Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/U2NKjHX5WYjDY-c9epivYpBbXNA.roa
File: U2NKjHX5WYjDY-c9epivYpBbXNA.roa (raw, json)
Hash identifier: m9/n7s/x1KNlRFDHig7Z4gAAyfUdf52JoPCJQ+UgO8Q=
Subject key identifier: 53:63:4A:8C:75:F9:59:88:C3:63:E7:3D:7A:98:AF:62:90:5B:5C:D0
Certificate issuer: /CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Certificate serial: 018CC4254C422DFE8B7EB1142B39DE21154E
Authority key identifier: F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/U2NKjHX5WYjDY-c9epivYpBbXNA.roa
Signing time: Mon 01 Jan 2024 08:30:27 +0000
ROA not before: Mon 01 Jan 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8267
IP address blocks: 149.156.0.0/16 maxlen: 16
193.193.64.0/21 maxlen: 21
195.150.224.0/19 maxlen: 19
2001:6d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 31 Jul 2024 10:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4c:42:2d:fe:8b:7e:b1:14:2b:39:de:21:15:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Validity
Not Before: Jan 1 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53634a8c75f95988c363e73d7a98af62905b5cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1c:75:27:13:02:8a:61:e6:9d:36:cc:aa:21:
45:72:4b:63:97:ef:36:e2:3c:8a:a1:18:c1:7e:b2:
0d:1d:f6:a9:33:aa:23:9f:d5:ed:65:24:de:7f:8c:
68:0f:66:71:71:15:ba:d7:a0:93:8e:fe:b2:0a:7c:
70:b5:ff:95:29:ad:06:a3:c9:c2:a3:cb:01:4e:54:
cd:b8:7c:2c:06:49:e2:b7:b3:88:a4:fa:45:68:1b:
48:db:59:3f:03:42:d5:1a:e0:93:9a:63:1f:0a:e5:
73:f2:46:50:db:8b:ef:21:0c:3e:45:38:cd:78:e2:
ff:06:7f:d7:72:8b:5c:ee:b6:9d:37:4b:e0:c0:3d:
87:56:78:da:6d:4f:cd:59:90:60:44:7f:06:c9:38:
da:aa:39:1d:0a:9d:cb:07:67:ff:9d:e6:4c:13:02:
24:bc:25:a8:61:f0:30:04:b2:04:4d:7b:26:a7:e5:
11:a6:6d:b7:7b:86:23:db:4f:07:7c:5a:be:e7:38:
2d:f5:1c:89:a6:ab:50:c4:31:ed:8b:e2:97:94:0e:
62:4a:f6:fc:a5:a9:bf:12:5f:05:9c:99:54:16:17:
be:41:0e:16:25:3c:94:5e:bc:f5:09:85:bc:c5:aa:
23:f1:a5:6f:5b:47:25:58:70:0d:61:ff:58:0f:5f:
87:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:63:4A:8C:75:F9:59:88:C3:63:E7:3D:7A:98:AF:62:90:5B:5C:D0
X509v3 Authority Key Identifier:
keyid:F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/U2NKjHX5WYjDY-c9epivYpBbXNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.156.0.0/16
193.193.64.0/21
195.150.224.0/19
IPv6:
2001:6d8::/32
Signature Algorithm: sha256WithRSAEncryption
1e:b0:73:87:4b:f0:cf:56:00:d0:ce:9f:bb:c8:21:a2:30:7b:
66:72:2c:02:52:7a:50:67:34:f1:d2:83:dc:18:12:49:cc:d2:
0c:46:c3:bb:f6:17:8a:a5:6f:88:32:17:1a:79:2d:42:38:f5:
b6:23:5c:23:fb:2d:b9:e4:0b:9d:17:26:c3:43:53:c5:92:d8:
cb:fd:f4:43:22:3c:c6:ce:45:ee:76:6f:51:5a:93:15:37:8f:
77:6d:a2:90:e0:1a:2d:e5:04:54:f9:2d:29:af:d7:f0:09:fd:
d5:78:a5:7b:19:eb:78:0a:b5:e6:83:6b:e8:a8:ae:b3:d2:d0:
5d:61:a8:00:c2:7d:8e:e3:e3:77:6b:c7:c8:28:30:5b:2f:1a:
22:57:a8:91:09:83:06:2e:9f:87:49:a4:e7:9a:78:cb:03:53:
95:09:df:51:4e:29:63:de:e8:e6:c6:29:5d:79:e0:27:ef:98:
6f:68:f1:7f:cd:2a:2c:8d:dc:bd:32:14:05:a9:4d:fc:f0:85:
c0:7d:8f:29:79:c1:4b:4e:ef:ad:ec:52:f4:41:f7:ca:58:31:
e1:16:09:74:97:92:fd:5f:42:ef:35:e5:5a:ed:ec:fe:be:2a:
d9:f6:e8:6e:07:21:fe:9a:ed:a2:4e:1c:c9:80:39:4a:77:9e:
e8:81:47:3c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzEJUxCLf6LfrEUKzneIRVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZjE5ZTIyNGM3M2Y4M2M0ZmRkMTk2ZDA2NjA4YWViM2E4
ODE4MDQwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzYzNGE4Yzc1Zjk1OTg4YzM2M2U3M2Q3YTk4YWY2MjkwNWI1Y2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRx1JxMCimHmnTbMqiFFcktjl+82
4jyKoRjBfrINHfapM6ojn9XtZSTef4xoD2ZxcRW616CTjv6yCnxwtf+VKa0Go8nC
o8sBTlTNuHwsBknit7OIpPpFaBtI21k/A0LVGuCTmmMfCuVz8kZQ24vvIQw+RTjN
eOL/Bn/Xcotc7radN0vgwD2HVnjabU/NWZBgRH8GyTjaqjkdCp3LB2f/neZMEwIk
vCWoYfAwBLIETXsmp+URpm23e4Yj208HfFq+5zgt9RyJpqtQxDHti+KXlA5iSvb8
pam/El8FnJlUFhe+QQ4WJTyUXrz1CYW8xaoj8aVvW0clWHANYf9YD1+H8QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFNjSox1+VmIw2PnPXqYr2KQW1zQMB8GA1UdIwQY
MBaAFPjxniJMc/g8T90ZbQZgius6iBgEMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QR2VJa3h6LUR4UDNSbHRCbUNLNnpxSUdBUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUx
LTE2Y2Q4ZjRmYjRiOS8xL1UyTktqSFg1V1lqRFktYzllcGl2WXBCYlhOQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUxLTE2Y2Q4ZjRmYjRi
OS8xLzEtUEdlSWt4ei1EeFAzUmx0Qm1DSzZ6cUlHQVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMBcEAgABMBEDAwCVnAME
A8HBQAMEBcOW4DANBAIAAjAHAwUAIAEG2DANBgkqhkiG9w0BAQsFAAOCAQEAHrBz
h0vwz1YA0M6fu8ghojB7ZnIsAlJ6UGc08dKD3BgSSczSDEbDu/YXiqVviDIXGnkt
Qjj1tiNcI/stueQLnRcmw0NTxZLYy/30QyI8xs5F7nZvUVqTFTePd22ikOAaLeUE
VPktKa/X8An91XilexnreAq15oNr6Kius9LQXWGoAMJ9juPjd2vHyCgwWy8aIleo
kQmDBi6fh0mk55p4ywNTlQnfUU4pY97o5sYpXXngJ++Yb2jxf80qLI3cvTIUBalN
/PCFwH2PKXnBS07vrexS9EH3ylgx4RYJdJeS/V9C7zXlWu3s/r4q2fbobgch/prt
ok4cyYA5Snee6IFHPA==
-----END CERTIFICATE-----
Generated at Wed Jul 31 12:40:22 2024 by rpki-client on console-fra.rpki-client.org