:a8:ac:57:88:bb:03:91:12:42:73:44:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Validity
Not Before: Oct 17 12:22:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b90fa792646ae7668309d2be71a3abf42a7703f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:65:3f:36:d0:a4:e7:4a:a2:a1:ed:6b:08:ec:
99:70:d1:9a:a7:f6:e6:88:6d:9c:08:4c:79:00:90:
7f:57:31:f2:13:58:26:9f:55:ee:6b:d4:f0:21:86:
6b:19:a8:86:52:b3:56:66:bc:bd:66:b2:f3:cd:a1:
bb:9b:d1:a5:f0:c4:02:55:cd:42:68:c5:2a:21:1b:
cc:7b:d9:29:63:78:0a:55:87:dc:d6:d8:13:3f:5b:
a3:76:e0:57:43:e6:f9:19:83:82:65:bb:8a:29:5d:
6f:19:30:c0:fd:98:82:d7:94:1b:39:a8:8a:ee:f5:
b8:49:b5:78:d6:ef:c7:2b:dc:20:fd:a4:32:5f:b9:
14:49:75:19:d3:ed:d3:e9:80:10:40:c7:8c:6a:f9:
5b:17:2f:4d:fa:40:f5:3d:38:05:55:a4:23:8f:f4:
f8:cb:ed:26:37:09:bd:60:58:c3:35:b8:dc:20:75:
9f:54:a2:b9:47:3b:44:43:96:22:db:9e:d9:6e:5e:
bc:f1:1c:1d:95:db:5f:60:f3:7f:49:37:f7:e5:bc:
61:e6:cc:6c:3b:88:5d:73:61:a5:ff:39:bb:61:75:
84:da:1e:65:af:95:d8:55:9c:97:8c:9e:c7:ae:de:
05:06:70:df:d2:1b:9e:02:02:73:c9:77:b7:26:48:
e2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:0F:A7:92:64:6A:E7:66:83:09:D2:BE:71:A3:AB:F4:2A:77:03:F6
X509v3 Authority Key Identifier:
keyid:C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/uQ-nkmRq52aDCdK-caOr9Cp3A_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.48.0.0/14
128.78.0.0/15
164.177.0.0/17
176.128.0.0/10
194.117.192.0/20
194.158.96.0/19
195.36.128.0/17
Signature Algorithm: sha256WithRSAEncryption
ac:0f:4e:47:f3:ed:7f:4c:71:33:be:95:f6:67:e3:c8:e5:aa:
bb:11:50:0c:a8:8a:f0:06:91:ee:e2:13:5a:4f:4a:96:07:1d:
80:bd:c3:8b:38:9f:67:19:9d:c8:10:ed:16:dc:4a:ce:b3:7d:
3a:30:ab:35:fa:d2:5d:d9:2e:e8:30:9f:f7:75:13:ae:69:63:
83:c4:78:e2:5b:d2:71:42:25:1a:72:9b:54:18:ea:95:b4:93:
ac:13:9b:76:6d:d2:fb:8d:c1:70:29:de:bd:66:8a:fa:46:56:
bf:b0:8f:a0:6f:52:33:fe:cc:7d:da:bd:96:12:f8:6d:c7:0e:
aa:62:e6:95:36:b8:d3:41:21:6e:1d:25:84:64:2e:71:a0:cc:
60:a7:31:5f:f1:b0:aa:bb:8b:cf:bb:59:31:89:af:b0:7b:42:
67:fe:af:6d:a2:7d:85:bb:d6:31:7e:da:42:62:b6:bd:23:d0:
29:75:e4:cc:a3:67:12:63:26:9c:61:38:9b:58:6b:b1:52:8f:
fc:a8:a1:42:ad:83:53:8d:02:fe:1e:94:f5:f3:13:0b:f4:6e:
cb:56:66:3a:60:88:75:35:30:df:af:b4:e3:db:43:8d:31:3b:
76:6f:4e:d8:92:fa:95:c1:e2:47:17:ae:ab:68:ac:00:8f:af:
34:f3:f8:45
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYs9lhBtqKxXiLsDkRJCc0Q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzI0ZGU5OTEwMWZhZmRmNzRiY2EyOTNmZDZkOTUwNjBk
NTBhNjMwHhcNMjMxMDE3MTIyMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTBmYTc5MjY0NmFlNzY2ODMwOWQyYmU3MWEzYWJmNDJhNzcwM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmU/NtCk50qioe1rCOyZcNGap/bm
iG2cCEx5AJB/VzHyE1gmn1Xua9TwIYZrGaiGUrNWZry9ZrLzzaG7m9Gl8MQCVc1C
aMUqIRvMe9kpY3gKVYfc1tgTP1ujduBXQ+b5GYOCZbuKKV1vGTDA/ZiC15QbOaiK
7vW4SbV41u/HK9wg/aQyX7kUSXUZ0+3T6YAQQMeMavlbFy9N+kD1PTgFVaQjj/T4
y+0mNwm9YFjDNbjcIHWfVKK5RztEQ5Yi257Zbl688RwdldtfYPN/STf35bxh5sxs
O4hdc2Gl/zm7YXWE2h5lr5XYVZyXjJ7Hrt4FBnDf0hueAgJzyXe3JkjilwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLkPp5JkaudmgwnSvnGjq/QqdwP2MB8GA1UdIwQY
MBaAFMfCTemRAfr990vKKT/W2VBg1QpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQt
ZWQ1ZDZjZThkN2U4LzEvdVEtbmttUnE1MmFEQ2RLLWNhT3I5Q3AzQV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQtZWQ1ZDZjZThkN2U4
LzEveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMCBTADAwGA
TgMEB6SxAAMDBrCAAwQEwnXAAwQFwp5gAwQHwySAMA0GCSqGSIb3DQEBCwUAA4IB
AQCsD05H8+1/THEzvpX2Z+PI5aq7EVAMqIrwBpHu4hNaT0qWBx2AvcOLOJ9nGZ3I
EO0W3ErOs306MKs1+tJd2S7oMJ/3dROuaWODxHjiW9JxQiUacptUGOqVtJOsE5t2
bdL7jcFwKd69Zor6Rla/sI+gb1Iz/sx92r2WEvhtxw6qYuaVNrjTQSFuHSWEZC5x
oMxgpzFf8bCqu4vPu1kxia+we0Jn/q9ton2Fu9YxftpCYra9I9ApdeTMo2cSYyac
YTibWGuxUo/8qKFCrYNTjQL+HpT18xML9G7LVmY6YIh1NTDfr7Tj20ONMTt2b07Y
kvqVweJHF66raKwAj6808/hF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:00 2024 by rpki-client on console-ams.rpki-client.org