Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/UgJObtri2IAC_zwdmfTBsa_JeRc.roa
File: UgJObtri2IAC_zwdmfTBsa_JeRc.roa (raw, json)
Hash identifier: 5UeODcP5n9BAQjyk9a+ZXpIBpOJjJfR1cGyf/b4vpqs=
Subject key identifier: 52:02:4E:6E:DA:E2:D8:80:02:FF:3C:1D:99:F4:C1:B1:AF:C9:79:17
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0193861E8F920B56100CABD3FA6C5A41DBC5
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/UgJObtri2IAC_zwdmfTBsa_JeRc.roa
Signing time: Mon 02 Dec 2024 06:46:09 +0000
ROA not before: Mon 02 Dec 2024 06:46:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16321
IP address blocks: 5.8.56.0/23 maxlen: 24
45.156.212.0/22 maxlen: 22
46.161.12.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:1e:8f:92:0b:56:10:0c:ab:d3:fa:6c:5a:41:db:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 2 06:46:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52024e6edae2d88002ff3c1d99f4c1b1afc97917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:33:ad:81:a4:a4:d1:db:e1:a4:37:a4:42:9a:
03:a3:68:cd:c6:05:5a:87:48:ba:ad:d3:e6:73:f3:
95:09:56:f0:71:db:0b:59:3e:44:4d:0d:57:40:33:
cd:04:e8:80:ee:39:55:46:24:90:8d:50:c8:b8:7f:
e5:80:63:98:e9:1a:d4:8d:cc:d5:77:08:f4:90:1a:
94:59:f5:d1:42:eb:06:0c:64:1f:07:2f:c4:21:13:
b5:3c:44:92:b2:4c:cb:42:7e:ed:59:87:38:a9:4a:
ad:3f:81:5f:f9:7a:2a:e7:bc:f7:11:ca:24:e0:23:
e9:5e:b0:9a:55:bd:4a:69:d6:7b:69:19:ea:d2:d6:
70:77:e1:10:e5:cc:58:11:51:d5:2f:c8:ed:77:d4:
37:86:5e:5c:eb:8e:5c:75:54:6e:07:1e:e9:36:c2:
a7:89:99:a2:77:85:ee:39:58:28:45:ac:f8:32:44:
54:34:6c:06:8a:c7:d2:09:11:c9:2e:a7:67:22:fb:
69:ff:c6:1b:81:08:18:4f:53:27:44:69:34:e4:a4:
fc:63:3d:f4:b0:de:22:80:f6:6e:a7:b4:76:b3:b9:
30:39:71:46:f0:37:0c:aa:9f:1a:0d:2a:1f:1a:b5:
94:c0:42:53:10:fc:b1:ff:32:3a:05:e6:03:b2:b8:
40:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:02:4E:6E:DA:E2:D8:80:02:FF:3C:1D:99:F4:C1:B1:AF:C9:79:17
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/UgJObtri2IAC_zwdmfTBsa_JeRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.56.0/23
45.156.212.0/22
46.161.12.0/23
Signature Algorithm: sha256WithRSAEncryption
09:29:72:27:c2:cb:46:da:4d:39:83:86:5b:8c:36:e0:9e:15:
1e:cc:b3:3a:96:90:f9:7b:ce:d9:17:ca:ea:e2:71:b5:f8:35:
c1:87:71:70:e7:bc:21:79:d5:be:64:61:b8:9f:1d:f3:dc:f3:
6e:3d:ba:ea:7f:ca:37:e5:d8:1e:ca:7b:3e:bf:15:02:e7:e7:
1f:db:15:b1:d3:a8:be:0a:b8:3f:4b:21:2e:86:f1:1a:22:69:
79:3d:ef:08:71:ac:c8:58:50:64:69:f3:40:54:81:70:30:5f:
bc:03:46:45:28:bd:59:24:b7:9f:b9:45:9e:bd:40:00:47:ac:
3f:ee:d5:05:e0:47:33:eb:d7:2e:ac:ad:84:be:f7:f6:a6:70:
60:73:f0:56:9f:64:d0:c1:9c:5b:a2:a4:1f:96:39:3d:f4:f0:
eb:bc:2e:83:f2:e2:5a:77:cf:f3:05:d4:6f:ac:ca:19:f2:72:
5b:0c:99:a5:d5:ad:ce:1a:aa:4a:91:3f:f1:7d:9f:52:21:99:
30:25:d5:c8:b9:64:cc:b8:92:70:46:f6:b5:ab:2b:17:32:7b:
0d:6d:40:2d:ba:92:80:40:aa:a9:54:42:48:82:e3:f2:99:a3:
44:7a:e8:f3:ab:08:b1:56:08:b3:5e:56:e4:30:2d:f8:6d:bb:
64:25:2e:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOGHo+SC1YQDKvT+mxaQdvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQxMjAyMDY0NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjAyNGU2ZWRhZTJkODgwMDJmZjNjMWQ5OWY0YzFiMWFmYzk3OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zOtgaSk0dvhpDekQpoDo2jNxgVa
h0i6rdPmc/OVCVbwcdsLWT5ETQ1XQDPNBOiA7jlVRiSQjVDIuH/lgGOY6RrUjczV
dwj0kBqUWfXRQusGDGQfBy/EIRO1PESSskzLQn7tWYc4qUqtP4Ff+Xoq57z3Ecok
4CPpXrCaVb1KadZ7aRnq0tZwd+EQ5cxYEVHVL8jtd9Q3hl5c645cdVRuBx7pNsKn
iZmid4XuOVgoRaz4MkRUNGwGisfSCRHJLqdnIvtp/8YbgQgYT1MnRGk05KT8Yz30
sN4igPZup7R2s7kwOXFG8DcMqp8aDSofGrWUwEJTEPyx/zI6BeYDsrhAsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFICTm7a4tiAAv88HZn0wbGvyXkXMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvVWdKT2J0cmkySUFDX3p3ZG1mVEJzYV9KZVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBQg4AwQC
LZzUAwQBLqEMMA0GCSqGSIb3DQEBCwUAA4IBAQAJKXInwstG2k05g4ZbjDbgnhUe
zLM6lpD5e87ZF8rq4nG1+DXBh3Fw57whedW+ZGG4nx3z3PNuPbrqf8o35dgeyns+
vxUC5+cf2xWx06i+Crg/SyEuhvEaIml5Pe8IcazIWFBkafNAVIFwMF+8A0ZFKL1Z
JLefuUWevUAAR6w/7tUF4Ecz69curK2Evvf2pnBgc/BWn2TQwZxboqQfljk99PDr
vC6D8uJad8/zBdRvrMoZ8nJbDJml1a3OGqpKkT/xfZ9SIZkwJdXIuWTMuJJwRva1
qysXMnsNbUAtupKAQKqpVEJIguPymaNEeujzqwixVgizXlbkMC34bbtkJS7q
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:00:57 2025 by rpki-client