Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/uu_YoYnvZPmOdlMMWyD_vPauEAw.roa
File: uu_YoYnvZPmOdlMMWyD_vPauEAw.roa (raw, json)
Hash identifier: Z/cfOisdIWlEvODbt+vH+5osAn8VKhnTAJd8Lx3wc4I=
Subject key identifier: BA:EF:D8:A1:89:EF:64:F9:8E:76:53:0C:5B:20:FF:BC:F6:AE:10:0C
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 018CC2DB581C8CEE763D06059FF97FA59379
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/uu_YoYnvZPmOdlMMWyD_vPauEAw.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59508
IP address blocks: 5.159.96.0/22 maxlen: 22
5.159.104.0/21 maxlen: 21
2a09:4140::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:58:1c:8c:ee:76:3d:06:05:9f:f9:7f:a5:93:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baefd8a189ef64f98e76530c5b20ffbcf6ae100c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:94:a9:73:66:84:d5:0a:f2:b9:37:3b:01:
4e:3a:68:81:73:2b:be:28:f7:32:76:1e:58:6b:7b:
5e:c4:99:fc:4d:16:4b:46:99:3a:e8:57:b0:55:16:
ec:8a:24:61:89:2d:e0:ce:aa:e3:4b:76:ea:08:f2:
7c:e4:f2:09:9d:56:ce:14:fd:96:0a:10:8d:a6:ce:
f1:a1:b4:ba:96:71:22:20:16:e6:25:55:e8:f7:99:
74:0d:34:d7:1a:44:12:f5:4a:e6:39:6f:fe:51:fd:
48:74:f7:24:ac:35:e9:d0:30:72:11:27:11:8f:1b:
e3:d6:cb:55:40:ef:18:fc:de:17:5d:46:a6:d0:95:
58:5e:93:c0:ec:4c:41:29:ef:5e:68:58:a7:12:f4:
e3:2d:ad:e7:ff:14:fa:f4:52:a0:a5:de:76:d9:ea:
b9:17:95:60:95:68:dd:e5:8c:aa:f2:98:43:e1:21:
2b:1b:7f:ae:3a:18:0e:b7:6a:48:ef:e6:c7:d7:e6:
25:f3:86:c7:b1:87:55:42:d4:57:11:e6:42:c3:ca:
34:ca:53:27:98:54:d4:c8:75:5a:46:c6:a1:ba:e0:
d6:1b:95:ef:b5:1f:7a:c0:01:47:d7:40:00:c7:18:
bb:6b:10:de:e4:89:d5:8e:57:41:48:30:3b:c2:8e:
80:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:EF:D8:A1:89:EF:64:F9:8E:76:53:0C:5B:20:FF:BC:F6:AE:10:0C
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/uu_YoYnvZPmOdlMMWyD_vPauEAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.96.0/22
5.159.104.0/21
IPv6:
2a09:4140::/29
Signature Algorithm: sha256WithRSAEncryption
0c:cc:34:00:fe:8e:c3:87:7e:2a:92:7d:55:b4:8b:4a:56:9a:
b5:cc:e2:9c:89:0a:ce:38:f5:0a:af:37:90:09:a7:6b:fe:66:
39:2a:c0:c6:2c:3a:1d:ab:55:d6:86:f9:ee:7c:e8:7a:d6:37:
2c:ff:45:f1:1f:e5:a4:e9:7f:22:47:14:60:0d:ba:60:59:c8:
bf:85:47:2c:15:34:d3:ca:df:49:f6:77:8f:24:43:76:68:5b:
66:c6:c7:a2:3c:0b:06:f0:82:ec:26:d9:ea:a1:9c:36:90:44:
42:00:33:04:86:4f:df:25:ab:bf:35:79:62:d3:04:0b:ff:a4:
88:e8:2e:88:a4:b2:b5:45:3c:d2:e8:cd:9b:02:89:92:6b:0f:
6f:bb:bf:46:68:e3:30:bd:2d:e0:00:c4:5c:4b:5f:54:53:92:
f0:1a:4a:56:ec:d8:40:98:ec:b7:03:78:ec:75:6b:6f:12:66:
5e:b0:43:81:7d:58:07:6f:39:b7:7f:ce:92:99:99:06:6d:b8:
d6:78:b4:69:29:7b:a1:f9:b3:8f:84:b7:f5:18:86:34:f5:7c:
4b:1d:4f:35:2a:aa:4f:d2:69:cb:d4:0b:e2:b2:ad:22:f2:cc:
83:ef:b7:a0:4e:7b:1f:6a:18:34:72:01:e8:83:e2:f6:f1:11:
81:2f:c5:6c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC21gcjO52PQYFn/l/pZN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWVmZDhhMTg5ZWY2NGY5OGU3NjUzMGM1YjIwZmZiY2Y2YWUxMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPOUqXNmhNUK8rk3OwFOOmiBcyu+
KPcydh5Ya3texJn8TRZLRpk66FewVRbsiiRhiS3gzqrjS3bqCPJ85PIJnVbOFP2W
ChCNps7xobS6lnEiIBbmJVXo95l0DTTXGkQS9UrmOW/+Uf1IdPckrDXp0DByEScR
jxvj1stVQO8Y/N4XXUam0JVYXpPA7ExBKe9eaFinEvTjLa3n/xT69FKgpd522eq5
F5VglWjd5Yyq8phD4SErG3+uOhgOt2pI7+bH1+Yl84bHsYdVQtRXEeZCw8o0ylMn
mFTUyHVaRsahuuDWG5XvtR96wAFH10AAxxi7axDe5InVjldBSDA7wo6AywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLrv2KGJ72T5jnZTDFsg/7z2rhAMMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvdXVfWW9ZbnZaUG1PZGxNTVd5RF92UGF1RUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBZ9gAwQD
BZ9oMA0EAgACMAcDBQMqCUFAMA0GCSqGSIb3DQEBCwUAA4IBAQAMzDQA/o7Dh34q
kn1VtItKVpq1zOKciQrOOPUKrzeQCadr/mY5KsDGLDodq1XWhvnufOh61jcs/0Xx
H+Wk6X8iRxRgDbpgWci/hUcsFTTTyt9J9nePJEN2aFtmxseiPAsG8ILsJtnqoZw2
kERCADMEhk/fJau/NXli0wQL/6SI6C6IpLK1RTzS6M2bAomSaw9vu79GaOMwvS3g
AMRcS19UU5LwGkpW7NhAmOy3A3jsdWtvEmZesEOBfVgHbzm3f86SmZkGbbjWeLRp
KXuh+bOPhLf1GIY09XxLHU81KqpP0mnL1Avisq0i8syD77egTnsfahg0cgHog+L2
8RGBL8Vs
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:26 2025 by rpki-client