Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/UD-m-0BhTps34j4vW573dH0tewA.roa
File: UD-m-0BhTps34j4vW573dH0tewA.roa (raw, json)
Hash identifier: EBopGw1sGjItnmXlCcqr2fC8InPA+zxUsHgaeC1md+s=
Subject key identifier: 50:3F:A6:FB:40:61:4E:9B:37:E2:3E:2F:5B:9E:F7:74:7D:2D:7B:00
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 01856E78CCFE9306D0F76298C46AE49D28C0
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/UD-m-0BhTps34j4vW573dH0tewA.roa
Signing time: Sun 01 Jan 2023 17:54:48 +0000
ROA not before: Sun 01 Jan 2023 17:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142275
IP address blocks: 84.33.15.0/24 maxlen: 24
84.33.16.0/23 maxlen: 24
84.33.12.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:cc:fe:93:06:d0:f7:62:98:c4:6a:e4:9d:28:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Jan 1 17:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=503fa6fb40614e9b37e23e2f5b9ef7747d2d7b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2a:b9:ba:84:ec:d5:e4:e0:7a:a8:22:89:d9:
94:d5:38:05:23:a0:2d:e4:04:f0:ba:f2:e2:44:03:
87:81:1a:f6:cf:ef:e6:02:27:12:d5:62:7f:fe:39:
84:1f:0a:26:b1:d2:0f:de:d8:c0:c8:d3:56:86:62:
b1:34:71:3e:75:e1:2b:c4:cd:22:d5:ba:6d:9b:a9:
cd:30:e7:98:1f:7e:f1:a6:1f:15:c8:52:b3:41:61:
51:7d:9f:f4:ef:41:f9:2c:d1:77:ad:5b:e7:b2:a6:
16:1c:1a:f4:b4:97:b8:c6:6c:3e:89:86:85:59:15:
bf:0e:7e:c2:9b:14:57:2a:1d:98:49:31:13:bd:75:
1e:e7:80:49:be:0e:98:da:ad:48:30:a3:b3:16:c8:
08:77:d0:66:16:b2:0c:b8:48:85:d0:9c:f6:a5:68:
ee:cc:df:a2:91:d5:bd:46:7d:b4:ac:59:6f:d2:21:
ae:3b:5b:0d:a7:f8:d7:d2:32:4f:5f:f0:52:60:94:
89:e8:fc:32:f7:88:4e:bc:c4:2a:95:96:ea:b7:4f:
12:04:88:d9:17:86:4a:9e:64:50:ab:54:20:c9:96:
63:42:4d:e5:cb:82:59:1f:76:29:91:ae:67:a0:a0:
0e:6f:7b:15:78:28:4d:c0:0c:b6:3c:c5:8f:55:58:
c9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3F:A6:FB:40:61:4E:9B:37:E2:3E:2F:5B:9E:F7:74:7D:2D:7B:00
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/UD-m-0BhTps34j4vW573dH0tewA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.33.12.0/23
84.33.15.0-84.33.17.255
Signature Algorithm: sha256WithRSAEncryption
4e:c9:3c:ab:97:2d:80:29:ec:48:1d:2c:11:0c:0b:d1:18:32:
87:1e:58:0a:00:75:09:c0:27:90:4b:19:cb:8a:d9:75:cf:c4:
c0:c4:af:6f:70:c3:4f:42:44:ca:a7:d0:5d:0c:27:f9:6c:a8:
a9:7a:65:f6:91:30:2e:eb:d5:77:c7:d8:07:76:d6:eb:33:00:
2a:af:fc:9b:1f:46:bc:e0:dc:e0:86:e2:e3:49:a0:c1:fa:8b:
d6:17:a6:2e:73:c4:b7:ee:79:78:12:2d:4b:62:b4:d5:03:c6:
64:81:4c:b6:5c:eb:55:8d:f2:b0:8a:78:e1:c4:36:68:b6:8f:
d4:26:e7:17:bc:1d:7c:0b:36:0e:42:d2:5b:b7:6b:74:8f:bf:
d4:26:75:e9:ae:82:b9:67:c0:53:46:23:df:6c:2b:f5:03:c1:
a5:95:86:58:d5:9d:41:5d:ea:ce:dd:20:fa:e3:e6:74:b9:05:
5b:46:ee:a6:03:15:e8:9b:72:07:85:5c:3a:6f:a5:d4:74:ba:
e0:28:b2:6b:ec:1a:90:24:41:5a:c3:e7:f8:90:e3:26:f6:5d:
ce:6d:6c:87:7a:9a:1b:a6:b4:5a:30:7d:22:56:0f:40:bb:53:
ec:6b:f6:40:f9:95:97:dd:72:65:d4:a0:18:34:b6:2f:76:ee:
7a:7d:97:cd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVueMz+kwbQ92KYxGrknSjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZWJjOWJmZWYyYjRkMjNmMTk1MTNiZmQ0ZDYwYmI3OThm
NWE1OWQwHhcNMjMwMTAxMTc1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDNmYTZmYjQwNjE0ZTliMzdlMjNlMmY1YjllZjc3NDdkMmQ3YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniq5uoTs1eTgeqgiidmU1TgFI6At
5ATwuvLiRAOHgRr2z+/mAicS1WJ//jmEHwomsdIP3tjAyNNWhmKxNHE+deErxM0i
1bptm6nNMOeYH37xph8VyFKzQWFRfZ/070H5LNF3rVvnsqYWHBr0tJe4xmw+iYaF
WRW/Dn7CmxRXKh2YSTETvXUe54BJvg6Y2q1IMKOzFsgId9BmFrIMuEiF0Jz2pWju
zN+ikdW9Rn20rFlv0iGuO1sNp/jX0jJPX/BSYJSJ6Pwy94hOvMQqlZbqt08SBIjZ
F4ZKnmRQq1QgyZZjQk3ly4JZH3Ypka5noKAOb3sVeChNwAy2PMWPVVjJewIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFA/pvtAYU6bN+I+L1ue93R9LXsAMB8GA1UdIwQY
MBaAFKrryb/vK00j8ZUTv9TWC7eY9aWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2Nzkt
MTFhZmI0OTkyZWVmLzEvVUQtbS0wQmhUcHMzNGo0dlc1NzNkSDB0ZXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2NzktMTFhZmI0OTkyZWVm
LzEvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBVCEMMAwD
BABUIQ8DBAFUIRAwDQYJKoZIhvcNAQELBQADggEBAE7JPKuXLYAp7EgdLBEMC9EY
MoceWAoAdQnAJ5BLGcuK2XXPxMDEr29ww09CRMqn0F0MJ/lsqKl6ZfaRMC7r1XfH
2Ad21uszACqv/JsfRrzg3OCG4uNJoMH6i9YXpi5zxLfueXgSLUtitNUDxmSBTLZc
61WN8rCKeOHENmi2j9Qm5xe8HXwLNg5C0lu3a3SPv9QmdemugrlnwFNGI99sK/UD
waWVhljVnUFd6s7dIPrj5nS5BVtG7qYDFeibcgeFXDpvpdR0uuAosmvsGpAkQVrD
5/iQ4yb2Xc5tbId6mhumtFowfSJWD0C7U+xr9kD5lZfdcmXUoBg0ti927np9l80=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:09 2024 by rpki-client on console-ams.rpki-client.org