Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/uWvd4DLN4_5fD35a7km0B5RXtkM.roa
File: uWvd4DLN4_5fD35a7km0B5RXtkM.roa (raw, json)
Hash identifier: YKQCMpGhpgq6SWatxMt37SLOdqDz5iqCOyM++qlE0I8=
Subject key identifier: B9:6B:DD:E0:32:CD:E3:FE:5F:0F:7E:5A:EE:49:B4:07:94:57:B6:43
Certificate issuer: /CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Certificate serial: 018F2B973C79A7C4D7E26CC8EEDCFEECDD04
Authority key identifier: F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/uWvd4DLN4_5fD35a7km0B5RXtkM.roa
Signing time: Mon 29 Apr 2024 20:41:22 +0000
ROA not before: Mon 29 Apr 2024 20:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208537
IP address blocks: 94.101.104.0/24 maxlen: 24
192.83.120.0/24 maxlen: 24
194.102.239.0/24 maxlen: 24
213.159.24.0/23 maxlen: 23
2a11:800::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 15 Oct 2024 19:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2b:97:3c:79:a7:c4:d7:e2:6c:c8:ee:dc:fe:ec:dd:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Validity
Not Before: Apr 29 20:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b96bdde032cde3fe5f0f7e5aee49b4079457b643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9d:89:0f:16:a5:41:1d:f7:69:0f:db:b2:db:
d0:3b:04:88:7d:c8:4c:da:58:90:53:15:3a:79:f5:
d0:27:d6:8d:10:2c:a8:7c:9f:f9:e2:27:ae:15:0b:
77:9b:d7:cb:d4:e9:46:67:fb:68:40:cc:87:7c:e5:
5d:94:52:f7:8a:14:8a:6f:26:9b:8e:92:b2:03:3a:
c9:7b:ed:43:40:ab:e9:7b:10:ea:ba:68:e9:27:ab:
0a:69:58:19:eb:7b:e2:bd:1c:93:89:6c:dd:78:81:
31:4b:37:b7:a2:1a:e1:95:64:b7:99:9d:f2:5c:ef:
74:1a:88:f4:f9:a0:cc:14:e1:53:e1:db:b2:cd:44:
82:4a:1a:00:1e:56:6a:8d:9c:bd:05:f8:22:ab:d8:
c2:15:9e:be:c6:59:73:5c:fe:5b:b4:42:05:e4:01:
bb:05:2d:3f:9d:23:ca:88:78:1a:4c:f2:e2:1f:31:
e9:6d:a7:2a:1a:08:e7:fc:38:40:c7:f4:35:49:74:
ef:d7:18:28:95:52:e7:21:2f:29:6a:1f:c1:a7:73:
1f:2a:9a:a7:18:37:c7:f4:9a:92:b9:81:d9:c4:01:
0f:ab:1e:60:7d:d3:3f:eb:b7:6d:ed:e1:bb:4f:6a:
e1:38:3a:11:58:c1:16:f7:60:bc:a0:1f:35:ac:63:
a0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6B:DD:E0:32:CD:E3:FE:5F:0F:7E:5A:EE:49:B4:07:94:57:B6:43
X509v3 Authority Key Identifier:
keyid:F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/uWvd4DLN4_5fD35a7km0B5RXtkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/9q2iC9mLq990w9Vs14raZu2HoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.104.0/24
192.83.120.0/24
194.102.239.0/24
213.159.24.0/23
IPv6:
2a11:800::/29
Signature Algorithm: sha256WithRSAEncryption
63:a7:03:3e:1a:c1:47:5e:95:b6:82:ae:c5:5b:cf:e5:89:18:
a0:81:7f:5c:a4:b1:db:b9:37:0e:c4:41:3d:1a:23:88:11:27:
0a:d4:f2:aa:00:4c:52:4e:1a:ca:00:db:06:b9:cf:55:96:2a:
72:03:96:cd:c8:de:91:ab:ec:fb:8f:02:bc:57:45:2c:95:00:
b9:34:f5:b7:74:17:1f:3e:9d:be:ba:1e:14:6c:ac:0b:ba:e7:
a3:31:02:6c:41:d8:11:21:60:33:0a:b5:eb:fa:b9:48:40:60:
3e:be:59:3e:26:49:e5:01:7a:ce:05:9e:2d:da:4d:d0:d5:3e:
d1:28:a2:e6:70:84:92:48:76:17:fc:2d:b7:70:22:80:ec:74:
d4:07:5d:f3:80:5c:24:a3:4c:f6:bd:b5:2b:49:91:43:ab:c0:
8b:59:b5:8c:1f:4d:fd:69:1e:b9:1f:d1:e0:4d:d9:ef:ef:15:
6d:a1:c3:15:11:09:42:4a:a5:fe:3d:0e:96:2c:c4:0d:44:4c:
57:6c:95:2e:e7:6b:f0:82:49:e5:0e:b3:84:68:48:43:ae:ec:
36:22:37:bd:96:f4:19:53:e2:d8:21:a6:49:2f:07:53:2a:51:
ff:7a:ee:ce:15:65:70:9c:75:d2:fc:cf:aa:a1:42:03:d6:c2:
6b:72:f8:84
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY8rlzx5p8TX4mzI7tz+7N0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWRhMjBiZDk4YmFiZGY3NGMzZDU2Y2Q3OGFkYTY2ZWQ4
N2ExNDgwHhcNMjQwNDI5MjA0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTZiZGRlMDMyY2RlM2ZlNWYwZjdlNWFlZTQ5YjQwNzk0NTdiNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z2JDxalQR33aQ/bstvQOwSIfchM
2liQUxU6efXQJ9aNECyofJ/54ieuFQt3m9fL1OlGZ/toQMyHfOVdlFL3ihSKbyab
jpKyAzrJe+1DQKvpexDqumjpJ6sKaVgZ63vivRyTiWzdeIExSze3ohrhlWS3mZ3y
XO90Goj0+aDMFOFT4duyzUSCShoAHlZqjZy9Bfgiq9jCFZ6+xllzXP5btEIF5AG7
BS0/nSPKiHgaTPLiHzHpbacqGgjn/DhAx/Q1SXTv1xgolVLnIS8pah/Bp3MfKpqn
GDfH9JqSuYHZxAEPqx5gfdM/67dt7eG7T2rhODoRWMEW92C8oB81rGOgKQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLlr3eAyzeP+Xw9+Wu5JtAeUV7ZDMB8GA1UdIwQY
MBaAFPatogvZi6vfdMPVbNeK2mbth6FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzkt
OWRiMTdhNWRlNDYzLzEvdVd2ZDRETE40XzVmRDM1YTdrbTBCNVJYdGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzktOWRiMTdhNWRlNDYz
LzEvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAXmVoAwQA
wFN4AwQAwmbvAwQB1Z8YMA0EAgACMAcDBQMqEQgAMA0GCSqGSIb3DQEBCwUAA4IB
AQBjpwM+GsFHXpW2gq7FW8/liRiggX9cpLHbuTcOxEE9GiOIEScK1PKqAExSThrK
ANsGuc9VlipyA5bNyN6Rq+z7jwK8V0UslQC5NPW3dBcfPp2+uh4UbKwLuuejMQJs
QdgRIWAzCrXr+rlIQGA+vlk+JknlAXrOBZ4t2k3Q1T7RKKLmcISSSHYX/C23cCKA
7HTUB13zgFwko0z2vbUrSZFDq8CLWbWMH039aR65H9HgTdnv7xVtocMVEQlCSqX+
PQ6WLMQNRExXbJUu52vwgknlDrOEaEhDruw2Ije9lvQZU+LYIaZJLwdTKlH/eu7O
FWVwnHXS/M+qoUID1sJrcviE
-----END CERTIFICATE-----
Generated at Tue Oct 15 22:18:33 2024 by rpki-client on console-fra.rpki-client.org