Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/udvjgmgqELcZ6NU7fh5aR8PYa0s.roa
File: udvjgmgqELcZ6NU7fh5aR8PYa0s.roa (raw, json)
Hash identifier: jfAer9nPFwIc5poSXAIx3EcxYGoY3qHX8TNYnd9DQ7g=
Subject key identifier: B9:DB:E3:82:68:2A:10:B7:19:E8:D5:3B:7E:1E:5A:47:C3:D8:6B:4B
Certificate issuer: /CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Certificate serial: 0191B8696D4D7A1F7E94EE5C40F4FAFCBBAC
Authority key identifier: 3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/udvjgmgqELcZ6NU7fh5aR8PYa0s.roa
Signing time: Tue 03 Sep 2024 15:03:22 +0000
ROA not before: Tue 03 Sep 2024 15:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50758
IP address blocks: 46.31.160.0/21 maxlen: 24
213.190.12.0/24 maxlen: 24
213.190.13.0/24 maxlen: 24
2a0a:2a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:69:6d:4d:7a:1f:7e:94:ee:5c:40:f4:fa:fc:bb:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Validity
Not Before: Sep 3 15:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9dbe382682a10b719e8d53b7e1e5a47c3d86b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:2d:1c:be:d5:f6:e3:6d:11:d0:b7:c1:60:
eb:23:23:92:d8:49:8e:e5:95:96:f9:42:29:4a:4f:
07:1c:07:5f:f5:c7:42:c5:27:9c:af:55:08:19:c8:
a5:9c:da:33:e3:e3:12:cf:87:45:83:0b:dd:f5:4b:
9a:88:77:ee:d6:a1:47:1c:8c:b2:aa:ed:db:cd:c6:
47:70:bc:f3:9e:5e:14:4a:f8:04:31:04:52:f1:76:
42:18:70:de:77:05:31:21:a9:7a:9e:d2:a3:43:d3:
66:29:d3:86:f3:88:08:7f:36:2e:3c:e4:e1:50:50:
52:69:a6:5c:dd:0f:2e:fd:e4:31:9e:6b:55:d9:be:
5d:f3:01:33:34:4c:07:7c:6c:9f:88:df:a7:ea:c1:
45:6e:45:a9:af:7f:6b:98:73:b4:5d:3b:3c:fe:33:
15:2a:f7:f6:86:5d:60:fe:b5:15:b2:1f:40:0d:86:
8d:23:b5:0d:0f:ba:06:9a:10:c4:49:22:78:df:d1:
d8:6b:a0:2d:60:6e:32:ba:2e:60:3c:79:b3:f1:72:
b2:fe:82:2a:4d:19:5a:1e:bf:0d:aa:07:b8:fb:47:
dc:af:95:20:8f:84:1e:0d:62:b1:0b:81:64:47:c1:
ac:d1:0f:c6:17:dc:7f:a5:5b:f9:e4:a1:d2:b8:f9:
fe:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DB:E3:82:68:2A:10:B7:19:E8:D5:3B:7E:1E:5A:47:C3:D8:6B:4B
X509v3 Authority Key Identifier:
keyid:3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/udvjgmgqELcZ6NU7fh5aR8PYa0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.160.0/21
213.190.12.0/23
IPv6:
2a0a:2a40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:a7:2e:60:2b:97:66:ee:59:a3:48:1f:d5:5e:ff:e8:0d:09:
a0:ce:fa:0a:e9:59:aa:40:ba:a2:99:12:bf:7a:0e:4f:68:40:
0d:27:f0:fb:f1:ae:e1:d8:1b:96:59:34:ce:db:e9:0d:75:a4:
46:8b:07:c8:56:19:4d:70:fe:75:33:3e:b3:92:72:e6:d4:97:
c5:c3:d5:d5:6e:5d:d1:ef:85:db:54:e4:c6:c5:47:b0:97:06:
27:ed:90:9a:10:e7:7d:1e:24:0e:74:70:12:d2:0a:8a:51:18:
94:28:f8:5e:98:6f:75:bb:ec:a5:75:32:35:b7:41:e3:a7:56:
cb:80:11:d8:d5:3a:86:af:4d:ee:eb:8a:b4:56:61:65:af:7d:
c6:84:0c:23:88:64:fd:bd:30:fc:5c:f8:4b:6d:f5:1d:63:23:
9e:19:21:ca:04:1e:4a:ac:0e:4f:2b:41:6b:fe:6c:80:c3:2c:
fd:a0:22:b9:20:bc:ef:9a:9d:f9:a2:ba:0f:c1:3c:a5:e3:e1:
12:ae:30:45:36:13:6d:8e:47:f1:39:1f:96:db:90:40:1e:57:
8d:c7:9f:d5:94:09:b9:4c:49:1c:2f:4e:6f:d1:83:45:8d:ed:
c8:84:63:9d:2d:d3:c0:27:42:31:9b:af:a2:e9:3d:44:41:84:
a5:50:a7:d8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZG4aW1Neh9+lO5cQPT6/LusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDlhMTc3YmI1ZGZiNmVhYmU0Y2FkNzlkZWY4ZjhiMDA1
ZGY2NTYwHhcNMjQwOTAzMTUwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWRiZTM4MjY4MmExMGI3MTllOGQ1M2I3ZTFlNWE0N2MzZDg2YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUctHL7V9uNtEdC3wWDrIyOS2EmO
5ZWW+UIpSk8HHAdf9cdCxSecr1UIGcilnNoz4+MSz4dFgwvd9UuaiHfu1qFHHIyy
qu3bzcZHcLzznl4USvgEMQRS8XZCGHDedwUxIal6ntKjQ9NmKdOG84gIfzYuPOTh
UFBSaaZc3Q8u/eQxnmtV2b5d8wEzNEwHfGyfiN+n6sFFbkWpr39rmHO0XTs8/jMV
Kvf2hl1g/rUVsh9ADYaNI7UND7oGmhDESSJ439HYa6AtYG4yui5gPHmz8XKy/oIq
TRlaHr8Nqge4+0fcr5Ugj4QeDWKxC4FkR8Gs0Q/GF9x/pVv55KHSuPn+4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLnb44JoKhC3GejVO34eWkfD2GtLMB8GA1UdIwQY
MBaAFDvZoXe7Xftuq+TK153vj4sAXfZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUt
ZTM4MDMwYjY5ZDVhLzEvdWR2amdtZ3FFTGNaNk5VN2ZoNWFSOFBZYTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUtZTM4MDMwYjY5ZDVh
LzEvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLh+gAwQB
1b4MMA0EAgACMAcDBQMqCipAMA0GCSqGSIb3DQEBCwUAA4IBAQA+py5gK5dm7lmj
SB/VXv/oDQmgzvoK6VmqQLqimRK/eg5PaEANJ/D78a7h2BuWWTTO2+kNdaRGiwfI
VhlNcP51Mz6zknLm1JfFw9XVbl3R74XbVOTGxUewlwYn7ZCaEOd9HiQOdHAS0gqK
URiUKPhemG91u+yldTI1t0Hjp1bLgBHY1TqGr03u64q0VmFlr33GhAwjiGT9vTD8
XPhLbfUdYyOeGSHKBB5KrA5PK0Fr/myAwyz9oCK5ILzvmp35oroPwTyl4+ESrjBF
NhNtjkfxOR+W25BAHleNx5/VlAm5TEkcL05v0YNFje3IhGOdLdPAJ0Ixm6+i6T1E
QYSlUKfY
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:06:07 2025 by rpki-client