Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/UWnjRB3JOhAErfEmrOz9axfAQRk.roa
File: UWnjRB3JOhAErfEmrOz9axfAQRk.roa (raw, json)
Hash identifier: Dltaigs50tdnLcuRzNb5hrgCkCOA9QLp3pCWrbZjLfs=
Subject key identifier: 51:69:E3:44:1D:C9:3A:10:04:AD:F1:26:AC:EC:FD:6B:17:C0:41:19
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018CC794A0F62FE372F04CAF0F3D221BD346
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/UWnjRB3JOhAErfEmrOz9axfAQRk.roa
Signing time: Tue 02 Jan 2024 00:30:55 +0000
ROA not before: Tue 02 Jan 2024 00:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51249
IP address blocks: 87.99.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:a0:f6:2f:e3:72:f0:4c:af:0f:3d:22:1b:d3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 00:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5169e3441dc93a1004adf126acecfd6b17c04119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:74:c7:7a:7b:b2:9c:87:da:fb:71:e8:62:e4:
cd:9b:ff:7a:0e:4b:4d:e2:78:b6:92:4b:91:6b:3a:
c3:ea:9b:97:ee:e5:63:e1:d8:d7:89:ae:b3:c3:c5:
8f:40:1a:ee:33:ea:05:86:dd:9a:af:e7:3d:ad:90:
63:1f:a1:9c:cc:b3:88:0e:bd:4d:af:27:dd:50:72:
30:cb:c7:8a:e4:18:82:a5:41:1d:a3:9d:ab:f6:83:
b8:21:90:ef:57:a8:25:2a:47:ca:ef:af:72:68:5a:
a3:a4:30:c0:53:08:c5:02:9f:e1:89:33:b8:f5:e7:
1a:50:15:f0:2e:be:42:ab:98:d5:43:d9:7d:1c:dd:
7c:0c:2d:81:b2:98:5b:9f:90:dc:9f:bf:b1:69:1f:
63:50:cf:c0:a7:73:80:cf:9b:ef:70:58:70:a2:07:
48:94:70:bd:7b:51:fa:67:22:4f:c9:c8:f0:76:66:
ec:b9:7f:4b:d3:57:1f:b2:ab:62:a6:50:89:25:ee:
14:bd:7e:7d:94:6e:7c:c1:01:f2:9a:44:aa:85:e8:
5d:a1:51:c5:fc:a0:7d:62:da:06:77:35:e1:f7:ec:
8f:a2:18:69:65:0f:aa:a4:22:dd:d5:b6:75:3d:46:
2e:c3:3e:86:45:ad:79:44:bc:72:e3:39:a6:43:57:
33:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:69:E3:44:1D:C9:3A:10:04:AD:F1:26:AC:EC:FD:6B:17:C0:41:19
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/UWnjRB3JOhAErfEmrOz9axfAQRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.99.71.0/24
Signature Algorithm: sha256WithRSAEncryption
07:9e:10:57:9d:4d:24:5e:3c:b7:f4:fa:75:f7:7f:7f:ef:74:
92:08:34:c8:55:c8:46:c0:b1:cf:af:e2:40:4f:3a:c9:01:e9:
70:5c:91:df:6d:4d:ea:81:17:a6:47:f0:4d:0e:35:30:a7:bb:
71:57:63:52:ce:2c:0f:99:a8:ec:80:41:2f:4e:27:c4:3d:32:
c5:a4:96:0b:e6:eb:7d:f2:2e:1d:ab:a2:e0:2c:28:5b:0a:81:
e7:82:eb:f9:34:5d:0a:70:3d:bf:9f:1f:f5:81:a2:86:e4:15:
50:a2:b4:52:9b:a4:96:dc:97:81:c2:15:b6:1d:de:58:ce:a0:
2d:34:63:bb:75:11:c0:ef:2d:ec:19:c7:58:1a:2e:43:74:5e:
bb:d5:04:d1:23:4f:24:e5:44:03:e3:62:0b:6c:e4:80:25:31:
7f:e0:94:c0:fe:e5:7d:e2:dc:2e:73:12:cc:8c:aa:4e:c2:da:
6d:0b:73:b5:df:bb:11:5a:16:c2:5d:a0:2f:30:17:81:52:62:
9b:00:ba:8a:f5:77:1c:e2:33:27:c5:d9:64:f2:a7:cf:f8:cf:
b9:0d:93:d1:29:27:94:7e:ba:e0:65:52:41:b8:f5:48:3b:b7:
f8:83:95:a9:ca:f0:56:ba:43:dd:72:d9:4a:05:f8:97:e7:6f:
0d:56:f3:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlKD2L+Ny8EyvDz0iG9NGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjQwMTAyMDAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTY5ZTM0NDFkYzkzYTEwMDRhZGYxMjZhY2VjZmQ2YjE3YzA0MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3THenuynIfa+3HoYuTNm/96DktN
4ni2kkuRazrD6puX7uVj4djXia6zw8WPQBruM+oFht2ar+c9rZBjH6GczLOIDr1N
ryfdUHIwy8eK5BiCpUEdo52r9oO4IZDvV6glKkfK769yaFqjpDDAUwjFAp/hiTO4
9ecaUBXwLr5Cq5jVQ9l9HN18DC2Bsphbn5Dcn7+xaR9jUM/Ap3OAz5vvcFhwogdI
lHC9e1H6ZyJPycjwdmbsuX9L01cfsqtiplCJJe4UvX59lG58wQHymkSqhehdoVHF
/KB9YtoGdzXh9+yPohhpZQ+qpCLd1bZ1PUYuwz6GRa15RLxy4zmmQ1cz1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFp40QdyToQBK3xJqzs/WsXwEEZMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvVVdualJCM0pPaEFFcmZFbXJPejlheGZBUVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV2NHMA0G
CSqGSIb3DQEBCwUAA4IBAQAHnhBXnU0kXjy39Pp1939/73SSCDTIVchGwLHPr+JA
TzrJAelwXJHfbU3qgRemR/BNDjUwp7txV2NSziwPmajsgEEvTifEPTLFpJYL5ut9
8i4dq6LgLChbCoHnguv5NF0KcD2/nx/1gaKG5BVQorRSm6SW3JeBwhW2Hd5YzqAt
NGO7dRHA7y3sGcdYGi5DdF671QTRI08k5UQD42ILbOSAJTF/4JTA/uV94twucxLM
jKpOwtptC3O137sRWhbCXaAvMBeBUmKbALqK9Xcc4jMnxdlk8qfP+M+5DZPRKSeU
frrgZVJBuPVIO7f4g5WpyvBWukPdctlKBfiX528NVvPx
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:28:51 2025 by rpki-client