Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/7e4ea8-8950-4183-abc0-3382794049c2/1/UAGrn-ASH9VRPm4IdO4mfPckYsM.roa
File: UAGrn-ASH9VRPm4IdO4mfPckYsM.roa (raw, json)
Hash identifier: 9mJNnOtyqcpY7HJZxLgk46IvcFqRdnDkKh2pqhDyir4=
Subject key identifier: 50:01:AB:9F:E0:12:1F:D5:51:3E:6E:08:74:EE:26:7C:F7:24:62:C3
Certificate issuer: /CN=306b468cc31ef3a3d081ac8f02b271e3147559bf
Certificate serial: 018CC3B66F9051AA5F09A1BB501AE662D23E
Authority key identifier: 30:6B:46:8C:C3:1E:F3:A3:D0:81:AC:8F:02:B2:71:E3:14:75:59:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGtGjMMe86PQgayPArJx4xR1Wb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/7e4ea8-8950-4183-abc0-3382794049c2/1/UAGrn-ASH9VRPm4IdO4mfPckYsM.roa
Signing time: Mon 01 Jan 2024 06:29:22 +0000
ROA not before: Mon 01 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43732
IP address blocks: 91.198.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:6f:90:51:aa:5f:09:a1:bb:50:1a:e6:62:d2:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306b468cc31ef3a3d081ac8f02b271e3147559bf
Validity
Not Before: Jan 1 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5001ab9fe0121fd5513e6e0874ee267cf72462c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:75:4e:7a:67:26:7e:28:7d:ca:1b:08:cb:8f:
35:88:69:82:21:0e:47:93:69:c9:62:d3:d0:4d:e3:
9e:6e:7f:19:3e:81:6d:96:fc:2d:78:5b:e2:06:84:
60:28:2b:06:50:02:4d:b5:fd:58:de:39:c1:1a:64:
ae:10:f5:1d:00:e5:c5:32:a5:49:48:30:ed:02:7d:
07:95:01:2b:03:1c:90:92:76:8d:2d:00:8d:49:99:
d7:ee:3f:63:68:6a:bd:21:5c:95:72:14:c1:f8:e9:
f2:86:52:11:07:76:39:40:62:2f:ae:67:ce:0f:5d:
ae:a4:a2:a1:13:4f:74:d9:2c:ec:59:75:8e:5a:35:
28:f4:a3:ab:6e:10:2b:0a:4b:e3:a7:f4:b2:6a:df:
64:14:79:77:4d:e0:b4:9d:78:26:7a:d5:1e:0c:a4:
e5:a2:28:dc:34:20:ac:ba:64:ee:5e:0b:38:a2:4d:
54:5b:ae:f1:92:3a:ee:e9:d3:77:58:fd:79:46:51:
9a:9b:b3:9a:ba:2d:05:06:2b:f1:73:cd:46:63:ef:
27:d7:74:0b:fb:49:e2:f0:d2:46:46:82:36:fa:e1:
8c:7a:27:10:b4:26:5e:f0:f9:8e:49:b9:16:d3:54:
ff:6d:e4:9f:aa:30:33:c7:a8:fc:ca:0a:c6:c3:91:
29:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:01:AB:9F:E0:12:1F:D5:51:3E:6E:08:74:EE:26:7C:F7:24:62:C3
X509v3 Authority Key Identifier:
keyid:30:6B:46:8C:C3:1E:F3:A3:D0:81:AC:8F:02:B2:71:E3:14:75:59:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGtGjMMe86PQgayPArJx4xR1Wb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7e4ea8-8950-4183-abc0-3382794049c2/1/UAGrn-ASH9VRPm4IdO4mfPckYsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7e4ea8-8950-4183-abc0-3382794049c2/1/MGtGjMMe86PQgayPArJx4xR1Wb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.132.0/24
Signature Algorithm: sha256WithRSAEncryption
21:da:1d:a5:88:71:6e:2c:59:2c:19:d6:b4:de:cd:ba:80:04:
db:c6:92:bd:10:b7:31:40:3a:12:bc:4c:91:64:f8:d4:6f:e4:
c3:dd:e8:a1:fb:f1:f1:86:ee:a9:55:b6:18:2d:75:53:fc:f6:
85:e5:96:27:9b:ed:56:5a:d5:bf:16:35:e2:ba:c3:ce:d8:57:
c4:f0:1e:36:25:fc:6d:cd:13:3e:9d:a1:8b:c1:71:98:c5:5f:
42:c2:78:8e:60:35:27:65:6e:fd:87:66:c6:e1:fb:37:8c:ea:
7b:53:4f:b3:38:a1:b5:50:f3:37:45:dd:02:7c:de:ae:3d:63:
fd:aa:f4:26:4d:e0:8f:a3:33:31:30:7f:73:2d:19:cd:33:7b:
17:3a:db:ac:43:72:93:0d:ad:f8:5a:ba:97:7a:8e:55:ec:d3:
94:5d:0d:a2:a3:38:aa:74:f3:ed:c4:b0:ec:1c:bb:32:49:a0:
43:75:bf:d6:79:73:0a:3f:e9:08:e4:77:46:fc:1e:17:c0:c6:
ca:2b:17:89:cb:d1:73:c2:59:d1:30:11:82:af:78:94:4f:1a:
26:fb:87:0a:00:bc:f8:6e:f8:a8:04:6b:a1:2b:d0:99:59:d4:
27:99:f4:55:c4:dd:ba:9c:06:e1:4a:ac:4c:72:77:7c:f2:84:
99:e9:f5:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtm+QUapfCaG7UBrmYtI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmI0NjhjYzMxZWYzYTNkMDgxYWM4ZjAyYjI3MWUzMTQ3
NTU5YmYwHhcNMjQwMTAxMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDAxYWI5ZmUwMTIxZmQ1NTEzZTZlMDg3NGVlMjY3Y2Y3MjQ2MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHVOemcmfih9yhsIy481iGmCIQ5H
k2nJYtPQTeOebn8ZPoFtlvwteFviBoRgKCsGUAJNtf1Y3jnBGmSuEPUdAOXFMqVJ
SDDtAn0HlQErAxyQknaNLQCNSZnX7j9jaGq9IVyVchTB+OnyhlIRB3Y5QGIvrmfO
D12upKKhE0902SzsWXWOWjUo9KOrbhArCkvjp/Syat9kFHl3TeC0nXgmetUeDKTl
oijcNCCsumTuXgs4ok1UW67xkjru6dN3WP15RlGam7Oaui0FBivxc81GY+8n13QL
+0ni8NJGRoI2+uGMeicQtCZe8PmOSbkW01T/beSfqjAzx6j8ygrGw5EpnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFABq5/gEh/VUT5uCHTuJnz3JGLDMB8GA1UdIwQY
MBaAFDBrRozDHvOj0IGsjwKyceMUdVm/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd0R2pNTWU4NlBRZ2F5UEFySng0eFIxV2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC83ZTRlYTgtODk1MC00MTgzLWFiYzAt
MzM4Mjc5NDA0OWMyLzEvVUFHcm4tQVNIOVZSUG00SWRPNG1mUGNrWXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC83ZTRlYTgtODk1MC00MTgzLWFiYzAtMzM4Mjc5NDA0OWMy
LzEvTUd0R2pNTWU4NlBRZ2F5UEFySng0eFIxV2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8aEMA0G
CSqGSIb3DQEBCwUAA4IBAQAh2h2liHFuLFksGda03s26gATbxpK9ELcxQDoSvEyR
ZPjUb+TD3eih+/Hxhu6pVbYYLXVT/PaF5ZYnm+1WWtW/FjXiusPO2FfE8B42Jfxt
zRM+naGLwXGYxV9CwniOYDUnZW79h2bG4fs3jOp7U0+zOKG1UPM3Rd0CfN6uPWP9
qvQmTeCPozMxMH9zLRnNM3sXOtusQ3KTDa34WrqXeo5V7NOUXQ2ioziqdPPtxLDs
HLsySaBDdb/WeXMKP+kI5HdG/B4XwMbKKxeJy9FzwlnRMBGCr3iUTxom+4cKALz4
bvioBGuhK9CZWdQnmfRVxN26nAbhSqxMcnd88oSZ6fXh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:55 2025 by rpki-client