Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/cUI097Ku_DC2hY3y1UR15E_QYgw.roa
File: cUI097Ku_DC2hY3y1UR15E_QYgw.roa (raw, json)
Hash identifier: VtX+JLn5OimWTpC/ZWzVsOLFsJJHGTxVLhG5fC+4N6I=
Subject key identifier: 71:42:34:F7:B2:AE:FC:30:B6:85:8D:F2:D5:44:75:E4:4F:D0:62:0C
Certificate issuer: /CN=c463c34603a946952ff276e0a25fd361fcacf251
Certificate serial: 018CC56DE35722F419BB88F099BC8AE4381E
Authority key identifier: C4:63:C3:46:03:A9:46:95:2F:F2:76:E0:A2:5F:D3:61:FC:AC:F2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGPDRgOpRpUv8nbgol_TYfys8lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/cUI097Ku_DC2hY3y1UR15E_QYgw.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198363
IP address blocks: 176.103.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 12 Jun 2024 09:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e3:57:22:f4:19:bb:88:f0:99:bc:8a:e4:38:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c463c34603a946952ff276e0a25fd361fcacf251
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=714234f7b2aefc30b6858df2d54475e44fd0620c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:95:a3:41:91:77:bf:6a:1f:c9:91:9a:0b:3e:
a4:fd:67:27:3b:dc:fd:78:6a:fc:68:c2:d3:d2:4a:
51:94:2e:7a:1b:27:71:86:38:18:dd:ee:a6:9d:c5:
11:78:62:38:d1:5d:14:61:b2:04:b8:c1:bf:42:5a:
90:e8:2c:18:8b:89:e0:eb:69:81:dd:d2:62:b4:02:
f4:f2:52:32:ed:e1:2c:82:21:76:90:18:03:76:91:
82:13:e2:38:fd:07:46:74:a7:b8:a9:1a:ac:be:fe:
95:a5:f4:4f:30:55:dc:f4:29:fb:81:2d:44:93:d7:
23:f4:fa:eb:f5:09:19:5c:61:28:b7:27:60:54:91:
9d:c1:e5:c4:43:97:f3:8f:f2:e8:4a:85:54:59:aa:
03:7f:71:22:bb:4f:72:2e:9b:18:d5:6f:89:81:a1:
67:f6:e8:b7:39:ab:40:d6:d0:17:62:80:43:1e:3f:
0e:70:79:56:59:a5:3d:7f:7c:19:ea:58:f4:35:60:
d4:95:ed:22:14:59:f5:08:18:3d:85:6a:f2:63:5d:
f1:4e:5f:f9:20:06:55:e3:06:d8:6a:97:90:4e:47:
48:64:34:fe:4f:09:8b:b3:72:e6:83:1d:19:3c:88:
19:e1:8f:a7:bf:48:36:c1:6b:69:68:f1:d8:dc:fe:
d0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:42:34:F7:B2:AE:FC:30:B6:85:8D:F2:D5:44:75:E4:4F:D0:62:0C
X509v3 Authority Key Identifier:
keyid:C4:63:C3:46:03:A9:46:95:2F:F2:76:E0:A2:5F:D3:61:FC:AC:F2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGPDRgOpRpUv8nbgol_TYfys8lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/cUI097Ku_DC2hY3y1UR15E_QYgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/xGPDRgOpRpUv8nbgol_TYfys8lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.248.0/21
Signature Algorithm: sha256WithRSAEncryption
32:c1:e5:ea:41:69:6b:0f:3a:cc:fe:64:a9:9c:53:3f:0b:a7:
91:27:9f:b0:01:76:f4:e1:0c:94:dc:5f:40:cd:82:fe:64:93:
95:94:2d:2e:9c:c8:45:33:fa:b9:51:c9:89:94:72:db:46:28:
e0:db:19:d2:69:94:fb:f2:87:58:57:05:ce:5d:d5:8d:cd:f4:
9a:35:8a:84:a1:ed:77:99:eb:b8:5a:50:3a:c1:95:68:66:4d:
49:b9:37:8c:51:65:5f:36:5d:8f:e8:32:29:80:8b:fd:71:34:
56:d6:31:bc:81:36:b4:84:0e:c4:b9:a5:97:89:ec:14:ff:68:
d0:f6:61:3f:35:42:58:2b:34:57:7e:82:83:fd:9d:e5:86:e7:
27:a7:21:c6:f8:fb:c1:ab:72:30:de:de:70:fb:98:7c:c5:95:
56:c4:6b:c1:63:65:bb:b3:9f:53:19:a2:70:ee:c6:3a:f0:60:
c5:ed:18:83:8f:01:59:4a:17:e8:3c:28:fe:1d:7c:7e:56:f3:
33:21:a4:a1:79:e8:be:97:fb:ec:f5:f0:51:3f:64:77:5f:35:
64:21:8b:23:39:50:d3:8e:cf:32:51:b0:a9:10:d7:fe:2f:d0:
7c:41:20:64:70:93:7f:4b:78:c5:f6:c5:e7:0b:8d:b4:ef:49:
55:8f:e8:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbeNXIvQZu4jwmbyK5DgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NjNjMzQ2MDNhOTQ2OTUyZmYyNzZlMGEyNWZkMzYxZmNh
Y2YyNTEwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQyMzRmN2IyYWVmYzMwYjY4NThkZjJkNTQ0NzVlNDRmZDA2MjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJWjQZF3v2ofyZGaCz6k/WcnO9z9
eGr8aMLT0kpRlC56GydxhjgY3e6mncUReGI40V0UYbIEuMG/QlqQ6CwYi4ng62mB
3dJitAL08lIy7eEsgiF2kBgDdpGCE+I4/QdGdKe4qRqsvv6VpfRPMFXc9Cn7gS1E
k9cj9Prr9QkZXGEotydgVJGdweXEQ5fzj/LoSoVUWaoDf3Eiu09yLpsY1W+JgaFn
9ui3OatA1tAXYoBDHj8OcHlWWaU9f3wZ6lj0NWDUle0iFFn1CBg9hWryY13xTl/5
IAZV4wbYapeQTkdIZDT+TwmLs3Lmgx0ZPIgZ4Y+nv0g2wWtpaPHY3P7QoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFCNPeyrvwwtoWN8tVEdeRP0GIMMB8GA1UdIwQY
MBaAFMRjw0YDqUaVL/J24KJf02H8rPJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdQRFJnT3BScFV2OG5iZ29sX1RZZnlzOGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8yNGZhZTktZWQ4Ny00NGY2LWE3OTUt
MDA2NDIwZTQzNDRkLzEvY1VJMDk3S3VfREMyaFkzeTFVUjE1RV9RWWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8yNGZhZTktZWQ4Ny00NGY2LWE3OTUtMDA2NDIwZTQzNDRk
LzEveEdQRFJnT3BScFV2OG5iZ29sX1RZZnlzOGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGf4MA0G
CSqGSIb3DQEBCwUAA4IBAQAyweXqQWlrDzrM/mSpnFM/C6eRJ5+wAXb04QyU3F9A
zYL+ZJOVlC0unMhFM/q5UcmJlHLbRijg2xnSaZT78odYVwXOXdWNzfSaNYqEoe13
meu4WlA6wZVoZk1JuTeMUWVfNl2P6DIpgIv9cTRW1jG8gTa0hA7EuaWXiewU/2jQ
9mE/NUJYKzRXfoKD/Z3lhucnpyHG+PvBq3Iw3t5w+5h8xZVWxGvBY2W7s59TGaJw
7sY68GDF7RiDjwFZShfoPCj+HXx+VvMzIaSheei+l/vs9fBRP2R3XzVkIYsjOVDT
js8yUbCpENf+L9B8QSBkcJN/S3jF9sXnC42070lVj+iL
-----END CERTIFICATE-----
Generated at Wed Jun 12 11:19:01 2024 by rpki-client on console-fra.rpki-client.org