Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/1UhvJTbeSUW-27evowYfP-_JEZE.roa
File: 1UhvJTbeSUW-27evowYfP-_JEZE.roa (raw, json)
Hash identifier: QuXGt9Vee3LFepot13nzaKCaSV6VdR3raNl2b8MVcDo=
Subject key identifier: D5:48:6F:25:36:DE:49:45:BE:DB:B7:AF:A3:06:1F:3F:EF:C9:11:91
Certificate issuer: /CN=6ab449c198cb96637bac1a5b6d51cb31f258bb2c
Certificate serial: 018CC649BF830BDA5B5A005BFFC2E2169A2A
Authority key identifier: 6A:B4:49:C1:98:CB:96:63:7B:AC:1A:5B:6D:51:CB:31:F2:58:BB:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/arRJwZjLlmN7rBpbbVHLMfJYuyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/1UhvJTbeSUW-27evowYfP-_JEZE.roa
Signing time: Mon 01 Jan 2024 18:29:31 +0000
ROA not before: Mon 01 Jan 2024 18:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13008
IP address blocks: 195.72.132.0/24 maxlen: 24
195.72.133.0/24 maxlen: 24
195.72.135.0/24 maxlen: 24
195.72.134.0/24 maxlen: 24
2001:67c:404::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:bf:83:0b:da:5b:5a:00:5b:ff:c2:e2:16:9a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ab449c198cb96637bac1a5b6d51cb31f258bb2c
Validity
Not Before: Jan 1 18:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5486f2536de4945bedbb7afa3061f3fefc91191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:51:a8:be:ab:d4:1e:7d:d1:a5:a0:b6:30:9c:
30:10:89:a9:6f:e8:81:20:b3:21:78:44:7d:de:56:
b6:83:fe:a7:30:ee:92:5c:96:01:91:6f:15:1c:5d:
46:12:e1:94:a7:bb:80:c0:c0:a2:c3:56:4e:70:87:
d0:92:a7:b3:6f:07:52:32:3b:c4:d5:41:27:d7:6e:
dd:29:62:c6:84:7e:42:42:36:7d:3e:64:50:57:85:
47:13:4a:e3:07:81:76:d7:07:9c:7f:32:9f:2d:3e:
4a:1c:a1:40:ec:46:a7:dc:94:a3:b9:73:45:7e:9b:
16:10:9c:df:1b:69:be:a2:10:97:1b:a6:1b:cc:6e:
6b:e7:6a:9d:4a:a8:0b:1c:d2:66:cd:8a:2f:c3:c1:
6b:ff:ed:a0:81:de:7c:3f:0c:c0:50:24:bc:dc:d5:
09:67:4d:df:df:f3:cd:b8:ec:ec:b9:3f:04:dc:74:
f0:24:db:f5:a0:a1:fa:61:4d:d4:ce:cb:55:b4:c8:
3b:d7:f4:2d:a7:15:52:89:c8:6b:71:74:f4:75:1e:
3e:1f:87:62:2f:5f:85:2a:a0:b4:5d:2c:6c:7c:96:
11:fc:8a:ac:a0:66:3c:43:79:c5:0e:47:0a:3b:b3:
90:17:96:e6:37:fd:8b:7d:87:b4:43:b2:31:eb:2e:
d2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:48:6F:25:36:DE:49:45:BE:DB:B7:AF:A3:06:1F:3F:EF:C9:11:91
X509v3 Authority Key Identifier:
keyid:6A:B4:49:C1:98:CB:96:63:7B:AC:1A:5B:6D:51:CB:31:F2:58:BB:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/arRJwZjLlmN7rBpbbVHLMfJYuyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/1UhvJTbeSUW-27evowYfP-_JEZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/arRJwZjLlmN7rBpbbVHLMfJYuyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.72.132.0/22
IPv6:
2001:67c:404::/48
Signature Algorithm: sha256WithRSAEncryption
3f:45:21:6b:9b:c5:10:31:65:70:0a:87:ef:19:3f:59:72:87:
ba:e2:c3:16:22:fe:7a:49:45:ac:4f:c8:8f:82:ce:54:53:ff:
9f:5a:34:ab:5b:65:fe:e0:99:46:aa:42:f8:98:c1:0e:a5:f4:
b3:1e:d8:26:fa:04:70:30:b1:82:20:ac:41:84:03:fe:c0:46:
95:16:e0:30:e4:54:c8:8c:ef:d1:4a:27:f6:2b:3c:f3:92:1f:
b4:ee:11:3d:42:84:98:5d:9e:c4:18:72:2b:01:67:4f:19:46:
ae:68:07:68:e4:dc:01:09:77:21:14:ae:05:cd:2e:77:71:35:
11:e3:42:f4:67:b0:ba:9b:1d:c1:7c:df:ce:2f:4c:0b:19:5b:
f1:4f:39:b1:a7:ab:72:ca:eb:2f:9a:88:eb:0b:97:e6:72:32:
8c:ba:7c:79:b1:7f:81:42:e0:7d:45:4e:63:c8:44:dd:90:90:
60:a6:31:2d:4c:73:ef:da:1b:5a:00:f6:9e:b4:7a:21:a5:98:
63:4a:de:e5:6a:b4:5a:53:0d:61:e4:00:04:01:ae:50:ca:da:
3e:02:e5:f0:88:e3:c1:a3:ac:7c:90:99:77:9b:e1:b4:f7:24:
4f:62:78:27:56:1a:b2:5d:dc:c9:77:ef:82:73:7b:60:73:56:
4e:51:8f:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSb+DC9pbWgBb/8LiFpoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYjQ0OWMxOThjYjk2NjM3YmFjMWE1YjZkNTFjYjMxZjI1
OGJiMmMwHhcNMjQwMTAxMTgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ4NmYyNTM2ZGU0OTQ1YmVkYmI3YWZhMzA2MWYzZmVmYzkxMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1GovqvUHn3RpaC2MJwwEImpb+iB
ILMheER93la2g/6nMO6SXJYBkW8VHF1GEuGUp7uAwMCiw1ZOcIfQkqezbwdSMjvE
1UEn127dKWLGhH5CQjZ9PmRQV4VHE0rjB4F21wecfzKfLT5KHKFA7Ean3JSjuXNF
fpsWEJzfG2m+ohCXG6YbzG5r52qdSqgLHNJmzYovw8Fr/+2ggd58PwzAUCS83NUJ
Z03f3/PNuOzsuT8E3HTwJNv1oKH6YU3UzstVtMg71/QtpxVSichrcXT0dR4+H4di
L1+FKqC0XSxsfJYR/IqsoGY8Q3nFDkcKO7OQF5bmN/2LfYe0Q7Ix6y7SLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNVIbyU23klFvtu3r6MGHz/vyRGRMB8GA1UdIwQY
MBaAFGq0ScGYy5Zje6waW21RyzHyWLssMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXJSSndaakxsbU43ckJwYmJWSExNZkpZdXl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yYjE4N2QtZWRkOC00MGVlLWExN2Mt
ZDY3ZGEzYzY5NjliLzEvMVVodkpUYmVTVVctMjdldm93WWZQLV9KRVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yYjE4N2QtZWRkOC00MGVlLWExN2MtZDY3ZGEzYzY5Njli
LzEvYXJSSndaakxsbU43ckJwYmJWSExNZkpZdXl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCw0iEMA8E
AgACMAkDBwAgAQZ8BAQwDQYJKoZIhvcNAQELBQADggEBAD9FIWubxRAxZXAKh+8Z
P1lyh7riwxYi/npJRaxPyI+CzlRT/59aNKtbZf7gmUaqQviYwQ6l9LMe2Cb6BHAw
sYIgrEGEA/7ARpUW4DDkVMiM79FKJ/YrPPOSH7TuET1ChJhdnsQYcisBZ08ZRq5o
B2jk3AEJdyEUrgXNLndxNRHjQvRnsLqbHcF8384vTAsZW/FPObGnq3LK6y+aiOsL
l+ZyMoy6fHmxf4FC4H1FTmPIRN2QkGCmMS1Mc+/aG1oA9p60eiGlmGNK3uVqtFpT
DWHkAAQBrlDK2j4C5fCI48GjrHyQmXeb4bT3JE9ieCdWGrJd3Ml374Jze2BzVk5R
j8o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:51 2025 by rpki-client