Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/UTVZtafOkNSawOIjrPRrJ1fhNP4.roa
File: UTVZtafOkNSawOIjrPRrJ1fhNP4.roa (raw, json)
Hash identifier: e9g5vgosSNtQyJQccLwUiPELZI0qkw84mKE3oo0Hva8=
Subject key identifier: 51:35:59:B5:A7:CE:90:D4:9A:C0:E2:23:AC:F4:6B:27:57:E1:34:FE
Certificate issuer: /CN=48e99a3feec64d6bad098d1b2df0b536a0388ea3
Certificate serial: 01857102D21CE66E1108BF13418DCF31E570
Authority key identifier: 48:E9:9A:3F:EE:C6:4D:6B:AD:09:8D:1B:2D:F0:B5:36:A0:38:8E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOmaP-7GTWutCY0bLfC1NqA4jqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/UTVZtafOkNSawOIjrPRrJ1fhNP4.roa
Signing time: Mon 02 Jan 2023 05:44:47 +0000
ROA not before: Mon 02 Jan 2023 05:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44943
IP address blocks: 178.22.48.0/21 maxlen: 21
185.34.240.0/24 maxlen: 24
185.34.241.0/24 maxlen: 24
2a00:b880::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:d2:1c:e6:6e:11:08:bf:13:41:8d:cf:31:e5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e99a3feec64d6bad098d1b2df0b536a0388ea3
Validity
Not Before: Jan 2 05:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=513559b5a7ce90d49ac0e223acf46b2757e134fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0e:e2:1e:bc:6f:96:bb:df:9e:d5:e7:97:f1:
78:1d:05:09:a7:6e:bb:a4:ed:4d:80:d8:a8:ee:42:
cb:2a:03:8e:1e:af:32:62:7f:db:35:96:b1:4b:3d:
36:8c:f7:8a:a0:8b:5d:e3:83:78:fa:37:b5:fe:ce:
11:be:5f:d2:eb:79:4c:c6:77:8e:45:ba:f9:f3:ec:
63:b5:ee:fd:db:04:d6:eb:1f:af:ac:5a:6f:5d:9f:
7b:ae:82:2c:3d:50:26:5f:5d:c2:5f:f3:4c:96:a5:
76:13:77:6a:26:cd:e4:5f:0b:5e:ec:18:b5:43:9a:
07:0d:70:7e:06:41:31:15:27:ca:6c:74:4a:1f:5f:
0c:a7:39:d4:7b:ea:6b:ed:7c:f7:5f:d7:32:7e:19:
2c:01:fc:e8:be:c4:f9:6e:40:80:25:30:09:32:51:
47:56:a1:05:17:31:1e:41:65:c9:64:e7:cb:35:63:
ab:ec:be:8a:fb:58:60:5f:61:0d:2b:49:c4:c9:55:
62:a8:59:d6:f7:45:56:15:db:9f:11:52:99:82:52:
23:ee:93:e3:83:1f:82:28:97:e4:2f:18:69:b5:00:
22:d7:d7:13:63:3c:ca:06:ce:ef:bf:b6:a4:1b:66:
ca:8b:64:50:e9:78:21:02:04:8d:b2:71:3e:f7:71:
7b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:35:59:B5:A7:CE:90:D4:9A:C0:E2:23:AC:F4:6B:27:57:E1:34:FE
X509v3 Authority Key Identifier:
keyid:48:E9:9A:3F:EE:C6:4D:6B:AD:09:8D:1B:2D:F0:B5:36:A0:38:8E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOmaP-7GTWutCY0bLfC1NqA4jqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/UTVZtafOkNSawOIjrPRrJ1fhNP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/SOmaP-7GTWutCY0bLfC1NqA4jqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.48.0/21
185.34.240.0/23
IPv6:
2a00:b880::/32
Signature Algorithm: sha256WithRSAEncryption
2f:75:b5:73:bf:1f:2f:55:fd:27:b2:83:fa:17:59:c7:ea:57:
44:3b:1b:52:a5:99:a7:e9:ab:be:ca:bf:65:dd:c2:3e:4d:b0:
4a:db:e0:e9:88:0e:de:71:5e:99:a4:dc:8f:61:de:ec:bd:27:
7f:95:b8:dd:f8:17:ac:23:80:c8:00:ff:94:c6:0e:39:9b:14:
64:b6:62:80:29:68:a7:90:a2:90:dd:6e:44:84:04:5b:dc:4c:
cd:20:15:27:b6:4e:a9:48:c5:47:91:99:05:6f:3f:87:23:2e:
4d:e0:87:80:f4:48:5c:7a:73:fc:40:8c:1f:73:9b:5e:f5:72:
05:c1:56:60:d4:63:98:33:8e:ed:f0:24:f9:cd:18:67:d8:30:
cc:a9:f7:42:77:13:ad:2a:cd:ed:2c:dd:b4:a3:a8:68:b1:e2:
26:9b:1d:a2:7b:c4:61:8c:85:35:1b:ac:36:c5:f6:df:3d:38:
7c:c3:6c:ca:c0:08:21:a8:30:28:5f:a7:a7:a8:18:44:79:2b:
f8:6a:e4:b1:b1:4e:1b:19:cc:1e:e7:3c:69:4e:fa:47:79:11:
13:4e:27:d3:38:f1:70:87:c2:45:5e:c6:b2:3e:e2:cc:aa:e0:
6f:95:c0:cb:82:5a:6f:3b:8a:b8:94:bb:ff:91:77:4b:72:5f:
7c:4c:fd:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxAtIc5m4RCL8TQY3PMeVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTk5YTNmZWVjNjRkNmJhZDA5OGQxYjJkZjBiNTM2YTAz
ODhlYTMwHhcNMjMwMTAyMDU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM1NTliNWE3Y2U5MGQ0OWFjMGUyMjNhY2Y0NmIyNzU3ZTEzNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg7iHrxvlrvfntXnl/F4HQUJp267
pO1NgNio7kLLKgOOHq8yYn/bNZaxSz02jPeKoItd44N4+je1/s4Rvl/S63lMxneO
Rbr58+xjte792wTW6x+vrFpvXZ97roIsPVAmX13CX/NMlqV2E3dqJs3kXwte7Bi1
Q5oHDXB+BkExFSfKbHRKH18MpznUe+pr7Xz3X9cyfhksAfzovsT5bkCAJTAJMlFH
VqEFFzEeQWXJZOfLNWOr7L6K+1hgX2ENK0nEyVViqFnW90VWFdufEVKZglIj7pPj
gx+CKJfkLxhptQAi19cTYzzKBs7vv7akG2bKi2RQ6XghAgSNsnE+93F7kQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFE1WbWnzpDUmsDiI6z0aydX4TT+MB8GA1UdIwQY
MBaAFEjpmj/uxk1rrQmNGy3wtTagOI6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09tYVAtN0dUV3V0Q1kwYkxmQzFOcUE0anFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNGE4MTctMjRhNi00YWMwLTkzMzYt
N2Q3ODE0YzdhNWY3LzEvVVRWWnRhZk9rTlNhd09JanJQUnJKMWZoTlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yNGE4MTctMjRhNi00YWMwLTkzMzYtN2Q3ODE0YzdhNWY3
LzEvU09tYVAtN0dUV3V0Q1kwYkxmQzFOcUE0anFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDshYwAwQB
uSLwMA0EAgACMAcDBQAqALiAMA0GCSqGSIb3DQEBCwUAA4IBAQAvdbVzvx8vVf0n
soP6F1nH6ldEOxtSpZmn6au+yr9l3cI+TbBK2+DpiA7ecV6ZpNyPYd7svSd/lbjd
+BesI4DIAP+Uxg45mxRktmKAKWinkKKQ3W5EhARb3EzNIBUntk6pSMVHkZkFbz+H
Iy5N4IeA9EhcenP8QIwfc5te9XIFwVZg1GOYM47t8CT5zRhn2DDMqfdCdxOtKs3t
LN20o6hoseImmx2ie8RhjIU1G6w2xfbfPTh8w2zKwAghqDAoX6enqBhEeSv4auSx
sU4bGcwe5zxpTvpHeRETTifTOPFwh8JFXsayPuLMquBvlcDLglpvO4q4lLv/kXdL
cl98TP2x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:14 2024 by rpki-client on console-fra.rpki-client.org