Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/uKInY-QvxcXqSwTKQ_-JZInRaXQ.roa
File: uKInY-QvxcXqSwTKQ_-JZInRaXQ.roa (raw, json)
Hash identifier: p+zDv+pGorKMaUftEm0Fl9/wni9YGhLC/JZ3zSJfMK0=
Subject key identifier: B8:A2:27:63:E4:2F:C5:C5:EA:4B:04:CA:43:FF:89:64:89:D1:69:74
Certificate issuer: /CN=c2902f769bf681b1039f2cee61e9e0f975e4e56b
Certificate serial: 018CCA2A41C00A2ECBD764165ED8E21A3322
Authority key identifier: C2:90:2F:76:9B:F6:81:B1:03:9F:2C:EE:61:E9:E0:F9:75:E4:E5:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/uKInY-QvxcXqSwTKQ_-JZInRaXQ.roa
Signing time: Tue 02 Jan 2024 12:33:36 +0000
ROA not before: Tue 02 Jan 2024 12:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34359
IP address blocks: 195.225.144.0/22 maxlen: 22
213.109.128.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 26 Feb 2024 08:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:41:c0:0a:2e:cb:d7:64:16:5e:d8:e2:1a:33:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2902f769bf681b1039f2cee61e9e0f975e4e56b
Validity
Not Before: Jan 2 12:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8a22763e42fc5c5ea4b04ca43ff896489d16974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e7:05:a8:8b:d2:71:f3:78:95:8c:75:2b:87:
f7:36:99:d3:77:1b:ff:78:d5:8d:42:15:5d:74:13:
c2:a1:db:0e:07:0f:15:cc:28:e7:b5:10:5e:aa:3a:
a1:3d:b5:0b:96:ab:1c:1e:f7:c4:cd:d3:ed:a8:c8:
8a:10:2b:27:fa:7e:b2:9e:d6:1a:75:8c:03:ef:dc:
e6:36:94:75:e2:3c:07:a2:1b:2a:ac:23:bb:39:74:
a5:1f:c5:77:a4:2e:2f:aa:6f:1c:5a:92:97:dd:77:
e1:74:98:24:12:41:2e:31:57:1c:bd:24:f4:b4:92:
e3:bc:fc:be:3c:6a:a1:d8:6d:96:ac:90:4b:e2:c6:
91:e0:17:26:06:c0:25:a3:0c:77:92:5b:fe:bf:72:
67:4e:8b:88:2c:93:bf:d9:64:b0:dd:b4:4b:1c:2d:
55:9e:ac:1e:9c:69:70:69:ae:90:8a:c7:da:b3:00:
47:6a:f3:a5:e3:a8:06:81:d4:74:b3:cf:78:65:71:
8e:d1:0b:80:59:16:a8:d2:1b:25:ad:7a:72:90:c5:
37:9d:8f:a7:f9:0b:71:50:e6:df:5f:65:2f:b2:c2:
d0:13:6f:6a:74:dc:41:c8:ec:d6:ea:e1:c0:26:71:
e6:e1:2a:fd:15:e2:49:8f:68:fc:ed:07:f4:1f:7e:
62:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A2:27:63:E4:2F:C5:C5:EA:4B:04:CA:43:FF:89:64:89:D1:69:74
X509v3 Authority Key Identifier:
keyid:C2:90:2F:76:9B:F6:81:B1:03:9F:2C:EE:61:E9:E0:F9:75:E4:E5:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/uKInY-QvxcXqSwTKQ_-JZInRaXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wpAvdpv2gbEDnyzuYeng-XXk5Ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.144.0/22
213.109.128.0/20
Signature Algorithm: sha256WithRSAEncryption
02:bf:bf:12:4f:98:3e:f1:51:a9:dd:0a:86:9b:dd:7a:90:c7:
8a:4f:4f:df:43:35:9f:a3:b5:47:b2:a7:7c:30:16:1d:94:66:
a0:18:92:50:9c:dc:cc:43:f6:8f:f5:b5:2e:e6:84:0f:85:78:
7b:f5:1d:bc:89:82:cf:20:8b:ef:2e:cb:b3:f5:2f:20:75:7b:
93:4f:24:cd:4f:6a:69:b8:82:79:ae:a3:ca:80:aa:e8:cd:1b:
d7:be:28:2b:09:06:75:9b:f5:ca:e0:11:ff:8d:f3:bb:1d:75:
31:42:91:da:8f:3c:da:ed:6d:3e:70:2f:43:18:63:52:68:55:
6f:0e:5a:ad:3e:c2:31:fb:b3:3d:38:b4:1d:83:55:95:5e:f9:
e0:e2:00:32:9e:fc:26:d8:b3:22:ed:81:9d:48:2a:a6:9c:6e:
a6:fb:8c:7b:68:af:17:f3:5d:2d:64:e9:92:2e:d7:1e:e6:25:
10:8b:b0:db:87:f2:ff:6a:e3:5d:87:e4:b9:ef:ef:81:6a:af:
a3:68:66:b5:55:f1:89:43:5e:f0:af:1b:03:1f:75:ec:ca:8d:
9d:85:d0:e0:9e:1b:bf:64:0a:67:40:72:84:62:53:b6:17:11:
7b:dc:c0:01:6b:64:bb:5d:5d:d1:96:2b:53:59:43:ac:fb:d3:
1e:5f:d9:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKkHACi7L12QWXtjiGjMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyOTAyZjc2OWJmNjgxYjEwMzlmMmNlZTYxZTllMGY5NzVl
NGU1NmIwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGEyMjc2M2U0MmZjNWM1ZWE0YjA0Y2E0M2ZmODk2NDg5ZDE2OTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOcFqIvScfN4lYx1K4f3NpnTdxv/
eNWNQhVddBPCodsOBw8VzCjntRBeqjqhPbULlqscHvfEzdPtqMiKECsn+n6yntYa
dYwD79zmNpR14jwHohsqrCO7OXSlH8V3pC4vqm8cWpKX3XfhdJgkEkEuMVccvST0
tJLjvPy+PGqh2G2WrJBL4saR4BcmBsAlowx3klv+v3JnTouILJO/2WSw3bRLHC1V
nqwenGlwaa6QisfaswBHavOl46gGgdR0s894ZXGO0QuAWRao0hslrXpykMU3nY+n
+QtxUObfX2UvssLQE29qdNxByOzW6uHAJnHm4Sr9FeJJj2j87Qf0H35i5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLiiJ2PkL8XF6ksEykP/iWSJ0Wl0MB8GA1UdIwQY
MBaAFMKQL3ab9oGxA58s7mHp4Pl15OVrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3BBdmRwdjJnYkVEbnl6dVllbmctWFhrNVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NGQ0MTMtNDBmNS00YWUyLWFjYTkt
ZmYzOTM2ZmU5OTQ2LzEvdUtJblktUXZ4Y1hxU3dUS1FfLUpaSW5SYVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My81NGQ0MTMtNDBmNS00YWUyLWFjYTktZmYzOTM2ZmU5OTQ2
LzEvd3BBdmRwdjJnYkVEbnl6dVllbmctWFhrNVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw+GQAwQE
1W2AMA0GCSqGSIb3DQEBCwUAA4IBAQACv78ST5g+8VGp3QqGm916kMeKT0/fQzWf
o7VHsqd8MBYdlGagGJJQnNzMQ/aP9bUu5oQPhXh79R28iYLPIIvvLsuz9S8gdXuT
TyTNT2ppuIJ5rqPKgKrozRvXvigrCQZ1m/XK4BH/jfO7HXUxQpHajzza7W0+cC9D
GGNSaFVvDlqtPsIx+7M9OLQdg1WVXvng4gAynvwm2LMi7YGdSCqmnG6m+4x7aK8X
810tZOmSLtce5iUQi7Dbh/L/auNdh+S57++Baq+jaGa1VfGJQ17wrxsDH3Xsyo2d
hdDgnhu/ZApnQHKEYlO2FxF73MABa2S7XV3RlitTWUOs+9MeX9n6
-----END CERTIFICATE-----
Generated at Mon Feb 26 11:26:09 2024 by rpki-client on console-ams.rpki-client.org