Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UhcnVuXItv-RrRmMVmvQvhWWOEI.roa
File: UhcnVuXItv-RrRmMVmvQvhWWOEI.roa (raw, json)
Hash identifier: H31C/X7CBiG/cXJA6qbY9L6e43HWt0XpjSvAFb9U1zs=
Subject key identifier: 52:17:27:56:E5:C8:B6:FF:91:AD:19:8C:56:6B:D0:BE:15:96:38:42
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D68F0A1573A97F698392DD9AD5BAB83A3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UhcnVuXItv-RrRmMVmvQvhWWOEI.roa
Signing time: Fri 02 Feb 2024 08:30:16 +0000
ROA not before: Fri 02 Feb 2024 08:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.183.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 14:11:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:68:f0:a1:57:3a:97:f6:98:39:2d:d9:ad:5b:ab:83:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 2 08:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52172756e5c8b6ff91ad198c566bd0be15963842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:44:3d:c3:6a:cf:9e:98:b8:89:4f:23:9f:88:
f7:fd:b8:ee:16:2e:9e:75:0c:e2:3c:fd:f2:03:d0:
07:ae:70:d4:4f:78:e7:42:10:95:1b:ef:c6:47:e3:
5e:f3:c2:96:98:8e:7e:e4:5f:40:a7:79:39:5f:28:
68:bd:68:63:39:03:2d:48:a9:20:cb:1c:73:6e:3b:
7f:6a:87:bc:a9:ef:4f:a3:8b:1c:dc:ad:0c:5e:0f:
0e:f3:34:b0:34:3c:aa:2b:40:bf:cf:2d:d2:70:f3:
f2:79:cd:e2:4a:70:d8:17:35:f0:72:0f:6c:55:48:
b6:7f:fd:7c:02:41:db:ef:ab:73:1c:91:ff:ea:bc:
83:85:ca:65:f3:ef:b7:84:7f:02:fd:3c:9a:7c:16:
32:7a:1c:9d:e0:19:b6:ad:fc:d9:1d:f0:4b:9e:ca:
d7:e3:6a:f0:4a:ce:85:fe:cf:4a:59:50:ac:67:06:
66:43:38:e2:ba:67:2d:b8:39:32:4c:91:77:23:c0:
df:95:b5:69:8b:d4:14:b4:10:7e:6a:24:bd:7e:5b:
1d:9b:28:b8:d9:2e:82:66:eb:25:94:da:51:96:4a:
9d:1a:0f:57:46:dd:9a:76:23:08:9a:ea:bf:9d:0b:
e0:4e:b7:32:27:71:15:8d:dd:84:34:81:e0:1e:1a:
c4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:17:27:56:E5:C8:B6:FF:91:AD:19:8C:56:6B:D0:BE:15:96:38:42
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UhcnVuXItv-RrRmMVmvQvhWWOEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
193.124.5.0/24
193.124.7.0/24
193.124.95.0/24
193.124.200.0/24
193.124.202.0/24
193.124.207.0/24
194.58.42.0/24
194.87.26.0/24
194.87.32.0/24
194.87.81.0/24
194.87.149.0/24
194.87.170.0/24
194.87.172.0/24
194.87.201.0/24
194.135.18.0/24
195.58.54.0/24
195.58.60.0/24
195.133.2.0/24
195.133.25.0/24
195.133.72.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
212.193.13.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
94:1b:47:e0:74:0f:43:ad:cc:4d:ad:29:31:c8:2e:91:b2:eb:
2f:a1:4f:f7:52:66:d9:33:de:09:4c:9f:1b:bd:ba:0c:a7:f2:
e7:1b:be:30:c1:0b:b1:25:94:e4:18:60:8c:89:46:f3:08:02:
2f:40:6c:e5:e2:8a:26:91:79:88:8c:19:9e:4e:3d:d3:c0:23:
b3:f8:23:b9:28:fb:95:19:ae:38:12:03:02:64:cd:a4:28:43:
cf:04:13:81:76:2b:f7:06:4e:c0:cb:60:d9:86:e7:15:fa:08:
be:b7:e2:27:ac:50:ba:bb:45:bf:45:c5:4f:6c:60:22:b4:50:
62:25:c0:54:d3:39:9d:01:15:9e:71:27:8b:96:ef:27:d0:dc:
ce:df:09:ec:ef:f5:cd:b1:8b:46:fa:b4:ec:c0:e7:36:45:38:
23:1c:43:96:79:c8:bb:2f:d2:ce:97:de:1c:e7:98:79:11:15:
b4:01:69:29:8e:68:c6:17:7e:c8:de:f7:ef:42:85:9c:a2:86:
fd:01:2c:58:c2:ba:cf:eb:47:c8:c3:43:e0:16:92:c9:af:ba:
58:57:21:a5:8f:5c:62:d0:40:c4:ef:6d:b0:c6:0f:93:a8:c4:
38:3f:31:d3:5f:38:14:30:05:a1:77:7e:8e:d4:ed:d9:61:9a:
f7:7e:19:af
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAY1o8KFXOpf2mDkt2a1bq4OjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjAyMDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE3Mjc1NmU1YzhiNmZmOTFhZDE5OGM1NjZiZDBiZTE1OTYzODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0Q9w2rPnpi4iU8jn4j3/bjuFi6e
dQziPP3yA9AHrnDUT3jnQhCVG+/GR+Ne88KWmI5+5F9Ap3k5XyhovWhjOQMtSKkg
yxxzbjt/aoe8qe9Po4sc3K0MXg8O8zSwNDyqK0C/zy3ScPPyec3iSnDYFzXwcg9s
VUi2f/18AkHb76tzHJH/6ryDhcpl8++3hH8C/TyafBYyehyd4Bm2rfzZHfBLnsrX
42rwSs6F/s9KWVCsZwZmQzjiumctuDkyTJF3I8DflbVpi9QUtBB+aiS9flsdmyi4
2S6CZusllNpRlkqdGg9XRt2adiMImuq/nQvgTrcyJ3EVjd2ENIHgHhrE5wIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFFIXJ1blyLb/ka0ZjFZr0L4VljhCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVWhjblZ1WEl0di1SclJtTVZtdlF2aFdXT0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBADA
fLcDBADBfAUDBADBfAcDBADBfF8DBADBfMgDBADBfMoDBADBfM8DBADCOioDBADC
VxoDBADCVyADBADCV1EDBADCV5UDBADCV6oDBADCV6wDBADCV8kDBADChxIDBADD
OjYDBADDOjwDBADDhQIDBADDhRkDBADDhUgDBADDhVUDBADDhcADBADUwAEDBADU
wQ0DBADUwRkwDQYJKoZIhvcNAQELBQADggEBAJQbR+B0D0OtzE2tKTHILpGy6y+h
T/dSZtkz3glMnxu9ugyn8ucbvjDBC7EllOQYYIyJRvMIAi9AbOXiiiaReYiMGZ5O
PdPAI7P4I7ko+5UZrjgSAwJkzaQoQ88EE4F2K/cGTsDLYNmG5xX6CL634iesULq7
Rb9FxU9sYCK0UGIlwFTTOZ0BFZ5xJ4uW7yfQ3M7fCezv9c2xi0b6tOzA5zZFOCMc
Q5Z5yLsv0s6X3hznmHkRFbQBaSmOaMYXfsje9+9ChZyihv0BLFjCus/rR8jDQ+AW
ksmvulhXIaWPXGLQQMTvbbDGD5OoxDg/MdNfOBQwBaF3fo7U7dlhmvd+Ga8=
-----END CERTIFICATE-----
Generated at Fri Feb 2 17:38:53 2024 by rpki-client on console-fra.rpki-client.org