Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/194c8e-e1b6-4aae-b5b2-7981fde6bf39/1/UHS09csqaObC-HbVNwndlkv1gO8.roa
File: UHS09csqaObC-HbVNwndlkv1gO8.roa (raw, json)
Hash identifier: /dPYGgjMrAFfOP70CGZLnObwIo0lBJ7s0x+VishlSv0=
Subject key identifier: 50:74:B4:F5:CB:2A:68:E6:C2:F8:76:D5:37:09:DD:96:4B:F5:80:EF
Certificate issuer: /CN=304a791dc74f2377232fbb07b6ae71240ab9555f
Certificate serial: 018D35240F6C11C2878C3833317998280C7F
Authority key identifier: 30:4A:79:1D:C7:4F:23:77:23:2F:BB:07:B6:AE:71:24:0A:B9:55:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MEp5HcdPI3cjL7sHtq5xJAq5VV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/194c8e-e1b6-4aae-b5b2-7981fde6bf39/1/UHS09csqaObC-HbVNwndlkv1gO8.roa
Signing time: Tue 23 Jan 2024 07:06:11 +0000
ROA not before: Tue 23 Jan 2024 07:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12905
IP address blocks: 62.176.160.0/19 maxlen: 19
185.250.244.0/22 maxlen: 22
2a06:6bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:24:0f:6c:11:c2:87:8c:38:33:31:79:98:28:0c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304a791dc74f2377232fbb07b6ae71240ab9555f
Validity
Not Before: Jan 23 07:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5074b4f5cb2a68e6c2f876d53709dd964bf580ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e3:09:e5:10:3f:b9:9c:42:e5:c2:47:86:0e:
cf:63:f0:d6:da:17:59:56:8e:04:a2:2f:a0:fa:b5:
2d:99:54:b1:c8:43:26:a2:19:03:bc:8d:b5:a8:28:
70:58:71:cf:0a:11:25:1e:4c:53:79:a6:82:ca:b9:
47:5b:98:3c:98:0f:b4:b1:60:ed:ed:fd:38:56:3f:
dd:09:1e:a1:08:b0:21:d0:bf:1c:d1:e4:30:4d:4f:
35:db:98:b0:61:80:0c:46:dc:3e:f1:44:1f:1b:7a:
7f:ec:d4:cd:2d:b2:73:21:a0:da:1a:7f:32:7f:e4:
32:e3:27:e8:65:08:53:f6:d0:34:48:bf:f7:25:7b:
c7:df:b5:59:95:af:52:47:9c:3c:35:fc:6e:ff:61:
a5:42:e7:1c:fb:d0:ab:e3:57:5c:b3:31:ae:a1:8e:
1f:f4:04:56:ca:80:0c:63:7e:ce:58:1c:6d:bd:f5:
3c:4d:28:4f:91:0c:60:ae:64:15:e6:6a:ad:8b:67:
34:e8:bc:fd:4e:83:5e:e3:d1:50:4e:58:c7:e6:1a:
25:2b:c6:b5:9b:3d:8e:a5:bf:d5:05:33:18:70:64:
9c:0b:ff:08:11:8d:17:cb:30:4e:96:26:4d:dc:82:
e5:a8:8a:e6:60:27:7c:9e:16:ba:00:ee:0e:cc:0c:
21:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:74:B4:F5:CB:2A:68:E6:C2:F8:76:D5:37:09:DD:96:4B:F5:80:EF
X509v3 Authority Key Identifier:
keyid:30:4A:79:1D:C7:4F:23:77:23:2F:BB:07:B6:AE:71:24:0A:B9:55:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MEp5HcdPI3cjL7sHtq5xJAq5VV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/194c8e-e1b6-4aae-b5b2-7981fde6bf39/1/UHS09csqaObC-HbVNwndlkv1gO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/194c8e-e1b6-4aae-b5b2-7981fde6bf39/1/MEp5HcdPI3cjL7sHtq5xJAq5VV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.176.160.0/19
185.250.244.0/22
IPv6:
2a06:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
a5:75:a7:6c:92:15:7a:e7:04:a5:89:86:c9:28:a3:a3:3a:f2:
c9:13:b2:12:dd:66:f8:5e:6f:ae:df:e7:0a:0b:ec:b5:20:8b:
64:e5:3b:9e:cb:aa:78:46:ed:bf:01:b0:01:1c:ff:9b:b4:77:
53:97:36:c5:85:d5:ac:8c:06:a7:77:c9:b3:65:2a:5c:88:be:
ab:16:67:68:01:a0:c2:a3:56:4d:6b:98:33:2b:54:6b:db:e0:
b0:0b:c6:a3:91:08:01:eb:8f:67:25:99:9e:6b:61:89:b7:56:
b6:21:0e:d0:20:8b:79:ec:28:f6:13:49:90:11:8e:fb:8a:a9:
a5:82:14:3e:9d:35:47:2b:a4:06:68:8d:3f:04:06:ee:f6:5d:
c7:0f:00:b9:3a:5c:09:22:b5:ac:06:5f:14:57:2d:b2:f2:d2:
d6:ce:73:8b:79:5f:19:ae:23:5c:b4:18:33:f8:67:ce:c4:2a:
f3:9b:7b:3d:95:be:9b:63:20:2e:67:e7:19:4d:a8:73:e8:00:
eb:90:0e:8c:74:91:a4:57:7f:d2:3c:7c:f3:30:93:ff:e2:75:
8c:44:57:fe:3b:67:d6:39:bf:ee:60:df:a2:06:99:a9:35:53:
d0:51:e8:5d:ef:5d:df:84:83:fb:c6:12:fd:08:68:28:e9:4a:
81:c0:f0:26
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY01JA9sEcKHjDgzMXmYKAx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGE3OTFkYzc0ZjIzNzcyMzJmYmIwN2I2YWU3MTI0MGFi
OTU1NWYwHhcNMjQwMTIzMDcwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDc0YjRmNWNiMmE2OGU2YzJmODc2ZDUzNzA5ZGQ5NjRiZjU4MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeMJ5RA/uZxC5cJHhg7PY/DW2hdZ
Vo4Eoi+g+rUtmVSxyEMmohkDvI21qChwWHHPChElHkxTeaaCyrlHW5g8mA+0sWDt
7f04Vj/dCR6hCLAh0L8c0eQwTU8125iwYYAMRtw+8UQfG3p/7NTNLbJzIaDaGn8y
f+Qy4yfoZQhT9tA0SL/3JXvH37VZla9SR5w8Nfxu/2GlQucc+9Cr41dcszGuoY4f
9ARWyoAMY37OWBxtvfU8TShPkQxgrmQV5mqti2c06Lz9ToNe49FQTljH5holK8a1
mz2Opb/VBTMYcGScC/8IEY0XyzBOliZN3ILlqIrmYCd8nha6AO4OzAwhlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFB0tPXLKmjmwvh21TcJ3ZZL9YDvMB8GA1UdIwQY
MBaAFDBKeR3HTyN3Iy+7B7aucSQKuVVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUVwNUhjZFBJM2NqTDdzSHRxNXhKQXE1VlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xOTRjOGUtZTFiNi00YWFlLWI1YjIt
Nzk4MWZkZTZiZjM5LzEvVUhTMDljc3FhT2JDLUhiVk53bmRsa3YxZ084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xOTRjOGUtZTFiNi00YWFlLWI1YjItNzk4MWZkZTZiZjM5
LzEvTUVwNUhjZFBJM2NqTDdzSHRxNXhKQXE1VlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPrCgAwQC
ufr0MA0EAgACMAcDBQMqBmvAMA0GCSqGSIb3DQEBCwUAA4IBAQCldadskhV65wSl
iYbJKKOjOvLJE7IS3Wb4Xm+u3+cKC+y1IItk5Tuey6p4Ru2/AbABHP+btHdTlzbF
hdWsjAand8mzZSpciL6rFmdoAaDCo1ZNa5gzK1Rr2+CwC8ajkQgB649nJZmea2GJ
t1a2IQ7QIIt57Cj2E0mQEY77iqmlghQ+nTVHK6QGaI0/BAbu9l3HDwC5OlwJIrWs
Bl8UVy2y8tLWznOLeV8ZriNctBgz+GfOxCrzm3s9lb6bYyAuZ+cZTahz6ADrkA6M
dJGkV3/SPHzzMJP/4nWMRFf+O2fWOb/uYN+iBpmpNVPQUehd713fhIP7xhL9CGgo
6UqBwPAm
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:24 2025 by rpki-client