Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/uKfrjkZPwmAR1HBhkPbw16YYzKw.roa
File: uKfrjkZPwmAR1HBhkPbw16YYzKw.roa (raw, json)
Hash identifier: IdNePGEDC1wlsIHxMJDE/+hsqSHbtOUzM4lq5otQys0=
Subject key identifier: B8:A7:EB:8E:46:4F:C2:60:11:D4:70:61:90:F6:F0:D7:A6:18:CC:AC
Certificate issuer: /CN=34e110b59362f673eae33b66ee7aea3c4028294e
Certificate serial: 01856FF97D1C7B0FB05CB75FA21F423FF2A2
Authority key identifier: 34:E1:10:B5:93:62:F6:73:EA:E3:3B:66:EE:7A:EA:3C:40:28:29:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/uKfrjkZPwmAR1HBhkPbw16YYzKw.roa
Signing time: Mon 02 Jan 2023 00:54:59 +0000
ROA not before: Mon 02 Jan 2023 00:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29028
IP address blocks: 141.105.124.0/24 maxlen: 24
141.105.124.0/23 maxlen: 24
141.105.125.0/24 maxlen: 24
141.105.120.0/22 maxlen: 24
141.105.126.0/23 maxlen: 24
178.21.118.0/24 maxlen: 24
178.21.112.0/21 maxlen: 24
193.200.132.0/24 maxlen: 24
194.145.200.0/23 maxlen: 24
185.2.44.0/22 maxlen: 24
2a02:2308::/32 maxlen: 32
2a02:2308:30::/48 maxlen: 48
2a02:2308:20::/48 maxlen: 48
2a02:2308::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Sep 2023 13:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:7d:1c:7b:0f:b0:5c:b7:5f:a2:1f:42:3f:f2:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e110b59362f673eae33b66ee7aea3c4028294e
Validity
Not Before: Jan 2 00:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8a7eb8e464fc26011d4706190f6f0d7a618ccac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0c:17:ce:61:fb:ba:5a:83:e1:2c:dd:2e:1e:
bd:75:00:49:63:2d:fe:53:1c:e0:7e:61:05:a2:93:
29:28:a4:35:02:81:ec:25:a8:0b:ae:f9:51:10:ff:
67:fe:ba:6c:1b:df:49:f4:b8:63:c0:2f:48:c0:1d:
a9:80:ff:20:85:d6:f5:0e:d3:9c:62:f7:7e:52:84:
45:a8:9a:62:56:ed:c8:fe:4f:6a:45:98:27:01:e6:
d1:4a:ac:39:37:09:9b:dd:4c:ec:59:2c:15:0e:53:
63:16:6c:cf:73:5f:48:c4:f8:a9:89:da:4d:3e:25:
88:f8:08:9f:3f:f1:59:0c:b1:71:27:35:16:f7:ed:
ed:6b:96:0d:af:29:e2:c3:47:38:76:4b:1b:bb:fb:
1b:06:77:78:14:5e:15:64:a7:e0:3c:fd:ae:95:69:
b3:24:bf:e5:c6:2c:4f:bc:6d:29:a4:1f:62:47:ed:
a8:40:47:c6:28:e7:b0:47:e5:51:30:4a:1e:5b:c5:
a4:20:ce:fc:4e:fb:ec:ba:56:eb:d2:2c:d4:3c:dd:
ff:98:cf:95:88:14:e8:1d:28:fc:86:60:8f:cc:62:
76:3a:35:08:73:4b:c2:80:2d:3c:84:cb:9c:bc:8f:
3d:9e:7d:0f:fb:a1:54:2d:11:cb:61:7d:6f:22:b4:
ca:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A7:EB:8E:46:4F:C2:60:11:D4:70:61:90:F6:F0:D7:A6:18:CC:AC
X509v3 Authority Key Identifier:
keyid:34:E1:10:B5:93:62:F6:73:EA:E3:3B:66:EE:7A:EA:3C:40:28:29:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/uKfrjkZPwmAR1HBhkPbw16YYzKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/NOEQtZNi9nPq4ztm7nrqPEAoKU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.120.0/21
178.21.112.0/21
185.2.44.0/22
193.200.132.0/24
194.145.200.0/23
IPv6:
2a02:2308::/32
Signature Algorithm: sha256WithRSAEncryption
4e:54:08:3e:24:90:ea:96:80:57:9d:a6:ea:99:11:29:fa:f8:
01:82:a9:34:81:83:2e:b5:45:c2:af:ab:29:52:45:58:37:52:
c4:79:2e:e6:49:c0:98:a3:cb:9a:62:9c:60:4a:b7:5d:b2:dc:
29:c9:97:94:5a:8f:e8:68:77:1d:7f:a6:a7:ae:eb:98:17:f7:
ad:83:a2:fa:22:80:8d:ca:cb:34:8c:87:7f:ba:42:9b:38:b7:
14:6d:e9:2e:a4:48:06:f1:7f:14:f6:6a:8f:1b:80:56:71:87:
a7:80:58:5a:6d:c7:04:f0:91:54:78:0a:73:90:0b:1c:0e:41:
b6:ef:79:e7:be:34:bb:68:e7:dd:bb:6c:80:38:45:a2:89:a3:
ea:ac:79:d1:91:37:05:54:5a:db:00:4b:5f:90:c0:c3:37:b4:
aa:60:21:1f:15:ed:65:fc:44:8e:20:a9:f7:7b:5d:94:c8:7e:
e6:a4:1c:6c:23:6b:76:62:dc:4c:82:d2:20:60:a2:c6:08:bb:
b4:91:b3:92:a2:d2:f2:6e:3d:70:0c:1c:28:d8:e8:83:94:69:
39:0d:00:a9:77:c1:5b:d1:fc:0a:26:ed:08:86:88:ac:44:d8:
00:29:f0:79:21:40:fb:4a:51:b3:21:a3:88:28:73:b6:c8:50:
94:09:33:7f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVv+X0cew+wXLdfoh9CP/KiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTExMGI1OTM2MmY2NzNlYWUzM2I2NmVlN2FlYTNjNDAy
ODI5NGUwHhcNMjMwMTAyMDA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGE3ZWI4ZTQ2NGZjMjYwMTFkNDcwNjE5MGY2ZjBkN2E2MThjY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwwXzmH7ulqD4SzdLh69dQBJYy3+
UxzgfmEFopMpKKQ1AoHsJagLrvlREP9n/rpsG99J9LhjwC9IwB2pgP8ghdb1DtOc
Yvd+UoRFqJpiVu3I/k9qRZgnAebRSqw5Nwmb3UzsWSwVDlNjFmzPc19IxPipidpN
PiWI+AifP/FZDLFxJzUW9+3ta5YNryniw0c4dksbu/sbBnd4FF4VZKfgPP2ulWmz
JL/lxixPvG0ppB9iR+2oQEfGKOewR+VRMEoeW8WkIM78Tvvsulbr0izUPN3/mM+V
iBToHSj8hmCPzGJ2OjUIc0vCgC08hMucvI89nn0P+6FULRHLYX1vIrTKSwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLin645GT8JgEdRwYZD28NemGMysMB8GA1UdIwQY
MBaAFDThELWTYvZz6uM7Zu566jxAKClOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9FUXRaTmk5blBxNHp0bTducnFQRUFvS1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wYmY4ZmItMTYwNC00Y2QxLTlkYTYt
MWJiMjdjNWQzOTdlLzEvdUtmcmprWlB3bUFSMUhCaGtQYncxNllZekt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wYmY4ZmItMTYwNC00Y2QxLTlkYTYtMWJiMjdjNWQzOTdl
LzEvTk9FUXRaTmk5blBxNHp0bTducnFQRUFvS1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDjWl4AwQD
shVwAwQCuQIsAwQAwciEAwQBwpHIMA0EAgACMAcDBQAqAiMIMA0GCSqGSIb3DQEB
CwUAA4IBAQBOVAg+JJDqloBXnabqmREp+vgBgqk0gYMutUXCr6spUkVYN1LEeS7m
ScCYo8uaYpxgSrddstwpyZeUWo/oaHcdf6anruuYF/etg6L6IoCNyss0jId/ukKb
OLcUbekupEgG8X8U9mqPG4BWcYengFhabccE8JFUeApzkAscDkG273nnvjS7aOfd
u2yAOEWiiaPqrHnRkTcFVFrbAEtfkMDDN7SqYCEfFe1l/ESOIKn3e12UyH7mpBxs
I2t2YtxMgtIgYKLGCLu0kbOSotLybj1wDBwo2OiDlGk5DQCpd8Fb0fwKJu0Ihois
RNgAKfB5IUD7SlGzIaOIKHO2yFCUCTN/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:35 2024 by rpki-client on console-fra.rpki-client.org