Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UnYqDlgPjx_em9s5e0eVciCCOOA.roa
File: UnYqDlgPjx_em9s5e0eVciCCOOA.roa (raw, json)
Hash identifier: aG2ej2cubjuwx4/Vg+MH96CWHLb/48CxOGJK+q5vWFw=
Subject key identifier: 52:76:2A:0E:58:0F:8F:1F:DE:9B:DB:39:7B:47:95:72:20:82:38:E0
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018C68ED886DE307EB629F6639C829F54C34
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UnYqDlgPjx_em9s5e0eVciCCOOA.roa
Signing time: Thu 14 Dec 2023 15:24:06 +0000
ROA not before: Thu 14 Dec 2023 15:24:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210546
IP address blocks: 147.45.198.0/24 maxlen: 24
147.45.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:ed:88:6d:e3:07:eb:62:9f:66:39:c8:29:f5:4c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Dec 14 15:24:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52762a0e580f8f1fde9bdb397b479572208238e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:11:ae:d6:be:d8:07:c4:6e:d2:a3:76:c4:84:
60:f3:a7:e7:7e:03:aa:98:7d:19:32:c6:70:87:ea:
87:be:6c:13:3f:ad:d1:96:dc:d9:a3:6d:42:42:b9:
40:fe:24:73:c6:0f:4e:b8:bf:b3:cd:b9:57:37:53:
58:10:8b:6c:46:39:d0:00:5c:77:cd:bc:80:8d:af:
58:e0:43:f0:ef:f1:5d:8e:55:6f:c8:0d:12:ef:21:
8b:08:51:e6:bc:e9:ec:35:df:91:a2:08:33:f8:73:
5c:76:45:26:59:b1:ae:9e:47:3a:01:89:fd:14:71:
5c:c0:45:98:a8:a1:88:e3:85:d8:a4:f8:d4:63:55:
19:24:61:81:98:52:56:76:26:85:b1:95:e4:7e:f2:
2e:bb:12:79:3e:ae:ce:ce:c4:a5:f2:10:65:00:a5:
92:69:dc:d0:f6:60:95:70:f4:68:fd:e4:ba:7a:dd:
12:34:a5:29:fd:2d:f3:79:bd:5b:66:23:4f:65:3f:
f1:be:6f:42:6a:7e:e8:26:ad:2b:d5:6e:2f:49:ec:
29:e2:2f:61:37:67:5b:56:f4:19:2c:59:25:b1:a3:
b5:85:c6:e1:f6:24:0d:62:fb:5c:c5:a6:89:a1:54:
8e:1b:de:19:74:a6:3b:dd:3d:43:99:c4:6d:67:83:
25:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:76:2A:0E:58:0F:8F:1F:DE:9B:DB:39:7B:47:95:72:20:82:38:E0
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/UnYqDlgPjx_em9s5e0eVciCCOOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.198.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:7c:8c:33:fb:c5:05:16:c3:b7:d2:f6:b0:a3:8c:dd:dc:40:
60:66:28:52:fa:1d:52:aa:64:18:b5:49:28:71:87:d0:bb:12:
e9:8a:16:b5:78:b1:d4:1d:63:b9:6a:c8:ca:bf:a9:d3:d6:78:
3c:86:fa:53:3e:86:a3:a1:a1:ca:f9:d4:b4:62:10:e5:4b:8f:
84:83:b6:2d:fb:ed:99:a8:f4:60:f0:c3:19:56:b5:44:00:f1:
bc:31:ff:95:ec:b4:74:39:63:dc:34:b4:29:4e:23:d1:3f:c5:
39:11:1b:2d:ce:6f:14:3a:5b:a4:80:c1:e3:a6:ba:06:64:b0:
ef:30:30:ab:7c:d3:02:e8:7e:78:66:f1:f1:c1:01:3f:7c:2d:
e0:18:ac:41:9e:63:71:0a:51:f9:93:41:48:87:da:22:57:ae:
a1:12:58:8e:55:af:b1:81:99:9c:98:8a:43:be:4b:db:d2:87:
fb:23:7e:ab:7b:cc:6e:19:eb:80:7a:87:2b:15:74:23:46:82:
d6:06:6c:a3:b4:6e:51:92:9f:0b:e7:2f:f3:87:d8:7b:2f:6b:
42:38:70:cd:bd:53:91:2c:52:f3:b8:52:88:3c:f6:75:fe:da:
10:9f:43:11:98:eb:5a:6f:22:29:74:5d:c6:b6:f2:30:5c:9f:
e6:6b:1d:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxo7Yht4wfrYp9mOcgp9Uw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMjE0MTUyNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjc2MmEwZTU4MGY4ZjFmZGU5YmRiMzk3YjQ3OTU3MjIwODIzOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBGu1r7YB8Ru0qN2xIRg86fnfgOq
mH0ZMsZwh+qHvmwTP63RltzZo21CQrlA/iRzxg9OuL+zzblXN1NYEItsRjnQAFx3
zbyAja9Y4EPw7/FdjlVvyA0S7yGLCFHmvOnsNd+Roggz+HNcdkUmWbGunkc6AYn9
FHFcwEWYqKGI44XYpPjUY1UZJGGBmFJWdiaFsZXkfvIuuxJ5Pq7OzsSl8hBlAKWS
adzQ9mCVcPRo/eS6et0SNKUp/S3zeb1bZiNPZT/xvm9Can7oJq0r1W4vSewp4i9h
N2dbVvQZLFklsaO1hcbh9iQNYvtcxaaJoVSOG94ZdKY73T1DmcRtZ4MlowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJ2Kg5YD48f3pvbOXtHlXIggjjgMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVW5ZcURsZ1BqeF9lbTlzNWUwZVZjaUNDT09BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBky3GMA0G
CSqGSIb3DQEBCwUAA4IBAQAvfIwz+8UFFsO30vawo4zd3EBgZihS+h1SqmQYtUko
cYfQuxLpiha1eLHUHWO5asjKv6nT1ng8hvpTPoajoaHK+dS0YhDlS4+Eg7Yt++2Z
qPRg8MMZVrVEAPG8Mf+V7LR0OWPcNLQpTiPRP8U5ERstzm8UOlukgMHjproGZLDv
MDCrfNMC6H54ZvHxwQE/fC3gGKxBnmNxClH5k0FIh9oiV66hEliOVa+xgZmcmIpD
vkvb0of7I36re8xuGeuAeocrFXQjRoLWBmyjtG5Rkp8L5y/zh9h7L2tCOHDNvVOR
LFLzuFKIPPZ1/toQn0MRmOtabyIpdF3GtvIwXJ/max1/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org