Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/435184-7791-4b54-b9b8-95b271f2e20b/1/uq1nCkw9QCLIVjtvKs71EE90Aog.roa
File: uq1nCkw9QCLIVjtvKs71EE90Aog.roa (raw, json)
Hash identifier: L/lg2H1TxltL4+A/30x8PC+WMGf+GX+mZz1DrHY32K0=
Subject key identifier: BA:AD:67:0A:4C:3D:40:22:C8:56:3B:6F:2A:CE:F5:10:4F:74:02:88
Certificate issuer: /CN=86efb49df2474a6042b9f210bfea861b1b2886ed
Certificate serial: 01856C65E431DD34B61C891861EF2707674C
Authority key identifier: 86:EF:B4:9D:F2:47:4A:60:42:B9:F2:10:BF:EA:86:1B:1B:28:86:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu-0nfJHSmBCufIQv-qGGxsohu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/435184-7791-4b54-b9b8-95b271f2e20b/1/uq1nCkw9QCLIVjtvKs71EE90Aog.roa
Signing time: Sun 01 Jan 2023 08:14:54 +0000
ROA not before: Sun 01 Jan 2023 08:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35701
IP address blocks: 192.109.204.0/24 maxlen: 24
195.234.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e4:31:dd:34:b6:1c:89:18:61:ef:27:07:67:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86efb49df2474a6042b9f210bfea861b1b2886ed
Validity
Not Before: Jan 1 08:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baad670a4c3d4022c8563b6f2acef5104f740288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:12:fe:c2:65:ee:ad:a6:27:03:a4:e1:6e:ba:
21:a3:46:f8:9e:d2:81:78:05:ff:5d:ad:d8:38:95:
b4:dc:6a:a5:fb:70:5c:4b:ba:cb:85:aa:2d:41:aa:
c6:bd:a4:81:47:e3:a8:35:d8:04:c4:ed:ea:7e:6d:
99:15:0b:18:7b:ee:99:5d:2c:d5:fd:45:5a:27:f0:
f8:e2:7b:96:10:9c:cd:c3:fc:22:56:b2:b1:13:29:
da:b8:39:5f:df:4c:0a:3c:6c:6b:7f:7e:c3:cc:2e:
cd:8b:8a:0a:1f:04:ee:19:68:e0:d6:11:99:ec:ab:
47:5d:27:ee:b3:ac:9e:09:35:9b:31:86:8c:fb:ac:
e4:91:91:bd:32:42:4a:f6:2d:49:cf:c3:40:cb:27:
87:2b:15:1c:15:ab:22:5f:5d:f2:69:a9:26:d0:0c:
ba:b3:fd:2e:26:17:2b:b9:42:77:ea:cd:3b:80:e0:
30:47:6c:2d:2a:cf:89:3c:05:83:ca:07:85:5b:09:
3d:52:f7:5a:ab:c2:c8:cc:2c:e8:a8:ab:28:e3:b3:
7b:b2:08:d8:f0:fb:6f:72:57:2b:2e:a9:74:83:22:
fb:2d:9d:3b:c8:3d:6f:d0:55:4b:62:56:68:df:f6:
2c:02:a7:fd:97:5a:13:05:51:b8:30:22:70:c0:e1:
9b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AD:67:0A:4C:3D:40:22:C8:56:3B:6F:2A:CE:F5:10:4F:74:02:88
X509v3 Authority Key Identifier:
keyid:86:EF:B4:9D:F2:47:4A:60:42:B9:F2:10:BF:EA:86:1B:1B:28:86:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu-0nfJHSmBCufIQv-qGGxsohu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/435184-7791-4b54-b9b8-95b271f2e20b/1/uq1nCkw9QCLIVjtvKs71EE90Aog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/435184-7791-4b54-b9b8-95b271f2e20b/1/hu-0nfJHSmBCufIQv-qGGxsohu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.204.0/24
195.234.45.0/24
Signature Algorithm: sha256WithRSAEncryption
94:44:16:b4:b0:50:14:e8:4d:8a:f6:dd:02:12:4d:e8:2c:cd:
9d:ce:a6:a0:29:17:48:b5:fc:a8:39:2e:62:8a:27:24:eb:67:
ab:75:66:52:ac:b2:dd:14:8a:ba:31:4e:f0:74:15:da:94:c5:
44:65:d5:34:e6:7c:4b:b5:08:64:b1:43:97:88:4b:89:af:e6:
72:2e:47:a5:af:86:78:8a:b5:32:0b:32:0a:c5:52:9d:c2:0f:
c7:a3:4e:1d:ff:76:41:47:87:0c:a5:be:2d:d5:42:a6:2a:20:
de:6c:36:5f:ae:84:06:f1:da:25:31:f7:b7:0f:ba:73:db:0e:
d2:31:c0:69:1d:a8:de:36:bf:6a:2f:c9:d7:11:10:4d:8c:76:
0f:49:64:d0:23:45:67:0e:0c:74:e7:28:7a:d6:4b:2d:5f:03:
22:7c:1e:fa:3f:53:71:20:88:55:c6:00:de:7f:a3:ba:59:e5:
72:15:45:9a:ba:82:4f:7d:73:ea:07:d0:5c:bd:05:e8:ac:1c:
b8:08:0d:12:38:b7:a8:4b:fa:66:60:53:3c:b9:4f:af:6c:7a:
61:a3:34:40:26:e7:24:db:9d:3d:f5:29:80:cf:db:12:d4:bc:
97:4d:e6:c7:53:f3:f5:cc:a8:61:71:c0:a1:d4:90:b0:1f:e9:
41:be:3b:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsZeQx3TS2HIkYYe8nB2dMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWZiNDlkZjI0NzRhNjA0MmI5ZjIxMGJmZWE4NjFiMWIy
ODg2ZWQwHhcNMjMwMTAxMDgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFkNjcwYTRjM2Q0MDIyYzg1NjNiNmYyYWNlZjUxMDRmNzQwMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RL+wmXuraYnA6Thbroho0b4ntKB
eAX/Xa3YOJW03Gql+3BcS7rLhaotQarGvaSBR+OoNdgExO3qfm2ZFQsYe+6ZXSzV
/UVaJ/D44nuWEJzNw/wiVrKxEynauDlf30wKPGxrf37DzC7Ni4oKHwTuGWjg1hGZ
7KtHXSfus6yeCTWbMYaM+6zkkZG9MkJK9i1Jz8NAyyeHKxUcFasiX13yaakm0Ay6
s/0uJhcruUJ36s07gOAwR2wtKs+JPAWDygeFWwk9Uvdaq8LIzCzoqKso47N7sgjY
8PtvclcrLql0gyL7LZ07yD1v0FVLYlZo3/YsAqf9l1oTBVG4MCJwwOGbJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLqtZwpMPUAiyFY7byrO9RBPdAKIMB8GA1UdIwQY
MBaAFIbvtJ3yR0pgQrnyEL/qhhsbKIbtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHUtMG5mSkhTbUJDdWZJUXYtcUdHeHNvaHUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80MzUxODQtNzc5MS00YjU0LWI5Yjgt
OTViMjcxZjJlMjBiLzEvdXExbkNrdzlRQ0xJVmp0dktzNzFFRTkwQW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80MzUxODQtNzc5MS00YjU0LWI5YjgtOTViMjcxZjJlMjBi
LzEvaHUtMG5mSkhTbUJDdWZJUXYtcUdHeHNvaHUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwG3MAwQA
w+otMA0GCSqGSIb3DQEBCwUAA4IBAQCURBa0sFAU6E2K9t0CEk3oLM2dzqagKRdI
tfyoOS5iiick62erdWZSrLLdFIq6MU7wdBXalMVEZdU05nxLtQhksUOXiEuJr+Zy
Lkelr4Z4irUyCzIKxVKdwg/Ho04d/3ZBR4cMpb4t1UKmKiDebDZfroQG8dolMfe3
D7pz2w7SMcBpHajeNr9qL8nXERBNjHYPSWTQI0VnDgx05yh61kstXwMifB76P1Nx
IIhVxgDef6O6WeVyFUWauoJPfXPqB9BcvQXorBy4CA0SOLeoS/pmYFM8uU+vbHph
ozRAJuck25099SmAz9sS1LyXTebHU/P1zKhhccCh1JCwH+lBvjvw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:12 2024 by rpki-client on console-ams.rpki-client.org