Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/uEJ5Iw32jnkpLS5IEV3meryJM9s.roa
File: uEJ5Iw32jnkpLS5IEV3meryJM9s.roa (raw, json)
Hash identifier: ueRQFH/rYBCwC0gai7opOCn6Z3z2oGssJxas0ukeijY=
Subject key identifier: B8:42:79:23:0D:F6:8E:79:29:2D:2E:48:11:5D:E6:7A:BC:89:33:DB
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01925D37283BAF397F40530F966E768830FC
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/uEJ5Iw32jnkpLS5IEV3meryJM9s.roa
Signing time: Sat 05 Oct 2024 15:05:48 +0000
ROA not before: Sat 05 Oct 2024 15:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 147.78.68.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 28 Oct 2024 20:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5d:37:28:3b:af:39:7f:40:53:0f:96:6e:76:88:30:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 5 15:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b84279230df68e79292d2e48115de67abc8933db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5b:d0:6d:f2:9c:92:a9:c2:d3:fc:d8:c2:06:
8a:b5:f4:bf:cd:b8:e8:51:22:ed:e9:d2:d4:ed:dc:
54:d0:7d:5d:ef:6a:9b:d4:09:27:36:98:f7:09:b7:
95:9d:5e:f8:36:85:70:81:76:20:9f:35:5f:98:20:
64:3c:c8:94:cf:96:fa:73:40:95:f8:7e:5e:d1:5f:
28:63:21:b6:49:59:f1:39:7a:02:62:17:68:28:ff:
d7:dd:bc:d3:38:31:4e:82:73:ab:5a:07:04:3a:e3:
a7:7d:67:ab:2a:cb:ff:d6:27:07:1b:a0:ae:fe:9b:
0c:67:7b:61:11:98:95:76:7e:9a:e3:c7:a9:cd:76:
6d:87:ff:f8:0d:96:79:ad:05:86:b3:cf:a8:b4:bc:
a5:c3:91:03:bb:78:52:4d:4a:cf:f7:97:5c:59:69:
d1:37:7f:06:8a:c4:10:f7:de:8c:41:4a:24:f2:b4:
92:a7:41:3c:47:8a:42:e7:65:84:4c:a9:d7:2a:2d:
4d:88:79:05:91:87:6e:e9:f9:f7:67:85:ce:db:07:
fb:37:41:d0:9d:6b:1c:58:8c:6b:16:0e:66:74:90:
43:23:72:6c:37:82:1d:1d:2f:16:7d:20:9d:4f:78:
e3:3f:ea:6b:9f:02:19:2c:f1:5e:99:a2:ad:1c:23:
15:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:42:79:23:0D:F6:8E:79:29:2D:2E:48:11:5D:E6:7A:BC:89:33:DB
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/uEJ5Iw32jnkpLS5IEV3meryJM9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
48:c0:a1:83:9e:e1:6c:94:29:3b:f5:b8:b3:8b:91:6d:01:30:
be:d6:50:2d:f1:67:18:ca:ce:08:98:0e:8c:7e:84:8d:ea:01:
4e:18:2f:d3:67:ae:6b:bc:c2:7d:a5:3d:3f:45:df:fc:5a:b6:
3c:76:42:90:22:35:15:ed:78:63:09:63:23:b3:8d:08:74:29:
85:94:78:24:0f:7e:98:44:1a:7a:7e:a8:36:e2:9a:77:25:8f:
34:bb:a6:a9:11:c9:18:7b:98:b1:48:21:b0:60:10:8a:00:80:
7b:8b:cc:d9:94:cd:7a:39:e7:91:ec:68:a9:21:8b:3d:d3:99:
22:f6:b0:18:45:0d:2b:7d:3f:2a:04:db:0d:28:62:2a:b8:81:
8e:c7:a2:13:66:c6:f1:6e:91:3f:8b:c7:74:80:8c:9e:4e:aa:
29:28:c2:cc:9a:26:f6:a4:3c:0b:4b:89:59:33:e5:d6:1c:69:
be:4c:f6:c3:9d:b1:e9:4d:f0:ab:eb:93:cc:e2:50:11:f8:ad:
51:89:0a:35:66:4f:2a:73:b3:58:3a:5b:4b:76:1e:ea:40:5d:
94:1b:70:78:1d:2b:c4:c6:25:3a:fd:13:78:01:29:fa:8e:a0:
2a:e7:18:d1:5c:72:4b:1d:df:a9:07:81:b7:e9:85:9e:19:d9:
07:4b:13:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJdNyg7rzl/QFMPlm52iDD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMDA1MTUwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODQyNzkyMzBkZjY4ZTc5MjkyZDJlNDgxMTVkZTY3YWJjODkzM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FvQbfKckqnC0/zYwgaKtfS/zbjo
USLt6dLU7dxU0H1d72qb1AknNpj3CbeVnV74NoVwgXYgnzVfmCBkPMiUz5b6c0CV
+H5e0V8oYyG2SVnxOXoCYhdoKP/X3bzTODFOgnOrWgcEOuOnfWerKsv/1icHG6Cu
/psMZ3thEZiVdn6a48epzXZth//4DZZ5rQWGs8+otLylw5EDu3hSTUrP95dcWWnR
N38GisQQ996MQUok8rSSp0E8R4pC52WETKnXKi1NiHkFkYdu6fn3Z4XO2wf7N0HQ
nWscWIxrFg5mdJBDI3JsN4IdHS8WfSCdT3jjP+prnwIZLPFemaKtHCMVMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLhCeSMN9o55KS0uSBFd5nq8iTPbMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvdUVKNUl3MzJqbmtwTFM1SUVWM21lcnlKTTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCk05EAwQC
wbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQBIwKGDnuFslCk79bizi5FtATC+
1lAt8WcYys4ImA6MfoSN6gFOGC/TZ65rvMJ9pT0/Rd/8WrY8dkKQIjUV7XhjCWMj
s40IdCmFlHgkD36YRBp6fqg24pp3JY80u6apEckYe5ixSCGwYBCKAIB7i8zZlM16
OeeR7GipIYs905ki9rAYRQ0rfT8qBNsNKGIquIGOx6ITZsbxbpE/i8d0gIyeTqop
KMLMmib2pDwLS4lZM+XWHGm+TPbDnbHpTfCr65PM4lAR+K1RiQo1Zk8qc7NYOltL
dh7qQF2UG3B4HSvExiU6/RN4ASn6jqAq5xjRXHJLHd+pB4G36YWeGdkHSxPy
-----END CERTIFICATE-----
Generated at Mon Oct 28 22:57:01 2024 by rpki-client on console-ams.rpki-client.org