Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/ucNKD2Dl9dnDLHB_27rJBVD1pAQ.roa
File: ucNKD2Dl9dnDLHB_27rJBVD1pAQ.roa (raw, json)
Hash identifier: 4bvcch7vDhXeHrOh3Sif474Vqk4OawBCOQXC8bOt6Z0=
Subject key identifier: B9:C3:4A:0F:60:E5:F5:D9:C3:2C:70:7F:DB:BA:C9:05:50:F5:A4:04
Certificate issuer: /CN=039b01353e51a3a87e835963bd8833ed81853d77
Certificate serial: 018CC87082C245FCD2CD6EA2001952CD2457
Authority key identifier: 03:9B:01:35:3E:51:A3:A8:7E:83:59:63:BD:88:33:ED:81:85:3D:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/ucNKD2Dl9dnDLHB_27rJBVD1pAQ.roa
Signing time: Tue 02 Jan 2024 04:31:05 +0000
ROA not before: Tue 02 Jan 2024 04:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24586
IP address blocks: 185.138.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:82:c2:45:fc:d2:cd:6e:a2:00:19:52:cd:24:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=039b01353e51a3a87e835963bd8833ed81853d77
Validity
Not Before: Jan 2 04:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9c34a0f60e5f5d9c32c707fdbbac90550f5a404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a1:cd:a7:e3:d1:92:66:63:64:4e:f1:98:97:
da:10:d8:39:fa:e2:1f:c9:c8:89:07:25:ec:0d:7f:
a8:25:c5:cd:82:37:54:1b:e3:ac:d2:72:d5:89:52:
ee:91:99:64:e0:7a:b6:81:e1:ec:20:c7:85:32:a5:
61:32:ff:81:5b:63:4f:28:a8:7d:3b:1e:09:83:6e:
15:13:b8:79:6b:55:51:d0:2d:1b:47:bf:3b:6c:e8:
83:dc:ee:e9:60:c1:21:4a:0d:67:87:56:89:7e:be:
a3:c6:1b:77:bd:e7:cd:55:d3:45:35:8e:b8:fb:08:
c3:69:70:6f:d5:97:8f:0a:56:ea:ed:fa:5d:64:75:
eb:e2:c7:75:dd:92:25:96:2d:55:6e:fa:22:49:9b:
48:f5:cd:3d:a1:ce:40:94:c2:86:0d:14:9f:27:35:
8a:a2:27:ec:c9:fd:0f:1b:26:a7:c3:72:84:d1:0d:
d7:32:41:a3:ec:c3:de:18:ac:a8:3c:1a:0a:be:c8:
8c:33:ca:ee:66:d5:df:a6:d6:db:4a:b7:71:3f:57:
7a:97:f0:18:14:ec:fa:a3:5a:ff:e2:28:51:05:b3:
53:14:a2:ca:00:aa:3e:b6:f6:ec:ff:fd:79:f2:58:
c7:0e:b5:08:a6:0c:bf:7a:23:47:e8:7e:d2:2a:b0:
6f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C3:4A:0F:60:E5:F5:D9:C3:2C:70:7F:DB:BA:C9:05:50:F5:A4:04
X509v3 Authority Key Identifier:
keyid:03:9B:01:35:3E:51:A3:A8:7E:83:59:63:BD:88:33:ED:81:85:3D:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/ucNKD2Dl9dnDLHB_27rJBVD1pAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cf88f-2c6a-4b48-a25e-4a8b6b4082b1/1/A5sBNT5Ro6h-g1ljvYgz7YGFPXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.80.0/22
Signature Algorithm: sha256WithRSAEncryption
38:ef:69:9e:4c:b1:ba:6c:f2:ed:89:a0:4b:12:79:fa:9b:39:
8c:b0:ab:89:a3:7e:4e:95:ba:18:42:7e:75:d4:cf:01:28:48:
47:b0:e8:45:64:c6:fc:b0:e5:db:ba:9c:14:0f:2d:4f:45:93:
57:cc:9f:6f:46:ad:f4:9b:31:52:3b:d4:d3:9d:2c:72:ae:84:
6e:cb:72:e4:b1:76:07:3e:bb:77:57:7b:05:13:e0:66:3c:8f:
fe:7a:e5:4e:21:8a:b7:ad:ee:f0:69:73:ad:63:bc:a5:a5:61:
17:7e:ea:65:db:8d:79:32:d1:76:36:bc:b2:f8:bb:30:26:7b:
dd:a7:2c:4f:69:8f:8f:46:98:dc:b6:d7:b3:ff:f0:6b:14:83:
12:99:26:b6:ec:2d:4e:ba:4e:41:61:e5:e2:67:9a:91:c5:a4:
b6:65:de:73:6e:bf:94:a3:d7:e9:22:ba:1d:fa:6a:d9:f2:94:
52:d7:52:5b:58:d0:67:c9:21:77:0c:be:60:5a:46:8e:27:b5:
8a:3a:7c:d5:12:27:00:8b:da:0a:01:ed:2f:f9:4a:61:75:e0:
4a:2a:e1:c3:36:8a:65:09:7f:5c:1f:2a:9b:71:03:b8:f9:e9:
42:a5:88:5a:e4:5b:4e:f3:9d:5b:d0:59:bb:00:95:6f:d8:0a:
39:21:a7:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcILCRfzSzW6iABlSzSRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOWIwMTM1M2U1MWEzYTg3ZTgzNTk2M2JkODgzM2VkODE4
NTNkNzcwHhcNMjQwMTAyMDQzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWMzNGEwZjYwZTVmNWQ5YzMyYzcwN2ZkYmJhYzkwNTUwZjVhNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaHNp+PRkmZjZE7xmJfaENg5+uIf
yciJByXsDX+oJcXNgjdUG+Os0nLViVLukZlk4Hq2geHsIMeFMqVhMv+BW2NPKKh9
Ox4Jg24VE7h5a1VR0C0bR787bOiD3O7pYMEhSg1nh1aJfr6jxht3vefNVdNFNY64
+wjDaXBv1ZePClbq7fpdZHXr4sd13ZIlli1VbvoiSZtI9c09oc5AlMKGDRSfJzWK
oifsyf0PGyanw3KE0Q3XMkGj7MPeGKyoPBoKvsiMM8ruZtXfptbbSrdxP1d6l/AY
FOz6o1r/4ihRBbNTFKLKAKo+tvbs//158ljHDrUIpgy/eiNH6H7SKrBvawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnDSg9g5fXZwyxwf9u6yQVQ9aQEMB8GA1UdIwQY
MBaAFAObATU+UaOofoNZY72IM+2BhT13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTVzQk5UNVJvNmgtZzFsanZZZ3o3WUdGUFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yY2Y4OGYtMmM2YS00YjQ4LWEyNWUt
NGE4YjZiNDA4MmIxLzEvdWNOS0QyRGw5ZG5ETEhCXzI3ckpCVkQxcEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8yY2Y4OGYtMmM2YS00YjQ4LWEyNWUtNGE4YjZiNDA4MmIx
LzEvQTVzQk5UNVJvNmgtZzFsanZZZ3o3WUdGUFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYpQMA0G
CSqGSIb3DQEBCwUAA4IBAQA472meTLG6bPLtiaBLEnn6mzmMsKuJo35OlboYQn51
1M8BKEhHsOhFZMb8sOXbupwUDy1PRZNXzJ9vRq30mzFSO9TTnSxyroRuy3LksXYH
Prt3V3sFE+BmPI/+euVOIYq3re7waXOtY7ylpWEXfupl2415MtF2Nryy+LswJnvd
pyxPaY+PRpjcttez//BrFIMSmSa27C1Ouk5BYeXiZ5qRxaS2Zd5zbr+Uo9fpIrod
+mrZ8pRS11JbWNBnySF3DL5gWkaOJ7WKOnzVEicAi9oKAe0v+UphdeBKKuHDNopl
CX9cHyqbcQO4+elCpYha5FtO851b0Fm7AJVv2Ao5Iaea
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:19 2025 by rpki-client