Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/ukfJ_BuLpS-ToVMlayNS4u_kRO0.roa
File: ukfJ_BuLpS-ToVMlayNS4u_kRO0.roa (raw, json)
Hash identifier: P0gjQWUbtXngsbPw12oYajR9nA89wc7HPsDhSg6r8xw=
Subject key identifier: BA:47:C9:FC:1B:8B:A5:2F:93:A1:53:25:6B:23:52:E2:EF:E4:44:ED
Certificate issuer: /CN=9bbae6e3ed766de47aba6693bb5af8a648974310
Certificate serial: 01856BCA2A9C83102E4AC6A20291FF188D34
Authority key identifier: 9B:BA:E6:E3:ED:76:6D:E4:7A:BA:66:93:BB:5A:F8:A6:48:97:43:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/ukfJ_BuLpS-ToVMlayNS4u_kRO0.roa
Signing time: Sun 01 Jan 2023 05:24:49 +0000
ROA not before: Sun 01 Jan 2023 05:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50825
IP address blocks: 185.63.96.0/22 maxlen: 24
5.181.92.0/22 maxlen: 24
78.24.96.0/22 maxlen: 24
178.17.0.0/20 maxlen: 24
2a03:c20::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:2a:9c:83:10:2e:4a:c6:a2:02:91:ff:18:8d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bbae6e3ed766de47aba6693bb5af8a648974310
Validity
Not Before: Jan 1 05:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba47c9fc1b8ba52f93a153256b2352e2efe444ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d0:d2:a8:b7:17:0e:c6:bc:65:e6:14:2c:e4:
41:a3:30:b9:bc:4e:58:f7:1d:17:4f:a9:18:bf:4b:
b9:26:3a:ee:6e:52:f6:dd:6a:60:a5:2f:7a:7b:82:
ff:38:4d:a7:04:6e:63:0c:fe:79:7d:8b:8d:29:ba:
22:79:37:c2:79:2d:7d:98:80:b7:d3:9e:d7:46:a2:
d9:fe:b4:93:44:7f:8c:11:d0:dc:68:55:bb:8b:4c:
78:7a:1b:39:30:dd:66:6d:9d:55:c4:80:f8:e2:32:
2e:b6:4c:43:04:1d:cf:89:d8:dc:6d:5a:3c:98:75:
9f:0b:e7:ab:fa:bc:3c:a4:b6:c2:1a:48:54:13:3c:
f4:fd:4f:a6:d5:d7:be:61:54:7b:d1:68:17:92:14:
2a:55:20:70:8c:67:44:97:14:c1:5c:0e:b9:3d:56:
43:80:a2:a3:6b:8e:10:b6:cf:d6:ac:a6:7c:97:4d:
63:2d:ad:d4:89:f8:81:a5:8d:e7:5f:77:4b:e8:61:
a5:5f:7b:25:f3:8d:73:22:cf:c2:d0:1f:d4:55:26:
a2:cd:3a:a9:d3:0e:7c:02:2d:39:60:57:cc:27:6b:
48:54:30:b5:0e:4d:f9:a0:b3:48:22:1a:a0:0b:7a:
56:3b:6d:94:d9:ce:b6:4e:54:2c:3a:90:76:c0:5a:
35:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:47:C9:FC:1B:8B:A5:2F:93:A1:53:25:6B:23:52:E2:EF:E4:44:ED
X509v3 Authority Key Identifier:
keyid:9B:BA:E6:E3:ED:76:6D:E4:7A:BA:66:93:BB:5A:F8:A6:48:97:43:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7rm4-12beR6umaTu1r4pkiXQxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/ukfJ_BuLpS-ToVMlayNS4u_kRO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3953b-b942-4b75-9c9d-985c64fe27ee/1/m7rm4-12beR6umaTu1r4pkiXQxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.92.0/22
78.24.96.0/22
178.17.0.0/20
185.63.96.0/22
IPv6:
2a03:c20::/29
Signature Algorithm: sha256WithRSAEncryption
41:68:f1:f6:18:8d:8c:c6:4c:28:56:0d:fb:c3:80:ac:c8:60:
d4:dd:a1:f2:a5:62:38:a9:ca:97:52:f9:bf:1e:6d:82:0f:73:
b7:fd:f2:83:61:f2:81:59:3b:59:b4:d6:06:f0:e8:84:1f:80:
58:1a:c1:a5:35:fa:01:94:25:34:01:4a:87:9b:e2:df:d4:ba:
f3:1d:d3:6b:24:bc:54:e6:10:21:77:27:3e:ce:71:c2:9e:27:
41:f7:fe:59:b0:a0:d0:fc:63:8d:74:e9:5b:f6:8a:85:f4:bd:
e1:92:1f:09:34:b4:53:74:68:2d:69:12:0d:89:44:3c:39:35:
89:79:f3:18:d4:87:20:3b:63:53:3b:01:5c:a6:dc:04:ea:b5:
fe:16:3c:6a:d5:d7:f7:96:94:76:a5:5f:40:8f:c9:97:88:99:
39:53:aa:10:a8:be:df:c3:33:67:c9:72:9c:b4:59:c2:d7:5a:
1d:6a:46:88:29:31:2c:c8:19:8d:88:8e:cc:1d:29:4d:a8:51:
ce:ae:89:e4:da:66:bc:ee:f6:9f:2d:ca:15:dc:84:09:19:e3:
75:6e:b8:04:cf:05:ca:3a:90:33:ba:ce:ec:e1:2b:56:da:86:
38:40:95:a4:0d:55:c0:cf:30:01:bf:5f:0e:d5:93:fd:27:da:
fb:80:c8:21
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVryiqcgxAuSsaiApH/GI00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYmFlNmUzZWQ3NjZkZTQ3YWJhNjY5M2JiNWFmOGE2NDg5
NzQzMTAwHhcNMjMwMTAxMDUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQ3YzlmYzFiOGJhNTJmOTNhMTUzMjU2YjIzNTJlMmVmZTQ0NGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNDSqLcXDsa8ZeYULORBozC5vE5Y
9x0XT6kYv0u5JjrublL23WpgpS96e4L/OE2nBG5jDP55fYuNKboieTfCeS19mIC3
057XRqLZ/rSTRH+MEdDcaFW7i0x4ehs5MN1mbZ1VxID44jIutkxDBB3PidjcbVo8
mHWfC+er+rw8pLbCGkhUEzz0/U+m1de+YVR70WgXkhQqVSBwjGdElxTBXA65PVZD
gKKja44Qts/WrKZ8l01jLa3UifiBpY3nX3dL6GGlX3sl841zIs/C0B/UVSaizTqp
0w58Ai05YFfMJ2tIVDC1Dk35oLNIIhqgC3pWO22U2c62TlQsOpB2wFo1wQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLpHyfwbi6Uvk6FTJWsjUuLv5ETtMB8GA1UdIwQY
MBaAFJu65uPtdm3kerpmk7ta+KZIl0MQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTdybTQtMTJiZVI2dW1hVHUxcjRwa2lYUXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kMzk1M2ItYjk0Mi00Yjc1LTljOWQt
OTg1YzY0ZmUyN2VlLzEvdWtmSl9CdUxwUy1Ub1ZNbGF5TlM0dV9rUk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kMzk1M2ItYjk0Mi00Yjc1LTljOWQtOTg1YzY0ZmUyN2Vl
LzEvbTdybTQtMTJiZVI2dW1hVHUxcjRwa2lYUXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBbVcAwQC
ThhgAwQEshEAAwQCuT9gMA0EAgACMAcDBQMqAwwgMA0GCSqGSIb3DQEBCwUAA4IB
AQBBaPH2GI2MxkwoVg37w4CsyGDU3aHypWI4qcqXUvm/Hm2CD3O3/fKDYfKBWTtZ
tNYG8OiEH4BYGsGlNfoBlCU0AUqHm+Lf1LrzHdNrJLxU5hAhdyc+znHCnidB9/5Z
sKDQ/GONdOlb9oqF9L3hkh8JNLRTdGgtaRINiUQ8OTWJefMY1IcgO2NTOwFcptwE
6rX+Fjxq1df3lpR2pV9Aj8mXiJk5U6oQqL7fwzNnyXKctFnC11odakaIKTEsyBmN
iI7MHSlNqFHOronk2ma87vafLcoV3IQJGeN1brgEzwXKOpAzus7s4StW2oY4QJWk
DVXAzzABv18O1ZP9J9r7gMgh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:22 2024 by rpki-client on console-ams.rpki-client.org