Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/UFPIlC6h3qbd3gx_0EBEZUMCrwA.roa
File: UFPIlC6h3qbd3gx_0EBEZUMCrwA.roa (raw, json)
Hash identifier: qYkkIZODU+0d114QQhpPxuN6Otnd9jTP4XJeaYaGV/I=
Subject key identifier: 50:53:C8:94:2E:A1:DE:A6:DD:DE:0C:7F:D0:40:44:65:43:02:AF:00
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 018D5FBFB71257D883E19D2BFED69008C5C9
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/UFPIlC6h3qbd3gx_0EBEZUMCrwA.roa
Signing time: Wed 31 Jan 2024 13:40:16 +0000
ROA not before: Wed 31 Jan 2024 13:40:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.199.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 12:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:bf:b7:12:57:d8:83:e1:9d:2b:fe:d6:90:08:c5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Jan 31 13:40:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5053c8942ea1dea6ddde0c7fd04044654302af00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:77:97:e1:b9:35:27:bd:7f:d4:d4:1a:22:5f:
01:00:3b:c2:db:b5:68:c5:93:ef:2f:e6:35:41:05:
9b:77:58:55:c6:90:d7:3a:72:b5:ad:b6:11:98:73:
d1:e0:ad:a6:cc:63:64:aa:f9:15:58:df:1b:fd:be:
7a:6b:80:af:df:0a:1e:27:a8:e1:d6:35:45:28:f2:
d2:44:f6:4c:8b:52:71:4a:91:9c:c5:36:dd:fc:37:
87:9d:1b:da:50:c1:01:65:6a:37:4b:c2:52:40:51:
43:b4:af:77:9a:fe:56:b0:5d:21:22:5a:c7:5c:fb:
fb:4c:26:8d:3d:f2:42:39:62:6d:20:be:91:1b:e9:
06:2e:04:7e:fa:ee:02:c3:eb:fb:79:ae:51:ad:2b:
63:4e:f4:e2:26:0a:a8:83:5f:0c:6b:3a:93:03:e9:
74:09:c4:12:f0:57:61:4f:3d:7e:85:63:aa:86:00:
18:51:25:d2:0a:f9:2b:b0:e9:67:2d:0d:a4:ce:8d:
68:9e:d9:be:8c:b9:34:2a:51:bb:82:02:90:b9:06:
4b:97:22:7b:20:42:08:30:9a:21:55:cf:3f:c0:65:
c5:6b:d5:d0:c6:ac:f7:f3:c4:ee:e8:be:93:5d:c6:
d6:30:3d:c0:67:8f:02:dc:f5:1f:59:02:18:b5:54:
09:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:53:C8:94:2E:A1:DE:A6:DD:DE:0C:7F:D0:40:44:65:43:02:AF:00
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/UFPIlC6h3qbd3gx_0EBEZUMCrwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.199.29.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:13:4c:7c:c9:2b:c7:b5:ca:81:08:3c:7c:75:24:c4:a1:53:
1e:a4:01:ff:cc:1d:72:ef:64:7a:83:8c:6b:44:08:c1:54:1f:
15:00:fb:68:a4:27:f4:4f:a6:56:e2:e1:5c:d7:54:e6:ed:99:
ce:22:61:42:2a:81:03:9d:44:6f:70:b0:8a:b7:03:d2:01:6e:
c2:67:1b:56:b2:cd:85:76:a4:c8:42:f3:52:14:7d:fd:df:ed:
51:05:e8:70:98:6a:f4:4b:ac:3a:2f:5b:7b:a2:cf:b2:79:6a:
e2:4d:15:73:c3:de:71:13:4e:43:a6:06:13:22:f2:ef:62:ba:
2d:fe:df:24:de:15:49:0a:7f:ae:d6:38:5c:bf:7c:19:bc:12:
50:3b:85:8c:f3:d2:94:33:40:d8:2b:81:3e:6b:b0:0f:fc:dd:
34:e1:13:fd:94:db:ff:a1:3c:5b:87:0f:1f:42:b6:b4:9c:f4:
f2:22:df:8e:ff:e8:b1:56:dc:bf:93:1a:98:d2:b2:67:8c:ae:
6b:15:fd:a9:6f:9c:f9:4c:59:b7:c0:22:f1:cc:52:8c:d7:61:
9b:9d:6a:0b:73:49:bf:a1:f1:e2:cd:f3:b9:5b:25:ee:7e:66:
af:4c:c9:62:cf:81:32:a3:0c:43:5d:90:fc:9d:1b:63:92:ae:
84:b9:67:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1fv7cSV9iD4Z0r/taQCMXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjQwMTMxMTM0MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDUzYzg5NDJlYTFkZWE2ZGRkZTBjN2ZkMDQwNDQ2NTQzMDJhZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0neX4bk1J71/1NQaIl8BADvC27Vo
xZPvL+Y1QQWbd1hVxpDXOnK1rbYRmHPR4K2mzGNkqvkVWN8b/b56a4Cv3woeJ6jh
1jVFKPLSRPZMi1JxSpGcxTbd/DeHnRvaUMEBZWo3S8JSQFFDtK93mv5WsF0hIlrH
XPv7TCaNPfJCOWJtIL6RG+kGLgR++u4Cw+v7ea5RrStjTvTiJgqog18MazqTA+l0
CcQS8FdhTz1+hWOqhgAYUSXSCvkrsOlnLQ2kzo1ontm+jLk0KlG7ggKQuQZLlyJ7
IEIIMJohVc8/wGXFa9XQxqz388Tu6L6TXcbWMD3AZ48C3PUfWQIYtVQJTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBTyJQuod6m3d4Mf9BARGVDAq8AMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvVUZQSWxDNmgzcWJkM2d4XzBFQkVaVU1DcndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUccdMA0G
CSqGSIb3DQEBCwUAA4IBAQAaE0x8ySvHtcqBCDx8dSTEoVMepAH/zB1y72R6g4xr
RAjBVB8VAPtopCf0T6ZW4uFc11Tm7ZnOImFCKoEDnURvcLCKtwPSAW7CZxtWss2F
dqTIQvNSFH393+1RBehwmGr0S6w6L1t7os+yeWriTRVzw95xE05DpgYTIvLvYrot
/t8k3hVJCn+u1jhcv3wZvBJQO4WM89KUM0DYK4E+a7AP/N004RP9lNv/oTxbhw8f
Qra0nPTyIt+O/+ixVty/kxqY0rJnjK5rFf2pb5z5TFm3wCLxzFKM12GbnWoLc0m/
ofHizfO5WyXufmavTMliz4EyowxDXZD8nRtjkq6EuWct
-----END CERTIFICATE-----
Generated at Thu Apr 11 16:20:20 2024 by rpki-client on console-ams.rpki-client.org