Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/uM65VVC0khdQD0rLWKgqoijrvys.roa
File: uM65VVC0khdQD0rLWKgqoijrvys.roa (raw, json)
Hash identifier: bNJf4pjcGhh8yWyzhUs+C/peDE9l2gvDsEnRcnajn+g=
Subject key identifier: B8:CE:B9:55:50:B4:92:17:50:0F:4A:CB:58:A8:2A:A2:28:EB:BF:2B
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018CC8DCDF07CCAD95D2F1B8EE7C7EEB87D4
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/uM65VVC0khdQD0rLWKgqoijrvys.roa
Signing time: Tue 02 Jan 2024 06:29:27 +0000
ROA not before: Tue 02 Jan 2024 06:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210515
IP address blocks: 94.188.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:df:07:cc:ad:95:d2:f1:b8:ee:7c:7e:eb:87:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 2 06:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8ceb95550b49217500f4acb58a82aa228ebbf2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:68:e6:a2:3c:76:ae:8d:d5:4e:4a:e5:fe:37:
3b:c8:b3:e9:4d:36:9b:ad:bf:79:dc:c7:ca:e0:6a:
53:fc:79:3e:a1:51:5b:3b:4c:db:1e:58:1a:0e:be:
bc:cd:e8:fc:ae:e5:a7:e2:3a:fd:3f:a2:d7:a7:ff:
60:d0:e1:a4:b6:a3:8c:4b:24:84:3a:c0:49:10:c7:
5b:75:49:7b:72:9f:03:19:a3:e7:dd:f5:9d:e5:fd:
51:04:de:d2:e6:c3:7e:3c:34:2c:86:89:54:a3:68:
c5:87:c6:5f:48:d3:73:f6:b2:de:33:b9:72:46:79:
6d:be:29:ec:b2:81:00:0a:a1:a7:1c:af:2e:b2:12:
ca:30:9f:88:87:72:15:a2:80:78:1f:f5:4f:a9:38:
f2:03:ea:f9:40:1d:f2:2c:14:ae:d0:fa:d1:8d:63:
96:d4:3b:02:6e:a8:f4:b5:a8:a5:dd:f5:78:61:a0:
1b:26:47:7b:db:f2:62:c6:73:43:19:52:11:dd:40:
7d:11:2f:16:cf:4a:c0:7f:a5:d1:53:4c:cb:f7:c5:
d9:42:3a:11:bf:75:27:af:1d:0f:eb:be:44:65:81:
53:82:17:24:46:63:8a:19:7e:fb:64:cb:9c:2d:15:
0f:c3:bb:90:53:b6:b1:49:46:f8:01:68:60:6a:e5:
55:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:CE:B9:55:50:B4:92:17:50:0F:4A:CB:58:A8:2A:A2:28:EB:BF:2B
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/uM65VVC0khdQD0rLWKgqoijrvys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.174.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:9b:ce:54:7d:09:2d:47:02:1f:18:e9:f6:a7:4a:0b:2d:34:
53:68:9e:da:53:23:f9:70:ad:ee:d6:9c:76:aa:81:82:58:91:
2e:55:87:04:a0:da:b2:72:c1:58:18:c5:e7:35:21:fc:94:ff:
ef:61:06:69:45:f7:23:7f:bd:cf:19:d9:b5:c2:34:d3:5f:ba:
79:4a:f8:5c:a0:72:a2:58:25:b3:1f:b6:00:f0:65:e5:af:a5:
f9:f2:4d:60:cd:f8:be:ce:d2:26:06:bb:25:77:a6:62:60:76:
d5:5e:16:77:d0:a1:ef:41:e1:af:1f:13:64:2a:06:cc:37:15:
99:62:83:2d:0b:9f:4d:52:02:03:f1:eb:4c:c3:1c:6d:fb:40:
38:d6:33:f0:06:96:06:13:e9:c2:ca:c5:75:d1:15:1f:f2:d9:
ee:ee:a1:2e:86:ef:44:a3:7a:7a:e0:e3:1c:b4:90:1f:57:c8:
3d:e3:28:0e:fe:24:2f:85:44:b7:f6:79:70:2a:87:16:32:a4:
49:f4:a4:9b:bc:db:2f:c5:ff:9f:0c:bb:91:7c:36:0b:53:75:
7d:71:1b:0c:77:20:a8:39:00:04:0b:79:ee:49:c4:c1:2d:1b:
98:21:72:80:38:cb:bb:8f:08:72:71:fa:b3:e3:4b:dc:09:1a:
92:61:19:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3N8HzK2V0vG47nx+64fUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMTAyMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGNlYjk1NTUwYjQ5MjE3NTAwZjRhY2I1OGE4MmFhMjI4ZWJiZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2jmojx2ro3VTkrl/jc7yLPpTTab
rb953MfK4GpT/Hk+oVFbO0zbHlgaDr68zej8ruWn4jr9P6LXp/9g0OGktqOMSySE
OsBJEMdbdUl7cp8DGaPn3fWd5f1RBN7S5sN+PDQsholUo2jFh8ZfSNNz9rLeM7ly
RnltvinssoEACqGnHK8ushLKMJ+Ih3IVooB4H/VPqTjyA+r5QB3yLBSu0PrRjWOW
1DsCbqj0tail3fV4YaAbJkd72/JixnNDGVIR3UB9ES8Wz0rAf6XRU0zL98XZQjoR
v3Unrx0P675EZYFTghckRmOKGX77ZMucLRUPw7uQU7axSUb4AWhgauVVwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjOuVVQtJIXUA9Ky1ioKqIo678rMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvdU02NVZWQzBraGRRRDByTFdLZ3FvaWpydnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXryuMA0G
CSqGSIb3DQEBCwUAA4IBAQCnm85UfQktRwIfGOn2p0oLLTRTaJ7aUyP5cK3u1px2
qoGCWJEuVYcEoNqycsFYGMXnNSH8lP/vYQZpRfcjf73PGdm1wjTTX7p5SvhcoHKi
WCWzH7YA8GXlr6X58k1gzfi+ztImBrsld6ZiYHbVXhZ30KHvQeGvHxNkKgbMNxWZ
YoMtC59NUgID8etMwxxt+0A41jPwBpYGE+nCysV10RUf8tnu7qEuhu9Eo3p64OMc
tJAfV8g94ygO/iQvhUS39nlwKocWMqRJ9KSbvNsvxf+fDLuRfDYLU3V9cRsMdyCo
OQAEC3nuScTBLRuYIXKAOMu7jwhycfqz40vcCRqSYRlf
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:10:21 2025 by rpki-client