Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/UQq5VcBdCKrr2fNnFyqTckP93bQ.roa
File: UQq5VcBdCKrr2fNnFyqTckP93bQ.roa (raw, json)
Hash identifier: MxNKBZmcXstuzyTu8ZxVzAEq7iObnp+PjmM5v0sk4SE=
Subject key identifier: 51:0A:B9:55:C0:5D:08:AA:EB:D9:F3:67:17:2A:93:72:43:FD:DD:B4
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 018CC6B92DA330B431541DC62B70E61D9E03
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/UQq5VcBdCKrr2fNnFyqTckP93bQ.roa
Signing time: Mon 01 Jan 2024 20:31:13 +0000
ROA not before: Mon 01 Jan 2024 20:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12873
IP address blocks: 212.15.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2d:a3:30:b4:31:54:1d:c6:2b:70:e6:1d:9e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 20:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=510ab955c05d08aaebd9f367172a937243fdddb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:53:34:38:2b:7d:04:5d:12:c6:fb:6f:0c:b3:
b4:ff:e0:4b:52:37:9e:b2:d8:cf:e3:bc:34:c9:2c:
76:08:5c:f7:7f:dc:e3:fe:91:1a:c6:fc:e7:b1:8b:
24:8b:7f:38:f6:ca:da:7c:bc:64:66:21:dc:22:3e:
3a:f5:85:62:52:2e:42:bd:49:bc:e5:56:38:cf:02:
33:fa:fd:89:bf:a0:15:32:04:05:34:e7:ea:fd:4c:
01:c9:02:e4:16:20:11:35:7b:1a:12:73:1a:1a:37:
cc:8a:dd:53:0b:8d:a5:80:f4:0a:a2:52:12:44:6c:
f4:a9:5b:be:1b:9e:b2:21:63:62:bc:c6:93:83:bf:
10:12:0a:39:0d:b6:21:13:48:b1:e5:b1:31:51:f0:
5e:1d:0b:d1:7e:c9:a7:6c:fd:31:28:65:07:eb:1a:
b3:59:9e:75:02:99:1b:57:fa:50:d9:cb:65:10:71:
76:c3:0f:d0:fb:62:1f:97:fc:0f:4d:37:83:61:56:
e5:ae:aa:f8:b0:06:2d:09:f8:53:bf:2f:21:f9:95:
f4:4f:a9:96:ee:8d:a8:4f:dd:de:22:2b:08:4f:dd:
0a:75:dc:6d:56:85:ad:9f:df:56:da:6a:d7:af:b2:
1d:df:da:57:aa:be:15:60:c8:14:8f:0c:8a:bb:27:
3c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0A:B9:55:C0:5D:08:AA:EB:D9:F3:67:17:2A:93:72:43:FD:DD:B4
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/UQq5VcBdCKrr2fNnFyqTckP93bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.15.9.0/24
Signature Algorithm: sha256WithRSAEncryption
32:aa:7c:5d:a9:c3:1d:1a:94:ab:77:c0:6d:d5:2d:f7:7a:12:
e1:76:ee:ce:8e:bd:32:27:36:86:77:fb:40:41:57:11:21:19:
a4:22:c6:e6:bb:f3:85:78:75:f3:cd:2b:50:15:cc:bd:55:93:
0a:db:90:ec:6f:fc:d3:ed:17:04:b0:aa:e1:b6:87:07:e1:be:
d6:28:a2:db:c8:9a:cf:ba:6f:4d:d4:4e:8c:1a:ef:f8:05:65:
28:11:41:de:7d:44:22:ae:6b:83:31:98:1c:34:21:10:e5:a2:
43:22:9c:ea:c2:f2:44:36:49:ed:29:6e:7c:a3:97:70:b8:50:
75:b3:bd:06:4a:53:29:80:c0:d2:38:35:5b:40:8f:43:c6:4f:
33:80:7c:ea:23:14:c8:1b:4f:f7:b4:5a:8f:39:ec:1d:0d:4f:
8c:28:ec:d9:c7:0d:ac:0c:16:77:40:d4:96:e3:1d:01:cc:63:
de:ec:52:71:43:2b:78:82:e1:09:3e:d7:97:70:68:a4:29:77:
5a:93:64:1e:a8:7d:f7:7c:62:49:db:46:3a:c1:b5:5b:c6:00:
c0:51:d0:3b:f9:ca:c3:a1:1c:5d:78:5e:78:86:7e:b1:c1:cc:
09:b2:b6:80:4b:94:38:32:d5:af:05:67:1f:d5:3f:56:1b:aa:
b7:65:fb:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuS2jMLQxVB3GK3DmHZ4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjQwMTAxMjAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTBhYjk1NWMwNWQwOGFhZWJkOWYzNjcxNzJhOTM3MjQzZmRkZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilM0OCt9BF0SxvtvDLO0/+BLUjee
stjP47w0ySx2CFz3f9zj/pEaxvznsYski3849srafLxkZiHcIj469YViUi5CvUm8
5VY4zwIz+v2Jv6AVMgQFNOfq/UwByQLkFiARNXsaEnMaGjfMit1TC42lgPQKolIS
RGz0qVu+G56yIWNivMaTg78QEgo5DbYhE0ix5bExUfBeHQvRfsmnbP0xKGUH6xqz
WZ51ApkbV/pQ2ctlEHF2ww/Q+2Ifl/wPTTeDYVblrqr4sAYtCfhTvy8h+ZX0T6mW
7o2oT93eIisIT90KddxtVoWtn99W2mrXr7Id39pXqr4VYMgUjwyKuyc8YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEKuVXAXQiq69nzZxcqk3JD/d20MB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvVVFxNVZjQmRDS3JyMmZObkZ5cVRja1A5M2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1A8JMA0G
CSqGSIb3DQEBCwUAA4IBAQAyqnxdqcMdGpSrd8Bt1S33ehLhdu7Ojr0yJzaGd/tA
QVcRIRmkIsbmu/OFeHXzzStQFcy9VZMK25Dsb/zT7RcEsKrhtocH4b7WKKLbyJrP
um9N1E6MGu/4BWUoEUHefUQirmuDMZgcNCEQ5aJDIpzqwvJENkntKW58o5dwuFB1
s70GSlMpgMDSODVbQI9Dxk8zgHzqIxTIG0/3tFqPOewdDU+MKOzZxw2sDBZ3QNSW
4x0BzGPe7FJxQyt4guEJPteXcGikKXdak2QeqH33fGJJ20Y6wbVbxgDAUdA7+crD
oRxdeF54hn6xwcwJsraAS5Q4MtWvBWcf1T9WG6q3Zfv7
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:16 2025 by rpki-client