Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/UBh8blxz-61P11kkm1avE0iEnjc.roa
File: UBh8blxz-61P11kkm1avE0iEnjc.roa (raw, json)
Hash identifier: 5O9yooZkXbsPwuGM+oN+WEq5/+ioW9k8hrRVpRtKaqc=
Subject key identifier: 50:18:7C:6E:5C:73:FB:AD:4F:D7:59:24:9B:56:AF:13:48:84:9E:37
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 01941E631B0A8A58810AFA70C3B8884B1E87
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/UBh8blxz-61P11kkm1avE0iEnjc.roa
Signing time: Tue 31 Dec 2024 20:23:18 +0000
ROA not before: Tue 31 Dec 2024 20:23:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215304
IP address blocks: 45.87.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1e:63:1b:0a:8a:58:81:0a:fa:70:c3:b8:88:4b:1e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Dec 31 20:23:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50187c6e5c73fbad4fd759249b56af1348849e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:30:d5:b5:9a:0e:b2:f3:c9:1d:74:a2:fb:4f:
35:44:ed:65:c2:d2:80:f8:c0:a8:51:f1:23:87:70:
b6:e4:6e:19:81:d2:0f:51:09:f9:14:2d:c9:53:3a:
f2:6d:74:1c:f1:69:af:63:58:d0:ff:51:79:96:9a:
28:01:9a:db:c5:12:0a:6c:1b:e2:64:47:4b:90:c0:
a0:00:53:57:d9:ff:44:ea:76:b8:da:43:01:bb:d1:
26:89:65:58:74:ed:b3:0b:a7:75:4e:ca:86:00:fd:
86:f0:df:6a:85:7b:5b:ad:21:2b:e8:08:1a:ab:32:
61:89:54:92:66:b2:60:a5:b9:37:30:ec:e8:f7:46:
8d:6d:2e:23:21:92:22:6f:ac:76:b7:56:2c:f2:f8:
bd:39:c6:61:5c:40:33:48:27:8e:54:02:97:d8:fc:
1f:41:4d:6c:63:dc:f3:eb:2b:1f:16:b4:c7:fb:d8:
a1:af:00:0a:01:7b:52:bf:39:cb:ee:fc:84:be:5b:
95:80:11:0b:20:5e:c1:e7:ce:9c:b7:ed:8f:22:b2:
16:0f:de:c6:f7:77:a1:a5:98:a4:c5:85:09:92:79:
d6:bb:f0:b6:58:63:df:88:62:e5:61:51:d5:5c:c2:
55:5e:7c:09:fd:fd:01:96:1c:d1:0c:f3:fb:e1:f9:
f5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:18:7C:6E:5C:73:FB:AD:4F:D7:59:24:9B:56:AF:13:48:84:9E:37
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/UBh8blxz-61P11kkm1avE0iEnjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.101.0/24
Signature Algorithm: sha256WithRSAEncryption
91:71:d2:60:ae:fd:3d:d5:a5:d0:b3:d2:75:f4:c0:63:9b:e7:
0d:86:3c:29:26:07:e4:02:ee:d8:8b:68:5a:06:4b:dc:71:b0:
49:29:6f:b7:2b:f8:b9:9d:fc:00:e4:d3:52:a8:7c:a2:67:f3:
d0:42:f8:29:04:2c:41:49:9a:58:34:5b:18:fe:a0:60:4f:2e:
fd:9f:f0:66:2e:4c:d1:09:4a:0a:43:40:05:13:e5:c8:63:44:
16:0a:c4:38:b4:e8:b8:14:89:1f:8d:60:09:31:b4:5d:54:dc:
82:98:9f:e5:84:63:51:08:01:e9:ee:ce:74:b8:e1:79:9d:17:
a5:1a:5b:25:db:dd:4b:03:55:f6:30:3c:c2:d3:af:3b:5e:61:
21:77:59:7c:5b:2c:d9:b0:bc:a9:41:fc:e6:dd:aa:7e:e4:b7:
75:59:ba:2e:07:68:9a:7d:a1:bc:32:4b:56:8a:85:55:7d:1e:
9e:7c:d2:7c:4b:89:30:bc:e8:61:ab:4c:fd:38:04:12:dc:ea:
31:bd:61:7a:b2:cf:d5:fd:06:b8:18:b0:4e:47:93:5b:92:8d:
50:ef:38:67:a9:5c:64:59:45:a8:97:10:7b:0e:4f:af:2b:48:
83:50:72:1b:54:3c:c3:b0:b1:bf:aa:f0:1d:a9:db:03:67:74:
2d:98:f7:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQeYxsKiliBCvpww7iISx6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjQxMjMxMjAyMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDE4N2M2ZTVjNzNmYmFkNGZkNzU5MjQ5YjU2YWYxMzQ4ODQ5ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzDVtZoOsvPJHXSi+081RO1lwtKA
+MCoUfEjh3C25G4ZgdIPUQn5FC3JUzrybXQc8WmvY1jQ/1F5lpooAZrbxRIKbBvi
ZEdLkMCgAFNX2f9E6na42kMBu9EmiWVYdO2zC6d1TsqGAP2G8N9qhXtbrSEr6Aga
qzJhiVSSZrJgpbk3MOzo90aNbS4jIZIib6x2t1Ys8vi9OcZhXEAzSCeOVAKX2Pwf
QU1sY9zz6ysfFrTH+9ihrwAKAXtSvznL7vyEvluVgBELIF7B586ct+2PIrIWD97G
93ehpZikxYUJknnWu/C2WGPfiGLlYVHVXMJVXnwJ/f0BlhzRDPP74fn1NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAYfG5cc/utT9dZJJtWrxNIhJ43MB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvVUJoOGJseHotNjFQMTFra20xYXZFMGlFbmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdlMA0G
CSqGSIb3DQEBCwUAA4IBAQCRcdJgrv091aXQs9J19MBjm+cNhjwpJgfkAu7Yi2ha
BkvccbBJKW+3K/i5nfwA5NNSqHyiZ/PQQvgpBCxBSZpYNFsY/qBgTy79n/BmLkzR
CUoKQ0AFE+XIY0QWCsQ4tOi4FIkfjWAJMbRdVNyCmJ/lhGNRCAHp7s50uOF5nRel
Glsl291LA1X2MDzC0687XmEhd1l8WyzZsLypQfzm3ap+5Ld1WbouB2iafaG8MktW
ioVVfR6efNJ8S4kwvOhhq0z9OAQS3OoxvWF6ss/V/Qa4GLBOR5Nbko1Q7zhnqVxk
WUWolxB7Dk+vK0iDUHIbVDzDsLG/qvAdqdsDZ3QtmPf5
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:26:01 2025 by rpki-client