Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/uzjqgeIkSDIv2l0aY4cVREn3y_c.roa
File: uzjqgeIkSDIv2l0aY4cVREn3y_c.roa (raw, json)
Hash identifier: 2GlFHRGoqzueizD/BdGkrX2fb2LG6+CJdLbJIaFQ8js=
Subject key identifier: BB:38:EA:81:E2:24:48:32:2F:DA:5D:1A:63:87:15:44:49:F7:CB:F7
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 018CC6B8A30ADB5B1CF37F4C85059F6ED6F7
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/uzjqgeIkSDIv2l0aY4cVREn3y_c.roa
Signing time: Mon 01 Jan 2024 20:30:38 +0000
ROA not before: Mon 01 Jan 2024 20:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200935
IP address blocks: 212.113.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:a3:0a:db:5b:1c:f3:7f:4c:85:05:9f:6e:d6:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jan 1 20:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb38ea81e22448322fda5d1a6387154449f7cbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:1a:f0:21:06:80:e6:81:b8:02:04:9b:44:
38:08:90:5f:93:14:31:63:29:1d:e7:f7:04:7f:51:
1c:1c:f7:8b:9b:5c:df:a3:65:cc:a0:fd:3e:05:5a:
d0:45:cd:17:dc:f7:aa:cf:51:32:5e:2f:98:34:87:
81:ee:b1:8a:41:29:d1:60:61:7f:69:5f:d6:c4:b2:
3e:d6:3e:da:92:7e:13:09:df:67:cf:ec:3f:2d:c1:
3a:0f:2c:7f:2a:01:8b:99:f2:03:61:d1:d3:6a:17:
af:0e:1b:76:4a:85:17:30:9e:0f:8c:3e:42:6f:43:
c6:c4:17:86:bc:db:16:4e:9b:e0:b4:03:0e:a3:da:
8c:73:2e:c1:84:af:69:e8:97:da:05:51:a3:0a:fe:
4d:f8:8c:b6:78:44:aa:77:34:cb:d4:7a:d4:18:aa:
51:d2:d0:39:55:eb:28:b9:dd:78:4b:5f:85:95:da:
33:f0:66:46:ac:3f:ae:8d:8f:9c:15:ba:53:ae:f4:
f2:95:6d:76:fb:4e:50:98:f7:34:e4:6a:4f:6a:f0:
27:66:db:db:34:07:98:4c:5e:41:72:e6:81:43:ba:
d2:9d:3f:24:13:01:39:6d:3b:9d:41:26:93:99:a5:
10:c3:20:68:8c:eb:c1:c8:3e:95:81:92:41:4d:35:
8a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:38:EA:81:E2:24:48:32:2F:DA:5D:1A:63:87:15:44:49:F7:CB:F7
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/uzjqgeIkSDIv2l0aY4cVREn3y_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.110.0/24
Signature Algorithm: sha256WithRSAEncryption
35:97:f6:cb:e9:8b:d6:79:a8:d7:32:53:76:dc:b9:6d:d2:0f:
09:20:d3:16:b6:d6:38:0d:8f:85:1a:c3:ec:77:28:18:f2:95:
34:10:a7:36:7b:bc:2b:04:61:95:af:ca:b6:5c:f4:48:54:78:
ca:41:89:eb:db:f3:f5:e0:d4:37:94:9e:02:05:42:48:76:30:
da:97:ae:1e:93:9b:52:6f:f2:0f:f6:27:e7:65:81:0a:21:c4:
4c:b1:23:66:15:39:57:bf:30:9d:9b:01:d3:7f:f2:ab:b8:72:
53:4d:ad:8b:cd:9f:3d:0b:94:d7:cd:9c:78:14:83:a7:d5:90:
e2:e7:00:86:de:ac:28:d9:83:ae:db:9b:e9:f4:3f:e7:3c:d9:
c2:1e:90:1c:84:e5:6c:fb:0c:7e:2e:47:b4:60:07:7b:70:74:
b8:07:4e:33:39:4c:14:75:dd:83:56:92:ca:76:29:91:92:42:
5e:ca:94:29:55:04:00:6a:fc:bd:88:16:60:7d:04:d2:96:b3:
d5:fe:5a:e4:0a:b6:62:89:06:cc:37:e3:1c:b0:42:bb:ed:94:
a3:69:69:bc:43:54:ce:78:c5:17:ce:20:0c:67:8f:1c:d2:4b:
9d:84:7e:2e:4a:5a:38:ff:96:0f:07:f8:2c:c5:c6:16:74:c8:
d9:23:38:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuKMK21sc839MhQWfbtb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjQwMTAxMjAzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM4ZWE4MWUyMjQ0ODMyMmZkYTVkMWE2Mzg3MTU0NDQ5ZjdjYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ4a8CEGgOaBuAIEm0Q4CJBfkxQx
Yykd5/cEf1EcHPeLm1zfo2XMoP0+BVrQRc0X3Peqz1EyXi+YNIeB7rGKQSnRYGF/
aV/WxLI+1j7akn4TCd9nz+w/LcE6Dyx/KgGLmfIDYdHTahevDht2SoUXMJ4PjD5C
b0PGxBeGvNsWTpvgtAMOo9qMcy7BhK9p6JfaBVGjCv5N+Iy2eESqdzTL1HrUGKpR
0tA5Vesoud14S1+Fldoz8GZGrD+ujY+cFbpTrvTylW12+05QmPc05GpPavAnZtvb
NAeYTF5BcuaBQ7rSnT8kEwE5bTudQSaTmaUQwyBojOvByD6VgZJBTTWKywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLs46oHiJEgyL9pdGmOHFURJ98v3MB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvdXpqcWdlSWtTREl2MmwwYVk0Y1ZSRW4zeV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1HFuMA0G
CSqGSIb3DQEBCwUAA4IBAQA1l/bL6YvWeajXMlN23Llt0g8JINMWttY4DY+FGsPs
dygY8pU0EKc2e7wrBGGVr8q2XPRIVHjKQYnr2/P14NQ3lJ4CBUJIdjDal64ek5tS
b/IP9ifnZYEKIcRMsSNmFTlXvzCdmwHTf/KruHJTTa2LzZ89C5TXzZx4FIOn1ZDi
5wCG3qwo2YOu25vp9D/nPNnCHpAchOVs+wx+Lke0YAd7cHS4B04zOUwUdd2DVpLK
dimRkkJeypQpVQQAavy9iBZgfQTSlrPV/lrkCrZiiQbMN+McsEK77ZSjaWm8Q1TO
eMUXziAMZ48c0kudhH4uSlo4/5YPB/gsxcYWdMjZIzgq
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:22 2025 by rpki-client