Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5d632a-e453-42a5-805f-3dcecbca3702/1/UIQCGib0EsKoOrvk4neyItzsN80.roa
File: UIQCGib0EsKoOrvk4neyItzsN80.roa (raw, json)
Hash identifier: DEZeOV0I56SfNlUvD4EsIFxqG12ztTpFP3fTAtJKrAA=
Subject key identifier: 50:84:02:1A:26:F4:12:C2:A8:3A:BB:E4:E2:77:B2:22:DC:EC:37:CD
Certificate issuer: /CN=d5f264e3805a3d104537357a14ff926ac029599c
Certificate serial: 0193A160497C9887C98C00D64A96973AFE41
Authority key identifier: D5:F2:64:E3:80:5A:3D:10:45:37:35:7A:14:FF:92:6A:C0:29:59:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1fJk44BaPRBFNzV6FP-SasApWZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/5d632a-e453-42a5-805f-3dcecbca3702/1/UIQCGib0EsKoOrvk4neyItzsN80.roa
Signing time: Sat 07 Dec 2024 13:47:42 +0000
ROA not before: Sat 07 Dec 2024 13:47:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 185.36.102.0/24 maxlen: 24
2a05:4cc0::/29 maxlen: 48
2a05:4cc0:f1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:60:49:7c:98:87:c9:8c:00:d6:4a:96:97:3a:fe:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5f264e3805a3d104537357a14ff926ac029599c
Validity
Not Before: Dec 7 13:47:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5084021a26f412c2a83abbe4e277b222dcec37cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:47:17:e9:ef:16:95:49:18:01:1c:e2:d3:bc:
ef:cc:a3:e7:3d:cd:b3:6f:c3:22:91:f7:f3:da:c4:
10:05:97:ae:f3:d9:24:37:40:c0:58:8e:45:86:7d:
ca:35:aa:74:e3:21:78:59:09:d1:ec:94:27:d4:05:
48:62:36:fd:1d:71:9e:9f:dd:dd:4a:31:56:a9:cc:
eb:cd:a0:bd:c2:5f:89:1a:e3:2e:44:fe:a5:23:26:
c2:e8:f3:1d:de:a8:57:89:b8:34:a2:9b:96:20:4c:
fb:59:0f:20:81:2a:58:ea:b3:26:c4:96:a9:27:7f:
a4:74:04:a3:64:da:91:d8:e4:03:ae:8e:bb:07:05:
8d:05:d7:a4:07:07:b8:d5:33:0e:3d:fa:86:cd:f8:
80:18:8c:ab:ff:4e:50:13:3b:13:a6:b4:07:45:6f:
13:62:34:f5:f0:ac:9e:d3:c8:19:57:d6:6b:ce:4b:
63:c1:39:56:0d:62:ae:11:4f:3b:7f:ce:1e:ce:af:
46:91:c1:0d:7b:74:13:da:f3:6d:41:8c:57:57:5a:
10:26:d9:8a:7f:5c:0a:14:62:68:3f:4a:94:ec:3d:
30:80:b0:7e:eb:cd:19:bc:52:43:8c:c3:2f:f8:8a:
b7:ec:bf:07:97:35:db:5e:c2:ae:8a:d4:8b:0f:2a:
e2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:84:02:1A:26:F4:12:C2:A8:3A:BB:E4:E2:77:B2:22:DC:EC:37:CD
X509v3 Authority Key Identifier:
keyid:D5:F2:64:E3:80:5A:3D:10:45:37:35:7A:14:FF:92:6A:C0:29:59:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fJk44BaPRBFNzV6FP-SasApWZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5d632a-e453-42a5-805f-3dcecbca3702/1/UIQCGib0EsKoOrvk4neyItzsN80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5d632a-e453-42a5-805f-3dcecbca3702/1/1fJk44BaPRBFNzV6FP-SasApWZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.102.0/24
IPv6:
2a05:4cc0::/29
Signature Algorithm: sha256WithRSAEncryption
ae:15:94:21:75:70:0e:5f:54:cd:1a:15:ad:34:de:7e:bb:da:
24:b6:bb:ac:d4:f4:1f:64:47:cb:c3:aa:06:48:6b:1f:4f:8e:
b5:a5:f6:d5:81:b3:97:42:58:29:79:0b:0b:5d:5d:a9:3f:ce:
ac:87:28:20:89:35:5d:6a:0c:4b:7d:c2:1c:e7:76:8c:4c:43:
fa:ae:b2:80:7b:44:fa:66:51:f8:79:a1:94:05:3a:a0:cf:0b:
63:53:58:b1:77:af:f0:eb:90:b7:80:1b:22:8b:35:6f:2a:ee:
9c:1d:01:15:10:c1:05:f7:a9:2e:0d:d8:34:2b:ff:9e:18:2c:
35:24:fb:29:d5:4f:a9:36:c3:08:9f:34:19:25:1f:bd:e7:5d:
57:cd:a2:84:a5:88:18:26:ca:76:9c:44:a0:e2:5c:1a:55:01:
91:8f:a2:82:63:7c:0b:59:4b:af:de:fd:2a:cd:c5:46:4d:c1:
fc:51:2d:c8:43:99:5f:71:64:8d:14:f8:b5:50:6b:b5:19:6e:
94:27:43:2e:82:d1:78:39:01:5a:58:58:52:af:53:24:c4:dd:
c3:b5:98:90:7b:1e:dd:45:95:ed:ae:3b:07:cc:cd:cd:1f:8b:
cb:61:05:c0:49:c0:2c:95:74:4b:de:ea:2c:68:26:72:cd:b8:
47:32:1e:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOhYEl8mIfJjADWSpaXOv5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjI2NGUzODA1YTNkMTA0NTM3MzU3YTE0ZmY5MjZhYzAy
OTU5OWMwHhcNMjQxMjA3MTM0NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDg0MDIxYTI2ZjQxMmMyYTgzYWJiZTRlMjc3YjIyMmRjZWMzN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10cX6e8WlUkYARzi07zvzKPnPc2z
b8Mikffz2sQQBZeu89kkN0DAWI5Fhn3KNap04yF4WQnR7JQn1AVIYjb9HXGen93d
SjFWqczrzaC9wl+JGuMuRP6lIybC6PMd3qhXibg0opuWIEz7WQ8ggSpY6rMmxJap
J3+kdASjZNqR2OQDro67BwWNBdekBwe41TMOPfqGzfiAGIyr/05QEzsTprQHRW8T
YjT18Kye08gZV9ZrzktjwTlWDWKuEU87f84ezq9GkcENe3QT2vNtQYxXV1oQJtmK
f1wKFGJoP0qU7D0wgLB+680ZvFJDjMMv+Iq37L8HlzXbXsKuitSLDyribwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFCEAhom9BLCqDq75OJ3siLc7DfNMB8GA1UdIwQY
MBaAFNXyZOOAWj0QRTc1ehT/kmrAKVmcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZKazQ0QmFQUkJGTnpWNkZQLVNhc0FwV1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZDYzMmEtZTQ1My00MmE1LTgwNWYt
M2RjZWNiY2EzNzAyLzEvVUlRQ0dpYjBFc0tvT3J2azRuZXlJdHpzTjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81ZDYzMmEtZTQ1My00MmE1LTgwNWYtM2RjZWNiY2EzNzAy
LzEvMWZKazQ0QmFQUkJGTnpWNkZQLVNhc0FwV1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSRmMA0E
AgACMAcDBQMqBUzAMA0GCSqGSIb3DQEBCwUAA4IBAQCuFZQhdXAOX1TNGhWtNN5+
u9oktrus1PQfZEfLw6oGSGsfT461pfbVgbOXQlgpeQsLXV2pP86shyggiTVdagxL
fcIc53aMTEP6rrKAe0T6ZlH4eaGUBTqgzwtjU1ixd6/w65C3gBsiizVvKu6cHQEV
EMEF96kuDdg0K/+eGCw1JPsp1U+pNsMInzQZJR+9511XzaKEpYgYJsp2nESg4lwa
VQGRj6KCY3wLWUuv3v0qzcVGTcH8US3IQ5lfcWSNFPi1UGu1GW6UJ0MugtF4OQFa
WFhSr1MkxN3DtZiQex7dRZXtrjsHzM3NH4vLYQXAScAslXRL3uosaCZyzbhHMh4d
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:37:21 2025 by rpki-client