Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/uZok7D_QdrsSU-e02B-oSZtFoto.roa
File: uZok7D_QdrsSU-e02B-oSZtFoto.roa (raw, json)
Hash identifier: ColYrkkd0iyFyEmNIa75L/F7iTI5MNe6LpM59hlSpL0=
Subject key identifier: B9:9A:24:EC:3F:D0:76:BB:12:53:E7:B4:D8:1F:A8:49:9B:45:A2:DA
Certificate issuer: /CN=2aaf24e9111a889db4dae087e4809e1086e33f82
Certificate serial: 018CC50134A4087E7EF678835744F4E4B175
Authority key identifier: 2A:AF:24:E9:11:1A:88:9D:B4:DA:E0:87:E4:80:9E:10:86:E3:3F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/uZok7D_QdrsSU-e02B-oSZtFoto.roa
Signing time: Mon 01 Jan 2024 12:30:39 +0000
ROA not before: Mon 01 Jan 2024 12:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203255
IP address blocks: 185.137.48.0/22 maxlen: 24
2a0f:cb40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:34:a4:08:7e:7e:f6:78:83:57:44:f4:e4:b1:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aaf24e9111a889db4dae087e4809e1086e33f82
Validity
Not Before: Jan 1 12:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b99a24ec3fd076bb1253e7b4d81fa8499b45a2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c4:e1:ca:41:c8:2a:9e:9d:71:0a:06:0b:80:
3e:27:46:dc:15:9d:93:e8:e8:a0:10:59:25:d7:9e:
af:5f:5d:e6:1b:0e:ca:8b:63:99:dd:b1:49:f5:cd:
bc:02:c4:dc:8f:6f:b2:79:66:1e:ec:3e:0e:85:9f:
aa:5e:69:41:25:a3:37:f4:60:d1:e6:31:e8:1b:de:
9d:6f:4b:32:7e:bb:a4:84:2d:d7:56:f2:83:b0:97:
e9:6f:12:a5:cd:24:77:e2:e2:87:4b:59:e9:f2:08:
49:d9:a5:25:18:a6:6b:3c:2f:59:e5:6b:f9:c9:64:
2f:e3:82:a8:81:8b:ef:25:82:eb:d5:3f:3f:e4:45:
9d:2f:d5:29:7b:8e:01:8a:1c:3f:e5:c4:b2:72:7a:
c6:34:75:11:5a:25:d6:aa:6f:44:76:4e:8a:fc:72:
c9:09:b5:82:c9:41:f3:36:b9:45:2c:6c:a9:d3:da:
62:71:21:22:fd:6e:29:ab:6d:94:d7:c7:71:a5:84:
68:54:5b:79:05:9d:16:ca:d9:f6:e2:9b:06:9e:90:
46:c9:3f:6e:d4:22:20:50:17:db:54:53:f8:df:51:
ee:f0:51:52:83:69:65:90:f8:f2:74:10:9b:e5:b4:
57:4b:4b:f9:ce:ce:a0:7b:19:b5:7b:2a:db:08:a6:
ee:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9A:24:EC:3F:D0:76:BB:12:53:E7:B4:D8:1F:A8:49:9B:45:A2:DA
X509v3 Authority Key Identifier:
keyid:2A:AF:24:E9:11:1A:88:9D:B4:DA:E0:87:E4:80:9E:10:86:E3:3F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/uZok7D_QdrsSU-e02B-oSZtFoto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.48.0/22
IPv6:
2a0f:cb40::/32
Signature Algorithm: sha256WithRSAEncryption
53:fb:c2:a2:a4:fd:0f:a1:b7:14:37:21:11:91:89:83:e2:46:
01:5b:da:04:ad:c8:58:12:8c:93:db:87:44:7d:8c:79:04:0e:
a7:52:50:31:fe:73:6a:27:ff:c2:f2:a1:cd:71:96:78:46:2c:
f2:78:aa:fc:d7:26:8c:19:13:f3:8b:a1:c9:1a:a6:da:79:6a:
13:c4:f2:db:3d:9c:a2:67:19:92:e4:d1:3a:a7:30:e6:ea:6e:
a9:fa:24:fb:4c:fd:fd:8a:19:37:25:9c:28:86:40:2d:3e:42:
f0:ee:7f:9d:15:7c:78:75:24:1a:e7:96:8a:a2:cd:a0:60:a6:
b1:03:62:87:dc:bd:13:27:97:0b:8e:be:89:78:5e:c6:45:f9:
ed:c3:58:87:14:92:78:bf:10:c2:09:9c:c7:94:39:01:7c:62:
b7:e4:a9:c9:08:c4:f9:00:b3:1b:f0:1b:4b:56:c4:50:cd:1e:
85:c9:e5:0b:15:77:09:c9:bb:cc:23:73:55:1c:04:d3:fd:64:
96:85:b6:9a:7c:b7:bb:38:8e:b9:ce:aa:01:91:a3:90:6e:17:
58:89:6d:e6:c5:8f:92:53:08:5b:8c:e8:47:9f:65:27:69:b9:
fb:34:75:f6:69:fd:6d:13:17:3a:8d:2e:74:a5:d4:2f:db:62:
f4:59:25:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFATSkCH5+9niDV0T05LF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYWYyNGU5MTExYTg4OWRiNGRhZTA4N2U0ODA5ZTEwODZl
MzNmODIwHhcNMjQwMTAxMTIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTlhMjRlYzNmZDA3NmJiMTI1M2U3YjRkODFmYTg0OTliNDVhMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsThykHIKp6dcQoGC4A+J0bcFZ2T
6OigEFkl156vX13mGw7Ki2OZ3bFJ9c28AsTcj2+yeWYe7D4OhZ+qXmlBJaM39GDR
5jHoG96db0syfrukhC3XVvKDsJfpbxKlzSR34uKHS1np8ghJ2aUlGKZrPC9Z5Wv5
yWQv44KogYvvJYLr1T8/5EWdL9Upe44Bihw/5cSycnrGNHURWiXWqm9Edk6K/HLJ
CbWCyUHzNrlFLGyp09picSEi/W4pq22U18dxpYRoVFt5BZ0Wytn24psGnpBGyT9u
1CIgUBfbVFP431Hu8FFSg2llkPjydBCb5bRXS0v5zs6gexm1eyrbCKbuvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLmaJOw/0Ha7ElPntNgfqEmbRaLaMB8GA1UdIwQY
MBaAFCqvJOkRGoidtNrgh+SAnhCG4z+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9jODA4OTYtYzM2ZS00NjI3LTgzNTMt
MzQxYzNmYTQ1YjQzLzEvdVpvazdEX1FkcnNTVS1lMDJCLW9TWnRGb3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9jODA4OTYtYzM2ZS00NjI3LTgzNTMtMzQxYzNmYTQ1YjQz
LzEvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYkwMA0E
AgACMAcDBQAqD8tAMA0GCSqGSIb3DQEBCwUAA4IBAQBT+8KipP0PobcUNyERkYmD
4kYBW9oErchYEoyT24dEfYx5BA6nUlAx/nNqJ//C8qHNcZZ4RizyeKr81yaMGRPz
i6HJGqbaeWoTxPLbPZyiZxmS5NE6pzDm6m6p+iT7TP39ihk3JZwohkAtPkLw7n+d
FXx4dSQa55aKos2gYKaxA2KH3L0TJ5cLjr6JeF7GRfntw1iHFJJ4vxDCCZzHlDkB
fGK35KnJCMT5ALMb8BtLVsRQzR6FyeULFXcJybvMI3NVHATT/WSWhbaafLe7OI65
zqoBkaOQbhdYiW3mxY+SUwhbjOhHn2Unabn7NHX2af1tExc6jS50pdQv22L0WSWu
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:42:15 2025 by rpki-client