Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UzFqjPN4pN37OOeLpftcaKnuY04.roa
File: UzFqjPN4pN37OOeLpftcaKnuY04.roa (raw, json)
Hash identifier: DFqb6hsCUOQuNWgOAX27vk2aUgPCTajZQzCeLw8jHoY=
Subject key identifier: 53:31:6A:8C:F3:78:A4:DD:FB:38:E7:8B:A5:FB:5C:68:A9:EE:63:4E
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCD58C3E9F0E8CFE8325455AFA7A23
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UzFqjPN4pN37OOeLpftcaKnuY04.roa
Signing time: Tue 02 Jan 2024 10:34:05 +0000
ROA not before: Tue 02 Jan 2024 10:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42031
IP address blocks: 195.91.142.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d5:8c:3e:9f:0e:8c:fe:83:25:45:5a:fa:7a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53316a8cf378a4ddfb38e78ba5fb5c68a9ee634e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:6e:fb:c8:76:50:1f:db:29:4d:f7:2a:6f:
8c:86:23:63:82:30:72:7e:ab:ec:d6:ca:56:0e:9e:
da:96:32:b6:84:e0:ff:f9:cc:63:ef:82:ae:e1:83:
42:26:91:ce:3e:9f:14:28:ab:fb:b5:a4:cd:17:72:
02:14:e5:1f:c6:eb:0f:bf:ed:82:f8:51:30:eb:aa:
b1:a4:99:28:db:e2:67:a2:98:ca:1e:56:09:6d:e8:
63:b2:b8:46:c1:9b:3a:92:cc:d7:24:80:3e:10:78:
72:a6:24:d4:d7:83:3f:1f:73:d8:c6:3b:ee:83:7d:
1a:98:58:9b:5a:f3:21:82:aa:70:44:63:ad:d5:c3:
5d:59:23:d8:46:d1:ea:ea:01:00:48:29:d7:2e:5a:
f6:c8:22:60:2d:89:95:19:d3:ce:fb:6d:ae:c1:e1:
91:de:f9:26:f6:32:d1:c1:c1:aa:65:14:e1:13:f1:
dd:74:f8:25:f3:65:c8:7f:b2:8f:7e:5f:da:0b:cf:
00:d5:51:7a:e5:a9:53:00:84:8d:39:ef:69:54:f4:
8f:1e:b3:08:36:d1:2b:ff:49:a2:95:57:37:82:d2:
92:e6:df:76:35:67:cf:fd:ff:2f:e1:68:c1:fd:62:
95:37:0a:8e:67:4c:9b:e0:54:8e:2b:7d:69:8e:92:
17:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:31:6A:8C:F3:78:A4:DD:FB:38:E7:8B:A5:FB:5C:68:A9:EE:63:4E
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UzFqjPN4pN37OOeLpftcaKnuY04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.91.142.0/23
Signature Algorithm: sha256WithRSAEncryption
60:7d:de:19:e7:5f:33:10:14:e6:1b:3e:55:9e:cb:69:bf:76:
17:f1:53:ae:8f:75:5a:61:0a:50:1a:8c:73:22:db:fc:98:c5:
10:cf:bb:9e:c7:43:a1:de:7c:e9:2b:70:e4:9f:9e:48:af:0d:
18:bf:97:88:a6:d2:1d:89:04:66:e0:0e:fc:5a:db:02:a4:2f:
ef:21:a5:14:e6:06:43:09:f4:6b:19:e1:9c:7b:40:2d:d2:ea:
27:b1:11:90:c0:0f:0e:ed:98:36:68:fa:4e:1c:89:07:f6:89:
d1:7c:33:f9:52:24:cc:b5:a3:57:b7:b3:47:09:57:6b:75:87:
e3:30:2a:ec:47:78:61:dc:64:40:35:d0:26:a5:47:54:3f:c8:
95:3c:d8:37:28:da:60:f5:8a:77:2a:5d:02:cf:15:9b:68:67:
99:d3:e3:89:a5:78:87:3c:28:20:cf:73:d4:8f:ae:90:1f:40:
c9:50:b5:ef:c2:7b:f2:80:84:d6:e0:0c:3b:17:d0:6f:6f:d3:
a4:c0:b0:22:f7:3d:31:fc:57:5b:2d:98:1a:8d:1a:e9:20:e1:
31:08:cd:44:6d:aa:80:72:37:64:14:19:29:1c:2d:a9:e7:0b:
b6:ac:9c:43:c6:b5:a0:64:a6:ea:36:45:4c:c2:b6:28:dd:91:
b9:e4:f1:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvNWMPp8OjP6DJUVa+nojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzMxNmE4Y2YzNzhhNGRkZmIzOGU3OGJhNWZiNWM2OGE5ZWU2MzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ9u+8h2UB/bKU33Km+MhiNjgjBy
fqvs1spWDp7aljK2hOD/+cxj74Ku4YNCJpHOPp8UKKv7taTNF3ICFOUfxusPv+2C
+FEw66qxpJko2+JnopjKHlYJbehjsrhGwZs6kszXJIA+EHhypiTU14M/H3PYxjvu
g30amFibWvMhgqpwRGOt1cNdWSPYRtHq6gEASCnXLlr2yCJgLYmVGdPO+22uweGR
3vkm9jLRwcGqZRThE/HddPgl82XIf7KPfl/aC88A1VF65alTAISNOe9pVPSPHrMI
NtEr/0milVc3gtKS5t92NWfP/f8v4WjB/WKVNwqOZ0yb4FSOK31pjpIXhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMxaozzeKTd+zjni6X7XGip7mNOMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvVXpGcWpQTjRwTjM3T09lTHBmdGNhS251WTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1uOMA0G
CSqGSIb3DQEBCwUAA4IBAQBgfd4Z518zEBTmGz5Vnstpv3YX8VOuj3VaYQpQGoxz
Itv8mMUQz7uex0Oh3nzpK3Dkn55Irw0Yv5eIptIdiQRm4A78WtsCpC/vIaUU5gZD
CfRrGeGce0At0uonsRGQwA8O7Zg2aPpOHIkH9onRfDP5UiTMtaNXt7NHCVdrdYfj
MCrsR3hh3GRANdAmpUdUP8iVPNg3KNpg9Yp3Kl0CzxWbaGeZ0+OJpXiHPCggz3PU
j66QH0DJULXvwnvygITW4Aw7F9Bvb9OkwLAi9z0x/FdbLZgajRrpIOExCM1EbaqA
cjdkFBkpHC2p5wu2rJxDxrWgZKbqNkVMwrYo3ZG55PFl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:07 2025 by rpki-client