Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/UB301w9WFL5D4YiK7LdWeUoJGDQ.roa
File: UB301w9WFL5D4YiK7LdWeUoJGDQ.roa (raw, json)
Hash identifier: /MRMKAwnROO9De2sQGqOIZc69C5bEUU4VK4NSH+P0FY=
Subject key identifier: 50:1D:F4:D7:0F:56:14:BE:43:E1:88:8A:EC:B7:56:79:4A:09:18:34
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018CC3B6F4F48EB4B766697C54D787AC1FCE
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/UB301w9WFL5D4YiK7LdWeUoJGDQ.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203436
IP address blocks: 185.224.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f4:f4:8e:b4:b7:66:69:7c:54:d7:87:ac:1f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=501df4d70f5614be43e1888aecb756794a091834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:83:a2:6f:cc:c6:94:fd:cc:c6:75:3e:53:28:
d9:70:ce:ac:a8:70:fd:aa:01:08:85:7f:c5:c7:82:
e0:8c:49:2c:1e:04:30:9a:e8:8b:24:4f:c8:da:e9:
44:bc:49:c0:51:76:43:a1:c4:10:91:29:19:76:29:
a9:a9:8c:fc:c1:e4:f8:5f:8f:fa:7c:68:41:4f:63:
65:5d:a5:02:dc:f8:9a:2e:cc:63:0c:05:52:cd:e8:
0b:34:9e:b0:d3:ef:53:3a:5c:3b:47:ef:8a:4d:3e:
22:ef:bc:eb:e1:0c:ed:14:60:dc:35:1e:86:b4:98:
d2:ae:1a:75:eb:fe:6a:69:40:b6:88:a3:3d:e9:6a:
af:68:35:8d:d2:30:97:9c:e4:96:2f:0d:88:b0:97:
de:72:cd:b7:b5:ce:3a:6d:d3:bc:f2:00:ad:25:c1:
45:19:f8:f3:27:3e:a2:4e:fa:b8:95:27:96:a2:95:
e0:0c:42:11:ae:ad:33:31:b9:da:0e:02:01:a0:ba:
33:30:dc:95:e6:d3:96:5f:d7:c3:1d:84:b6:72:1b:
44:11:86:62:4b:6d:a7:dd:03:8c:41:3c:55:01:da:
12:22:20:7f:de:5a:62:76:97:91:56:fd:ef:ad:c1:
37:f4:bc:6b:bc:7f:2b:cc:ce:46:2e:ed:91:e1:1d:
4c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:1D:F4:D7:0F:56:14:BE:43:E1:88:8A:EC:B7:56:79:4A:09:18:34
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/UB301w9WFL5D4YiK7LdWeUoJGDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.217.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:c9:87:db:54:fa:18:65:11:3e:23:3e:b5:5f:7d:e7:a7:ff:
50:65:f0:57:43:42:5c:d3:99:42:83:d2:68:9d:cc:e8:cf:5c:
df:6e:b4:50:b6:d0:80:6b:70:e2:28:40:b4:73:50:f8:c7:1e:
02:54:4d:17:23:36:2f:ac:d0:dd:b3:b0:38:4b:7c:44:fa:2d:
53:8f:ec:7e:41:d0:6d:b4:f3:4d:79:74:88:5c:11:ec:20:22:
e8:d9:37:02:79:e3:48:2b:95:d1:28:52:ab:73:50:04:e8:fb:
b1:47:6d:c5:56:50:cc:e6:52:b2:1d:b0:e8:99:59:c2:b1:6f:
43:0c:63:59:08:1b:4b:c3:51:3e:aa:c8:cc:a9:a2:64:4c:3f:
57:12:c1:67:8f:48:44:bd:4e:a3:63:52:88:d1:64:e8:da:1f:
45:81:ea:d2:73:80:51:e9:a9:39:52:af:6c:18:60:10:8d:50:
5c:1a:07:7e:e1:ed:d6:65:ea:27:6e:f0:1a:d1:34:af:ea:ac:
0f:8a:a2:a5:36:1e:68:24:88:1c:d3:fd:f4:a6:54:e5:75:73:
25:67:57:fc:70:7d:12:31:da:54:ee:8b:69:e9:06:7f:48:db:
68:26:48:b3:cc:6e:13:8e:56:ce:a8:21:f3:5b:87:19:11:38:
38:a1:a2:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtvT0jrS3Zml8VNeHrB/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDFkZjRkNzBmNTYxNGJlNDNlMTg4OGFlY2I3NTY3OTRhMDkxODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoOib8zGlP3MxnU+UyjZcM6sqHD9
qgEIhX/Fx4LgjEksHgQwmuiLJE/I2ulEvEnAUXZDocQQkSkZdimpqYz8weT4X4/6
fGhBT2NlXaUC3PiaLsxjDAVSzegLNJ6w0+9TOlw7R++KTT4i77zr4QztFGDcNR6G
tJjSrhp16/5qaUC2iKM96WqvaDWN0jCXnOSWLw2IsJfecs23tc46bdO88gCtJcFF
GfjzJz6iTvq4lSeWopXgDEIRrq0zMbnaDgIBoLozMNyV5tOWX9fDHYS2chtEEYZi
S22n3QOMQTxVAdoSIiB/3lpidpeRVv3vrcE39LxrvH8rzM5GLu2R4R1MOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAd9NcPVhS+Q+GIiuy3VnlKCRg0MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvVUIzMDF3OVdGTDVENFlpSzdMZFdlVW9KR0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueDZMA0G
CSqGSIb3DQEBCwUAA4IBAQCjyYfbVPoYZRE+Iz61X33np/9QZfBXQ0Jc05lCg9Jo
nczoz1zfbrRQttCAa3DiKEC0c1D4xx4CVE0XIzYvrNDds7A4S3xE+i1Tj+x+QdBt
tPNNeXSIXBHsICLo2TcCeeNIK5XRKFKrc1AE6PuxR23FVlDM5lKyHbDomVnCsW9D
DGNZCBtLw1E+qsjMqaJkTD9XEsFnj0hEvU6jY1KI0WTo2h9FgerSc4BR6ak5Uq9s
GGAQjVBcGgd+4e3WZeonbvAa0TSv6qwPiqKlNh5oJIgc0/30plTldXMlZ1f8cH0S
MdpU7otp6QZ/SNtoJkizzG4TjlbOqCHzW4cZETg4oaKI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:43 2025 by rpki-client