Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/ug3T1sdxCn7AGiHH6O1DmQqLWUI.roa
File: ug3T1sdxCn7AGiHH6O1DmQqLWUI.roa (raw, json)
Hash identifier: oigviVUgzzlWadFUZtWWEdhj4HCE4Sf33xWgNig07bg=
Subject key identifier: BA:0D:D3:D6:C7:71:0A:7E:C0:1A:21:C7:E8:ED:43:99:0A:8B:59:42
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 018CC6B7837C7499547EC357E05A50F65F32
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/ug3T1sdxCn7AGiHH6O1DmQqLWUI.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57543
IP address blocks: 46.143.216.0/21 maxlen: 21
46.143.224.0/21 maxlen: 21
46.143.232.0/22 maxlen: 22
46.143.236.0/23 maxlen: 23
46.143.238.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:83:7c:74:99:54:7e:c3:57:e0:5a:50:f6:5f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba0dd3d6c7710a7ec01a21c7e8ed43990a8b5942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d8:9b:a2:32:53:a6:83:35:ca:80:78:3b:80:
35:bd:bd:14:c2:cb:70:a4:a9:54:82:4d:7a:0d:10:
18:bf:fa:98:7d:22:08:53:07:d2:60:49:0d:d7:4e:
8c:77:55:70:40:d9:53:2f:c2:77:7e:05:77:72:c8:
2e:88:99:00:72:18:56:c5:6c:99:64:81:ef:b3:7a:
b9:b1:98:97:a0:c5:64:2e:e9:74:f4:6f:84:73:ad:
85:ff:e8:dc:cb:c0:00:01:26:a1:93:74:2b:91:3b:
04:4b:1f:5f:3f:01:f9:01:52:6c:7f:8b:a5:cd:b5:
b7:39:bf:a7:dd:b5:cf:e0:16:ed:29:e4:a7:86:ad:
0d:4c:5a:d4:99:f3:60:52:f2:93:b1:87:f6:9e:37:
0b:5c:c9:5a:3e:d2:50:f8:25:18:15:44:71:e8:3a:
8b:b1:98:e9:41:77:8b:a9:6f:73:44:27:5e:f2:de:
e8:ef:a9:5c:db:94:90:c0:29:4d:45:4b:27:5e:3c:
8c:c5:04:ec:fe:fc:f3:17:bb:25:82:91:44:05:b2:
ed:ed:f8:98:a8:f8:06:e5:98:e7:91:e0:06:3c:f6:
b4:38:73:ff:ce:fa:2f:e7:6a:26:a5:ec:e7:11:9b:
7b:ce:1b:47:7c:9a:a3:07:eb:dd:d8:0c:13:84:be:
a9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:0D:D3:D6:C7:71:0A:7E:C0:1A:21:C7:E8:ED:43:99:0A:8B:59:42
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/ug3T1sdxCn7AGiHH6O1DmQqLWUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.216.0-46.143.239.255
Signature Algorithm: sha256WithRSAEncryption
8b:ba:0e:61:58:61:9f:37:6e:a9:70:5e:35:75:a7:93:da:71:
b7:d4:63:e8:19:9c:c0:1d:2b:bf:59:8f:23:57:5c:ef:b5:d3:
60:6b:23:9e:0b:3a:b3:50:b7:04:30:48:98:43:26:c5:fd:c7:
9f:ca:85:34:75:9a:3b:ae:69:ba:b2:d5:3c:d0:63:46:d7:e0:
b6:7e:de:a2:b2:96:d9:b2:3e:9a:ea:51:89:ee:3d:49:60:90:
69:36:be:fd:59:b2:40:34:b1:2e:8a:8f:6e:e6:62:4a:22:e2:
8e:b1:e0:6a:64:31:27:cb:ad:fb:f9:f5:b6:1e:8c:d2:af:13:
91:1d:ee:52:91:1b:3d:f9:5e:6c:84:ab:9a:39:1d:d3:9b:a0:
e3:e7:40:84:d2:ac:ab:a2:ff:23:b6:22:4f:f4:e2:95:75:28:
00:1f:c2:e7:50:ca:f1:0e:b2:1a:06:79:ad:4b:95:54:2f:d4:
eb:4d:bf:68:1f:5d:81:79:50:18:de:3a:54:c8:9b:44:c7:1d:
5e:96:1e:7e:46:20:d6:dd:62:85:f3:eb:45:95:a1:04:f3:bf:
25:47:51:e5:c7:9c:26:79:2a:a8:f5:1a:98:22:5c:ca:61:26:
ec:6f:bd:af:96:9a:05:64:97:ca:cb:e4:ac:c4:2e:c2:eb:80:
81:c2:39:5e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGt4N8dJlUfsNX4FpQ9l8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTBkZDNkNmM3NzEwYTdlYzAxYTIxYzdlOGVkNDM5OTBhOGI1OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tibojJTpoM1yoB4O4A1vb0Uwstw
pKlUgk16DRAYv/qYfSIIUwfSYEkN106Md1VwQNlTL8J3fgV3csguiJkAchhWxWyZ
ZIHvs3q5sZiXoMVkLul09G+Ec62F/+jcy8AAASahk3QrkTsESx9fPwH5AVJsf4ul
zbW3Ob+n3bXP4BbtKeSnhq0NTFrUmfNgUvKTsYf2njcLXMlaPtJQ+CUYFURx6DqL
sZjpQXeLqW9zRCde8t7o76lc25SQwClNRUsnXjyMxQTs/vzzF7slgpFEBbLt7fiY
qPgG5ZjnkeAGPPa0OHP/zvov52ompeznEZt7zhtHfJqjB+vd2AwThL6p5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLoN09bHcQp+wBohx+jtQ5kKi1lCMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvdWczVDFzZHhDbjdBR2lISDZPMURtUXFMV1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMuj9gD
BAQuj+AwDQYJKoZIhvcNAQELBQADggEBAIu6DmFYYZ83bqlwXjV1p5PacbfUY+gZ
nMAdK79ZjyNXXO+102BrI54LOrNQtwQwSJhDJsX9x5/KhTR1mjuuabqy1TzQY0bX
4LZ+3qKyltmyPprqUYnuPUlgkGk2vv1ZskA0sS6Kj27mYkoi4o6x4GpkMSfLrfv5
9bYejNKvE5Ed7lKRGz35XmyEq5o5HdOboOPnQITSrKui/yO2Ik/04pV1KAAfwudQ
yvEOshoGea1LlVQv1OtNv2gfXYF5UBjeOlTIm0THHV6WHn5GINbdYoXz60WVoQTz
vyVHUeXHnCZ5Kqj1GpgiXMphJuxvva+WmgVkl8rL5KzELsLrgIHCOV4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:59 2025 by rpki-client