Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/0b7271-0221-460e-831a-dc884f1be3e5/1/UaCItnYbx90QuSpCocMbct-s6G4.roa
File: UaCItnYbx90QuSpCocMbct-s6G4.roa (raw, json)
Hash identifier: 3V8BFn37E2wP9cPkV/kW9Tu4l2d86g0py/4TIiCzRMA=
Subject key identifier: 51:A0:88:B6:76:1B:C7:DD:10:B9:2A:42:A1:C3:1B:72:DF:AC:E8:6E
Certificate issuer: /CN=c6cfd94237efd200dd0b116e1f6f9b7bca659ca7
Certificate serial: 018CC348EF27851F4702F02CA446A5FD571F
Authority key identifier: C6:CF:D9:42:37:EF:D2:00:DD:0B:11:6E:1F:6F:9B:7B:CA:65:9C:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xs_ZQjfv0gDdCxFuH2-be8plnKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/0b7271-0221-460e-831a-dc884f1be3e5/1/UaCItnYbx90QuSpCocMbct-s6G4.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8991
IP address blocks: 192.135.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ef:27:85:1f:47:02:f0:2c:a4:46:a5:fd:57:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6cfd94237efd200dd0b116e1f6f9b7bca659ca7
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51a088b6761bc7dd10b92a42a1c31b72dface86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a8:74:a0:f3:03:73:f3:9e:de:fe:10:99:23:
09:f3:43:13:ed:6a:9c:f3:2d:f9:d6:c8:61:99:14:
71:aa:0f:f3:4c:bc:d7:82:c7:f0:d1:fe:fc:9c:f2:
93:23:3f:19:88:da:18:4f:e3:67:fc:fa:14:1a:2b:
e3:5d:e5:5a:5f:5b:b7:79:12:aa:0b:7f:4c:90:44:
95:a7:59:02:52:19:76:3b:b6:a4:4d:87:1e:86:f4:
2c:15:2d:f5:27:da:60:26:b2:84:b8:4f:c3:56:03:
55:d6:cf:38:c5:93:9b:15:3f:46:75:2c:90:d3:ae:
d3:72:fd:38:b1:ff:93:ec:17:74:3a:4d:17:a9:0f:
35:55:f8:aa:e2:b0:63:a5:3b:88:a4:76:31:da:b6:
6f:a8:2a:f3:62:84:7d:21:82:4f:e4:a5:a4:4c:6a:
19:2d:7f:c7:08:79:f2:f8:b1:04:04:4d:7a:e7:5f:
d4:6f:f9:30:ba:fb:1f:6e:ff:81:59:26:1b:e6:9a:
95:75:6f:9f:d4:bd:3e:20:9c:17:e5:16:30:bf:22:
41:15:a3:55:c9:3b:3f:47:b9:ab:81:a7:c5:41:b6:
62:b9:c8:fe:0a:56:3b:48:ee:82:45:b6:a2:67:06:
ed:50:34:ca:52:e4:e3:33:2f:c9:84:dc:be:f7:28:
f2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A0:88:B6:76:1B:C7:DD:10:B9:2A:42:A1:C3:1B:72:DF:AC:E8:6E
X509v3 Authority Key Identifier:
keyid:C6:CF:D9:42:37:EF:D2:00:DD:0B:11:6E:1F:6F:9B:7B:CA:65:9C:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xs_ZQjfv0gDdCxFuH2-be8plnKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/0b7271-0221-460e-831a-dc884f1be3e5/1/UaCItnYbx90QuSpCocMbct-s6G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/0b7271-0221-460e-831a-dc884f1be3e5/1/xs_ZQjfv0gDdCxFuH2-be8plnKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.135.166.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a3:12:63:5c:9e:29:9a:7a:54:39:c9:31:2c:cf:3e:8c:0f:
8f:24:54:f4:f9:0f:96:84:87:64:8b:97:9e:c8:18:03:2a:90:
f0:8d:2d:90:de:50:ae:64:88:77:5d:c4:30:21:63:0a:69:93:
6a:c1:b7:a0:7a:6a:41:75:e7:cf:ce:71:63:a4:25:c2:fd:cf:
9a:86:3b:ad:99:5a:31:e7:aa:e8:8e:d5:98:20:c6:87:8c:24:
08:9b:87:b3:60:88:bb:62:fc:3c:52:39:60:37:d9:da:ca:29:
1e:39:b3:d0:b2:a8:72:ba:9c:fc:c3:9b:17:f5:13:0c:f9:b7:
00:03:b9:b6:a0:8b:07:f1:1d:3d:38:13:47:fe:3d:d0:24:90:
d1:a8:85:4c:c5:28:c7:fb:f6:ee:b5:15:3b:be:6e:f4:61:84:
fd:02:32:b5:dc:ee:d2:23:59:cb:b0:6a:c4:8d:92:0e:d3:14:
8b:b3:ae:c1:18:d5:c6:92:ca:b7:19:6f:13:83:c5:b2:95:61:
b8:33:19:a2:d6:5f:79:41:83:03:c0:74:4e:f1:e5:68:66:4a:
cb:89:3e:f1:08:28:15:ef:c7:98:57:c1:a6:b0:06:c0:83:76:
a1:91:c4:90:5e:8e:a8:30:7d:5b:ef:62:e3:d2:b3:a9:c6:9b:
49:22:6a:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSO8nhR9HAvAspEal/VcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Y2ZkOTQyMzdlZmQyMDBkZDBiMTE2ZTFmNmY5YjdiY2E2
NTljYTcwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWEwODhiNjc2MWJjN2RkMTBiOTJhNDJhMWMzMWI3MmRmYWNlODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6h0oPMDc/Oe3v4QmSMJ80MT7Wqc
8y351shhmRRxqg/zTLzXgsfw0f78nPKTIz8ZiNoYT+Nn/PoUGivjXeVaX1u3eRKq
C39MkESVp1kCUhl2O7akTYcehvQsFS31J9pgJrKEuE/DVgNV1s84xZObFT9GdSyQ
067Tcv04sf+T7Bd0Ok0XqQ81Vfiq4rBjpTuIpHYx2rZvqCrzYoR9IYJP5KWkTGoZ
LX/HCHny+LEEBE1651/Ub/kwuvsfbv+BWSYb5pqVdW+f1L0+IJwX5RYwvyJBFaNV
yTs/R7mrgafFQbZiucj+ClY7SO6CRbaiZwbtUDTKUuTjMy/JhNy+9yjyTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGgiLZ2G8fdELkqQqHDG3LfrOhuMB8GA1UdIwQY
MBaAFMbP2UI379IA3QsRbh9vm3vKZZynMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNfWlFqZnYwZ0RkQ3hGdUgyLWJlOHBsbktjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wYjcyNzEtMDIyMS00NjBlLTgzMWEt
ZGM4ODRmMWJlM2U1LzEvVWFDSXRuWWJ4OTBRdVNwQ29jTWJjdC1zNkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wYjcyNzEtMDIyMS00NjBlLTgzMWEtZGM4ODRmMWJlM2U1
LzEveHNfWlFqZnYwZ0RkQ3hGdUgyLWJlOHBsbktjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwIemMA0G
CSqGSIb3DQEBCwUAA4IBAQCFoxJjXJ4pmnpUOckxLM8+jA+PJFT0+Q+WhIdki5ee
yBgDKpDwjS2Q3lCuZIh3XcQwIWMKaZNqwbegempBdefPznFjpCXC/c+ahjutmVox
56rojtWYIMaHjCQIm4ezYIi7Yvw8UjlgN9nayikeObPQsqhyupz8w5sX9RMM+bcA
A7m2oIsH8R09OBNH/j3QJJDRqIVMxSjH+/butRU7vm70YYT9AjK13O7SI1nLsGrE
jZIO0xSLs67BGNXGksq3GW8Tg8WylWG4Mxmi1l95QYMDwHRO8eVoZkrLiT7xCCgV
78eYV8GmsAbAg3ahkcSQXo6oMH1b72Lj0rOpxptJImp3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:14 2025 by rpki-client