Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/3502fc-d9f7-4fa8-baf6-77d529be53d7/1/uAjcP7HWl_vRr_Z0IUIxQSrE6aA.roa
File: uAjcP7HWl_vRr_Z0IUIxQSrE6aA.roa (raw, json)
Hash identifier: KalMgH5Sdsb8vce2YUIjH2Af9BfHzDsl9TapHW4ZOOU=
Subject key identifier: B8:08:DC:3F:B1:D6:97:FB:D1:AF:F6:74:21:42:31:41:2A:C4:E9:A0
Certificate issuer: /CN=b4b0bbd6445578edbc7ba6b5bf7ca9368d2417bf
Certificate serial: 0193F3351F2099E8FCB03974F9D1E815F8E5
Authority key identifier: B4:B0:BB:D6:44:55:78:ED:BC:7B:A6:B5:BF:7C:A9:36:8D:24:17:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tLC71kRVeO28e6a1v3ypNo0kF78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/3502fc-d9f7-4fa8-baf6-77d529be53d7/1/uAjcP7HWl_vRr_Z0IUIxQSrE6aA.roa
Signing time: Mon 23 Dec 2024 11:09:25 +0000
ROA not before: Mon 23 Dec 2024 11:09:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20546
IP address blocks: 194.113.42.0/24 maxlen: 24
2a0f:f640::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:35:1f:20:99:e8:fc:b0:39:74:f9:d1:e8:15:f8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4b0bbd6445578edbc7ba6b5bf7ca9368d2417bf
Validity
Not Before: Dec 23 11:09:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b808dc3fb1d697fbd1aff674214231412ac4e9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c6:35:98:21:2f:57:20:62:52:bd:aa:32:88:
87:90:be:3a:72:d8:44:e6:44:44:e9:e6:29:24:35:
b7:ab:9d:81:5e:75:5a:5e:11:31:77:ab:7a:be:7f:
4a:3d:3f:ab:0a:5d:4e:d6:a9:ef:a0:a3:66:bc:9e:
b2:0b:4b:5d:f5:35:08:b9:ed:15:1a:6e:39:10:f8:
9d:40:b5:e3:ba:3b:a7:1f:65:48:27:4c:12:1f:16:
d2:71:fc:6d:c3:0b:b3:c1:6e:54:ce:33:9b:9c:75:
4d:a9:40:d3:cb:23:1f:41:26:eb:3f:5f:67:ae:fd:
79:96:b1:be:df:e1:79:c4:8f:d3:87:f2:28:45:72:
24:cb:92:17:20:e0:9b:a4:28:b2:9c:b3:b7:d4:33:
1e:47:84:bf:a7:39:41:2f:ab:08:53:e9:a0:8a:a0:
76:21:23:e6:35:6a:4c:00:51:a6:73:da:27:be:83:
0f:c2:e8:cd:f0:16:85:84:1e:42:af:e3:04:2a:f8:
ce:05:ef:95:17:f7:6e:26:bf:77:f6:b7:ce:fc:5d:
00:cf:51:49:c5:3b:60:31:9f:47:9e:83:ec:ec:a2:
46:4a:fb:c5:4c:bc:67:5d:61:cb:aa:59:e0:d7:fb:
bc:18:2a:4c:fd:7e:dd:cc:0c:5b:f6:e9:32:6d:b0:
ec:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:08:DC:3F:B1:D6:97:FB:D1:AF:F6:74:21:42:31:41:2A:C4:E9:A0
X509v3 Authority Key Identifier:
keyid:B4:B0:BB:D6:44:55:78:ED:BC:7B:A6:B5:BF:7C:A9:36:8D:24:17:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tLC71kRVeO28e6a1v3ypNo0kF78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3502fc-d9f7-4fa8-baf6-77d529be53d7/1/uAjcP7HWl_vRr_Z0IUIxQSrE6aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3502fc-d9f7-4fa8-baf6-77d529be53d7/1/tLC71kRVeO28e6a1v3ypNo0kF78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.42.0/24
IPv6:
2a0f:f640::/48
Signature Algorithm: sha256WithRSAEncryption
8f:4f:01:6f:f2:c1:02:10:7b:d7:dc:e3:5a:28:fa:a7:81:d5:
2d:2a:63:a8:c5:fd:04:ec:d9:09:a1:07:18:9f:04:ab:4b:a3:
bf:35:b4:40:25:2d:91:10:02:85:d1:27:e1:a6:d5:00:db:af:
db:a0:67:fb:1f:29:35:b3:c2:37:44:28:bc:2c:53:07:ca:5a:
31:ca:5f:4d:17:c0:c0:98:74:bd:8e:18:98:06:3b:88:83:f1:
d4:0c:c0:c2:df:b9:d5:25:ca:29:4b:fd:09:fa:2f:60:e2:a8:
6c:97:5b:20:53:6b:3e:fb:38:40:0c:44:2f:b3:19:29:f8:25:
e9:72:41:4a:45:1c:70:76:7a:ec:d0:44:bb:99:95:f2:b1:1e:
98:bb:27:fa:36:96:17:5b:fa:65:28:03:33:0e:cf:05:b6:7d:
bc:2e:d2:2a:5e:f7:c3:ed:16:dd:2c:fa:2b:86:d9:8a:80:a1:
c3:b7:45:ce:af:e1:5c:24:e8:97:55:ea:de:63:94:91:2d:fb:
c6:cc:c6:d9:53:ac:d1:a4:52:f7:ed:1a:f5:97:46:70:84:94:
96:0d:6a:69:80:98:50:91:86:50:11:91:f0:88:8c:70:80:b8:
24:28:a7:d7:24:31:b7:96:68:c1:a2:17:75:2a:84:d0:6a:a2:
b8:98:25:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZPzNR8gmej8sDl0+dHoFfjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YjBiYmQ2NDQ1NTc4ZWRiYzdiYTZiNWJmN2NhOTM2OGQy
NDE3YmYwHhcNMjQxMjIzMTEwOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODA4ZGMzZmIxZDY5N2ZiZDFhZmY2NzQyMTQyMzE0MTJhYzRlOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsY1mCEvVyBiUr2qMoiHkL46cthE
5kRE6eYpJDW3q52BXnVaXhExd6t6vn9KPT+rCl1O1qnvoKNmvJ6yC0td9TUIue0V
Gm45EPidQLXjujunH2VIJ0wSHxbScfxtwwuzwW5UzjObnHVNqUDTyyMfQSbrP19n
rv15lrG+3+F5xI/Th/IoRXIky5IXIOCbpCiynLO31DMeR4S/pzlBL6sIU+mgiqB2
ISPmNWpMAFGmc9onvoMPwujN8BaFhB5Cr+MEKvjOBe+VF/duJr939rfO/F0Az1FJ
xTtgMZ9HnoPs7KJGSvvFTLxnXWHLqlng1/u8GCpM/X7dzAxb9ukybbDsLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLgI3D+x1pf70a/2dCFCMUEqxOmgMB8GA1UdIwQY
MBaAFLSwu9ZEVXjtvHumtb98qTaNJBe/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdExDNzFrUlZlTzI4ZTZhMXYzeXBObzBrRjc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNTAyZmMtZDlmNy00ZmE4LWJhZjYt
NzdkNTI5YmU1M2Q3LzEvdUFqY1A3SFdsX3ZScl9aMElVSXhRU3JFNmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNTAyZmMtZDlmNy00ZmE4LWJhZjYtNzdkNTI5YmU1M2Q3
LzEvdExDNzFrUlZlTzI4ZTZhMXYzeXBObzBrRjc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwnEqMA8E
AgACMAkDBwAqD/ZAAAAwDQYJKoZIhvcNAQELBQADggEBAI9PAW/ywQIQe9fc41oo
+qeB1S0qY6jF/QTs2QmhBxifBKtLo781tEAlLZEQAoXRJ+Gm1QDbr9ugZ/sfKTWz
wjdEKLwsUwfKWjHKX00XwMCYdL2OGJgGO4iD8dQMwMLfudUlyilL/Qn6L2DiqGyX
WyBTaz77OEAMRC+zGSn4JelyQUpFHHB2euzQRLuZlfKxHpi7J/o2lhdb+mUoAzMO
zwW2fbwu0ipe98PtFt0s+iuG2YqAocO3Rc6v4Vwk6JdV6t5jlJEt+8bMxtlTrNGk
UvftGvWXRnCElJYNammAmFCRhlARkfCIjHCAuCQop9ckMbeWaMGiF3UqhNBqoriY
Jd8=
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:51:59 2025 by rpki-client