Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/6d9ab5-d1ae-449d-a7e9-1f5f94ce35ee/1/uHZHF5SOv4mkngsLmM1WfhLopNs.roa
File: uHZHF5SOv4mkngsLmM1WfhLopNs.roa (raw, json)
Hash identifier: Q1s3JFP8soFsbAN/fVoJyypTC6P4T7Uxyscx7k+6muI=
Subject key identifier: B8:76:47:17:94:8E:BF:89:A4:9E:0B:0B:98:CD:56:7E:12:E8:A4:DB
Certificate issuer: /CN=e1085b6248bd72076ab421ffa0e3bfef93565e9d
Certificate serial: 018CC7256ECBC9197C8D30D31536FF4A8F2A
Authority key identifier: E1:08:5B:62:48:BD:72:07:6A:B4:21:FF:A0:E3:BF:EF:93:56:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4QhbYki9cgdqtCH_oOO_75NWXp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/6d9ab5-d1ae-449d-a7e9-1f5f94ce35ee/1/uHZHF5SOv4mkngsLmM1WfhLopNs.roa
Signing time: Mon 01 Jan 2024 22:29:28 +0000
ROA not before: Mon 01 Jan 2024 22:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60131
IP address blocks: 185.52.176.0/22 maxlen: 22
46.23.80.0/20 maxlen: 20
2a03:6000::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:6e:cb:c9:19:7c:8d:30:d3:15:36:ff:4a:8f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1085b6248bd72076ab421ffa0e3bfef93565e9d
Validity
Not Before: Jan 1 22:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8764717948ebf89a49e0b0b98cd567e12e8a4db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:01:99:04:06:d6:9a:d1:c0:0e:8a:c1:a1:4f:
53:13:3f:c3:1b:72:67:37:36:5f:05:ab:1a:de:24:
56:b9:6c:6f:74:84:06:e9:07:ca:f5:56:21:a3:d6:
29:00:47:c9:d3:37:bf:72:61:30:c7:ac:66:43:32:
3b:9d:9b:3f:93:b6:66:42:b2:5b:f2:a8:ae:84:0d:
b6:ec:b7:b0:53:99:ef:e4:cb:16:2d:3b:20:e7:28:
0f:62:d1:f0:c2:2a:3e:23:18:df:0e:d8:41:71:ff:
8d:1c:e9:de:08:2b:fd:12:77:24:68:40:af:70:76:
8d:9b:a9:11:88:a7:ad:00:14:86:09:c1:85:a8:93:
ec:c0:26:8a:be:72:73:0d:fe:db:50:4b:53:f3:f1:
98:65:d2:9f:6b:8f:46:10:58:71:78:9e:2e:a5:ee:
f3:01:10:7a:f1:59:42:96:07:e1:53:39:17:4f:f9:
90:00:8e:82:ef:05:23:6d:30:30:d4:5e:5b:96:f0:
f0:a5:27:4e:ec:40:08:d8:2f:4d:75:f1:6d:17:ad:
e3:35:80:2b:fb:68:ee:60:74:d7:20:10:7a:b1:91:
58:13:35:d7:8a:47:98:67:a5:c2:f9:59:92:27:e9:
0a:13:44:52:cf:a9:18:84:61:80:16:36:29:81:16:
6e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:76:47:17:94:8E:BF:89:A4:9E:0B:0B:98:CD:56:7E:12:E8:A4:DB
X509v3 Authority Key Identifier:
keyid:E1:08:5B:62:48:BD:72:07:6A:B4:21:FF:A0:E3:BF:EF:93:56:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4QhbYki9cgdqtCH_oOO_75NWXp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6d9ab5-d1ae-449d-a7e9-1f5f94ce35ee/1/uHZHF5SOv4mkngsLmM1WfhLopNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6d9ab5-d1ae-449d-a7e9-1f5f94ce35ee/1/4QhbYki9cgdqtCH_oOO_75NWXp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.80.0/20
185.52.176.0/22
IPv6:
2a03:6000::/29
Signature Algorithm: sha256WithRSAEncryption
95:a2:73:da:42:64:85:a8:ef:c3:68:23:e6:98:3c:dd:08:d8:
5c:97:a0:6d:18:1d:9b:4e:19:72:a7:3d:a4:76:88:15:9d:2d:
eb:36:d3:29:bc:9e:64:f5:7b:f9:28:45:bf:58:88:39:a8:34:
78:04:b3:a1:ae:f8:a5:b6:45:d9:7b:7d:86:fa:15:bf:86:5d:
f8:cc:c8:33:c5:0e:69:0b:5e:60:67:5b:81:7c:42:a1:19:9b:
83:37:b7:a7:d4:c5:64:42:8d:b7:76:07:c6:94:e5:7f:60:8c:
b8:67:64:71:bb:d6:3a:d6:71:5e:87:e8:b4:2d:bf:90:30:26:
95:9b:da:83:af:01:8c:d2:ea:fc:14:cb:4b:56:56:4f:cc:76:
fa:11:f9:26:fb:3b:6f:59:2f:74:32:61:1c:9e:2f:5e:98:f6:
d6:d4:1e:1f:30:8e:ff:b5:98:14:f6:27:2a:6b:9f:84:0c:37:
47:b5:3f:fd:2d:21:17:05:c5:0e:c6:0c:c7:6a:aa:c3:fd:27:
52:22:9c:7d:e3:6f:e2:1f:bd:cf:db:10:38:04:94:28:61:a2:
6f:c0:ef:23:93:be:fb:a0:8d:66:ab:a4:c0:9a:60:f3:56:c7:
5c:5a:c3:f8:a6:c0:9d:98:c6:a3:99:47:7c:e0:0f:b1:79:d2:
7e:60:b4:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJW7LyRl8jTDTFTb/So8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMDg1YjYyNDhiZDcyMDc2YWI0MjFmZmEwZTNiZmVmOTM1
NjVlOWQwHhcNMjQwMTAxMjIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODc2NDcxNzk0OGViZjg5YTQ5ZTBiMGI5OGNkNTY3ZTEyZThhNGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQGZBAbWmtHADorBoU9TEz/DG3Jn
NzZfBasa3iRWuWxvdIQG6QfK9VYho9YpAEfJ0ze/cmEwx6xmQzI7nZs/k7ZmQrJb
8qiuhA227LewU5nv5MsWLTsg5ygPYtHwwio+IxjfDthBcf+NHOneCCv9EnckaECv
cHaNm6kRiKetABSGCcGFqJPswCaKvnJzDf7bUEtT8/GYZdKfa49GEFhxeJ4upe7z
ARB68VlClgfhUzkXT/mQAI6C7wUjbTAw1F5blvDwpSdO7EAI2C9NdfFtF63jNYAr
+2juYHTXIBB6sZFYEzXXikeYZ6XC+VmSJ+kKE0RSz6kYhGGAFjYpgRZunQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLh2RxeUjr+JpJ4LC5jNVn4S6KTbMB8GA1UdIwQY
MBaAFOEIW2JIvXIHarQh/6Djv++TVl6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFFoYllraTljZ2RxdENIX29PT183NU5XWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy82ZDlhYjUtZDFhZS00NDlkLWE3ZTkt
MWY1Zjk0Y2UzNWVlLzEvdUhaSEY1U092NG1rbmdzTG1NMVdmaExvcE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy82ZDlhYjUtZDFhZS00NDlkLWE3ZTktMWY1Zjk0Y2UzNWVl
LzEvNFFoYllraTljZ2RxdENIX29PT183NU5XWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELhdQAwQC
uTSwMA0EAgACMAcDBQMqA2AAMA0GCSqGSIb3DQEBCwUAA4IBAQCVonPaQmSFqO/D
aCPmmDzdCNhcl6BtGB2bThlypz2kdogVnS3rNtMpvJ5k9Xv5KEW/WIg5qDR4BLOh
rviltkXZe32G+hW/hl34zMgzxQ5pC15gZ1uBfEKhGZuDN7en1MVkQo23dgfGlOV/
YIy4Z2Rxu9Y61nFeh+i0Lb+QMCaVm9qDrwGM0ur8FMtLVlZPzHb6Efkm+ztvWS90
MmEcni9emPbW1B4fMI7/tZgU9icqa5+EDDdHtT/9LSEXBcUOxgzHaqrD/SdSIpx9
42/iH73P2xA4BJQoYaJvwO8jk777oI1mq6TAmmDzVsdcWsP4psCdmMajmUd84A+x
edJ+YLRj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:16 2025 by rpki-client