Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/13a680-f698-4c97-9bb6-12701ab51acf/1/uSBUU8DK2pEPgoZ0l2rx63Gv27I.roa
File: uSBUU8DK2pEPgoZ0l2rx63Gv27I.roa (raw, json)
Hash identifier: xWb1lnA7C7aiwaylQadZfnz+5md5vRjwxbtupPIppl0=
Subject key identifier: B9:20:54:53:C0:CA:DA:91:0F:82:86:74:97:6A:F1:EB:71:AF:DB:B2
Certificate issuer: /CN=ca9e20d1034b44ef75e95fdf7eb88815b6f7d2f8
Certificate serial: 018CC2DAF61178DE281069863B68AB528AC5
Authority key identifier: CA:9E:20:D1:03:4B:44:EF:75:E9:5F:DF:7E:B8:88:15:B6:F7:D2:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yp4g0QNLRO916V_ffriIFbb30vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/13a680-f698-4c97-9bb6-12701ab51acf/1/uSBUU8DK2pEPgoZ0l2rx63Gv27I.roa
Signing time: Mon 01 Jan 2024 02:29:38 +0000
ROA not before: Mon 01 Jan 2024 02:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8412
IP address blocks: 185.26.188.0/22 maxlen: 22
185.26.188.0/24 maxlen: 24
185.26.189.0/24 maxlen: 24
185.26.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f6:11:78:de:28:10:69:86:3b:68:ab:52:8a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9e20d1034b44ef75e95fdf7eb88815b6f7d2f8
Validity
Not Before: Jan 1 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9205453c0cada910f828674976af1eb71afdbb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ee:93:90:72:b7:05:f9:93:29:fe:41:bc:1b:
0c:7a:7c:72:49:9a:31:89:3c:d0:1d:96:b1:e4:26:
36:7c:f2:b9:b5:02:80:0e:10:98:fc:c2:2b:ae:9f:
fb:55:d2:72:4b:74:80:28:c3:5e:48:a5:9b:e4:c5:
07:4e:08:8e:9b:8a:c3:35:d2:63:36:e9:90:dd:f2:
ec:ca:95:0e:c1:6c:d8:b6:46:cd:a5:4e:4f:75:37:
41:4c:bc:ac:7d:f3:dd:c4:0b:51:27:11:e2:81:dd:
69:ca:4b:b4:e2:a9:54:16:76:62:23:8f:f2:3f:bd:
1d:2c:b3:c7:2c:09:d0:19:91:a1:d3:cc:cd:f1:76:
7b:a0:f5:65:b5:f3:fc:25:24:a6:19:68:26:3d:a7:
71:0c:e5:24:59:2f:e4:94:55:b3:58:5e:fa:00:9c:
68:12:27:84:d7:d3:b4:e0:81:61:12:ab:4a:c9:05:
e6:eb:f3:5e:d4:10:c6:d1:4d:5b:f8:d2:eb:b8:25:
bf:44:2c:6e:8b:81:cc:9c:f4:57:84:d0:64:cd:30:
ef:5e:10:8a:08:fd:5d:5e:c8:52:db:95:88:d8:0f:
9f:0c:d6:a6:65:c7:fd:71:6f:d0:37:55:47:8d:bd:
a8:44:cd:18:d2:ec:65:28:b0:11:b0:7e:f9:17:bd:
08:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:20:54:53:C0:CA:DA:91:0F:82:86:74:97:6A:F1:EB:71:AF:DB:B2
X509v3 Authority Key Identifier:
keyid:CA:9E:20:D1:03:4B:44:EF:75:E9:5F:DF:7E:B8:88:15:B6:F7:D2:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yp4g0QNLRO916V_ffriIFbb30vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/13a680-f698-4c97-9bb6-12701ab51acf/1/uSBUU8DK2pEPgoZ0l2rx63Gv27I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/13a680-f698-4c97-9bb6-12701ab51acf/1/yp4g0QNLRO916V_ffriIFbb30vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.188.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:37:4b:4b:f3:87:6b:16:b1:b1:5a:36:24:81:3e:58:94:f2:
f6:2a:77:38:17:4f:3d:ad:b9:1d:41:bd:4b:d0:db:ca:ad:42:
c6:a4:05:fe:48:36:dd:8c:b2:8a:7f:e8:fe:fc:e4:39:d6:08:
37:93:b8:b6:5e:dc:04:40:db:93:7d:08:48:77:39:05:cf:7a:
54:a7:3f:ba:fa:6c:33:ca:f0:78:31:71:0e:ab:a7:53:4f:d8:
0a:ba:18:6d:6a:71:ff:62:83:4e:53:cf:7b:1a:6c:42:fe:ce:
34:d7:97:6e:bf:04:cd:8e:e5:69:92:e8:25:09:0b:d3:38:35:
83:ab:00:24:5d:1a:ae:c3:82:3f:06:52:6e:4c:bc:21:85:9a:
28:06:57:5a:0c:a0:db:30:17:d2:6f:40:72:94:f2:0d:25:4f:
35:5c:64:24:1a:8d:ae:a7:37:10:55:37:ac:31:8d:d3:11:ae:
cb:eb:4d:24:da:f5:b0:11:83:f4:0b:1c:5f:54:d9:6f:bb:08:
84:97:f1:20:e5:66:9c:d5:77:ec:a1:5d:4e:f3:fe:09:fc:3b:
d4:42:e5:07:46:18:e7:f3:da:03:f7:97:d2:b6:7f:bc:41:33:
7a:88:20:c8:72:54:bf:b8:aa:db:95:74:de:85:16:0e:da:9f:
29:0f:c3:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2vYReN4oEGmGO2irUorFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWUyMGQxMDM0YjQ0ZWY3NWU5NWZkZjdlYjg4ODE1YjZm
N2QyZjgwHhcNMjQwMTAxMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIwNTQ1M2MwY2FkYTkxMGY4Mjg2NzQ5NzZhZjFlYjcxYWZkYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO6TkHK3BfmTKf5BvBsMenxySZox
iTzQHZax5CY2fPK5tQKADhCY/MIrrp/7VdJyS3SAKMNeSKWb5MUHTgiOm4rDNdJj
NumQ3fLsypUOwWzYtkbNpU5PdTdBTLysffPdxAtRJxHigd1pyku04qlUFnZiI4/y
P70dLLPHLAnQGZGh08zN8XZ7oPVltfP8JSSmGWgmPadxDOUkWS/klFWzWF76AJxo
EieE19O04IFhEqtKyQXm6/Ne1BDG0U1b+NLruCW/RCxui4HMnPRXhNBkzTDvXhCK
CP1dXshS25WI2A+fDNamZcf9cW/QN1VHjb2oRM0Y0uxlKLARsH75F70IawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLkgVFPAytqRD4KGdJdq8etxr9uyMB8GA1UdIwQY
MBaAFMqeINEDS0Tvdelf3364iBW299L4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXA0ZzBRTkxSTzkxNlZfZmZyaUlGYmIzMHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xM2E2ODAtZjY5OC00Yzk3LTliYjYt
MTI3MDFhYjUxYWNmLzEvdVNCVVU4REsycEVQZ29aMGwycng2M0d2MjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xM2E2ODAtZjY5OC00Yzk3LTliYjYtMTI3MDFhYjUxYWNm
LzEveXA0ZzBRTkxSTzkxNlZfZmZyaUlGYmIzMHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRq8MA0G
CSqGSIb3DQEBCwUAA4IBAQAeN0tL84drFrGxWjYkgT5YlPL2Knc4F089rbkdQb1L
0NvKrULGpAX+SDbdjLKKf+j+/OQ51gg3k7i2XtwEQNuTfQhIdzkFz3pUpz+6+mwz
yvB4MXEOq6dTT9gKuhhtanH/YoNOU897GmxC/s4015duvwTNjuVpkuglCQvTODWD
qwAkXRquw4I/BlJuTLwhhZooBldaDKDbMBfSb0BylPINJU81XGQkGo2upzcQVTes
MY3TEa7L600k2vWwEYP0CxxfVNlvuwiEl/Eg5Wac1XfsoV1O8/4J/DvUQuUHRhjn
89oD95fStn+8QTN6iCDIclS/uKrblXTehRYO2p8pD8M+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:08 2025 by rpki-client