Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/uoWV7MMzn3AnRE_gKTcrUP-b4Ok.roa
File: uoWV7MMzn3AnRE_gKTcrUP-b4Ok.roa (raw, json)
Hash identifier: uN1GHLjKYRfZ5EMKbcr39g1ywveU6cpqZXuIVANglSk=
Subject key identifier: BA:85:95:EC:C3:33:9F:70:27:44:4F:E0:29:37:2B:50:FF:9B:E0:E9
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01946E30E9565C4BB708B762881C96EFC9A0
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/uoWV7MMzn3AnRE_gKTcrUP-b4Ok.roa
Signing time: Thu 16 Jan 2025 08:18:06 +0000
ROA not before: Thu 16 Jan 2025 08:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 213.18.245.0/24 maxlen: 24
217.180.17.0/24 maxlen: 24
217.181.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 08:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:30:e9:56:5c:4b:b7:08:b7:62:88:1c:96:ef:c9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 16 08:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba8595ecc3339f7027444fe029372b50ff9be0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:91:ed:19:05:6d:f8:08:9a:fb:11:ba:93:d5:
6d:8f:cc:1d:8e:17:00:51:35:77:e5:f2:58:9d:81:
da:ee:d9:5c:f0:c2:8a:65:52:81:fa:98:1a:e8:75:
16:09:1b:bd:eb:09:a0:0f:9c:ee:cd:c6:ac:1e:42:
55:37:89:bd:dd:5d:3a:f2:fe:d1:14:6e:89:9a:0f:
5f:3d:db:09:08:29:21:01:75:e6:2e:f5:6a:aa:bb:
ab:8f:ba:dd:1e:01:cc:2c:b0:0c:7c:0e:bb:21:68:
66:fa:83:2c:4b:88:3f:a2:b0:07:63:a7:4a:90:99:
b7:ae:30:2d:47:8b:49:41:f8:88:47:2e:c5:cd:37:
d0:17:23:8f:ee:c6:5e:25:9e:16:e0:4f:e3:fb:f2:
24:05:38:cf:d2:9d:3d:7e:79:14:04:55:dd:bb:9b:
74:7d:52:15:76:6f:76:81:87:45:69:84:62:03:32:
df:a1:48:9e:84:c5:08:b7:fa:fb:3c:57:b2:7f:79:
4e:af:24:62:22:ee:c9:fc:e9:04:8f:fb:44:38:8f:
e5:a7:0a:3d:79:5d:c0:de:e1:b3:17:4c:90:32:b6:
a4:37:02:7d:4a:4c:bd:e5:91:04:5f:8c:c2:39:ee:
64:01:b1:18:9a:03:55:9c:4d:8c:93:b6:09:ca:a1:
aa:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:85:95:EC:C3:33:9F:70:27:44:4F:E0:29:37:2B:50:FF:9B:E0:E9
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/uoWV7MMzn3AnRE_gKTcrUP-b4Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.245.0/24
217.180.17.0/24
217.181.64.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:6e:bf:32:15:fc:cd:53:f8:ef:4c:0b:8a:cd:4e:f4:04:eb:
65:33:bf:0c:d0:22:bf:8a:7f:e5:35:b8:32:32:95:be:9f:91:
91:ef:74:e9:27:84:af:6d:56:d3:91:08:3c:f0:aa:04:a5:89:
bc:09:3c:b7:54:f1:a5:bf:0c:30:b5:a1:1c:6f:7a:df:05:c1:
cb:32:95:77:c9:b0:11:03:bc:f6:f5:5e:87:c8:bd:b5:a0:f3:
80:d3:48:d3:01:67:0d:98:59:bb:eb:bc:43:b4:85:52:0e:40:
67:ee:a6:3e:fc:8e:0e:f6:e0:c1:ef:d5:69:ee:18:eb:af:ef:
97:4a:df:0d:a5:ae:8b:c0:32:11:6d:52:37:71:33:66:76:a2:
10:6e:57:af:ee:eb:51:ed:8b:d4:e1:99:5c:4b:45:c0:98:ef:
89:b7:94:3e:c8:b6:e5:d5:0b:1e:38:25:68:ee:cb:b5:86:4f:
6a:32:be:d4:2a:68:04:41:03:a5:e3:c3:c2:2a:ef:0c:34:fd:
f9:29:0d:82:3f:c7:9f:1a:ce:7a:94:52:ce:4f:09:b3:69:f9:
da:bb:76:d1:c7:09:b0:28:cc:32:42:b9:ce:f6:0f:03:58:f4:
25:50:f3:6a:2c:d1:be:0c:08:fe:19:5a:3b:11:73:be:9f:41:
c9:77:e8:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRuMOlWXEu3CLdiiByW78mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTE2MDgxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg1OTVlY2MzMzM5ZjcwMjc0NDRmZTAyOTM3MmI1MGZmOWJlMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZHtGQVt+Aia+xG6k9Vtj8wdjhcA
UTV35fJYnYHa7tlc8MKKZVKB+pga6HUWCRu96wmgD5zuzcasHkJVN4m93V068v7R
FG6Jmg9fPdsJCCkhAXXmLvVqqrurj7rdHgHMLLAMfA67IWhm+oMsS4g/orAHY6dK
kJm3rjAtR4tJQfiIRy7FzTfQFyOP7sZeJZ4W4E/j+/IkBTjP0p09fnkUBFXdu5t0
fVIVdm92gYdFaYRiAzLfoUiehMUIt/r7PFeyf3lOryRiIu7J/OkEj/tEOI/lpwo9
eV3A3uGzF0yQMrakNwJ9Sky95ZEEX4zCOe5kAbEYmgNVnE2Mk7YJyqGqVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLqFlezDM59wJ0RP4Ck3K1D/m+DpMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvdW9XVjdNTXpuM0FuUkVfZ0tUY3JVUC1iNE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1RL1AwQA
2bQRAwQC2bVAMA0GCSqGSIb3DQEBCwUAA4IBAQCrbr8yFfzNU/jvTAuKzU70BOtl
M78M0CK/in/lNbgyMpW+n5GR73TpJ4SvbVbTkQg88KoEpYm8CTy3VPGlvwwwtaEc
b3rfBcHLMpV3ybARA7z29V6HyL21oPOA00jTAWcNmFm767xDtIVSDkBn7qY+/I4O
9uDB79Vp7hjrr++XSt8Npa6LwDIRbVI3cTNmdqIQblev7utR7YvU4ZlcS0XAmO+J
t5Q+yLbl1QseOCVo7su1hk9qMr7UKmgEQQOl48PCKu8MNP35KQ2CP8efGs56lFLO
Twmzafnau3bRxwmwKMwyQrnO9g8DWPQlUPNqLNG+DAj+GVo7EXO+n0HJd+hW
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:52:37 2025 by rpki-client