Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/uCr3wsSV16niwIIIeWHNsUKb9nk.roa
File: uCr3wsSV16niwIIIeWHNsUKb9nk.roa (raw, json)
Hash identifier: gNT5KD7dUwXhuvbp+i1N7ysjJiIfUMghIEA3N1JG3Mg=
Subject key identifier: B8:2A:F7:C2:C4:95:D7:A9:E2:C0:82:08:79:61:CD:B1:42:9B:F6:79
Certificate issuer: /CN=cc6532649a6aef4714841b9c8f54660d889b0629
Certificate serial: 018CC5DCD9E18B5BDCAC4036B8BA12A3FF23
Authority key identifier: CC:65:32:64:9A:6A:EF:47:14:84:1B:9C:8F:54:66:0D:88:9B:06:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/uCr3wsSV16niwIIIeWHNsUKb9nk.roa
Signing time: Mon 01 Jan 2024 16:30:34 +0000
ROA not before: Mon 01 Jan 2024 16:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 195.234.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d9:e1:8b:5b:dc:ac:40:36:b8:ba:12:a3:ff:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc6532649a6aef4714841b9c8f54660d889b0629
Validity
Not Before: Jan 1 16:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b82af7c2c495d7a9e2c082087961cdb1429bf679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:71:12:48:65:ca:b6:5a:3d:f8:d8:99:27:51:
0e:2d:d4:e1:34:6e:0b:f7:a5:28:8e:de:bd:60:12:
62:49:d3:90:75:51:7e:a2:f0:69:4c:48:66:66:fd:
fc:65:7e:1e:0f:18:a4:fd:03:88:6b:6f:81:6d:b1:
2f:c6:59:23:59:7d:5e:0c:7e:4d:0d:74:f6:41:b6:
31:f1:95:d0:ca:f3:c9:70:bd:90:fa:dd:b8:c9:04:
3f:12:6c:d4:ab:82:84:94:d3:c9:86:41:a3:a1:bd:
9d:56:d1:5f:45:56:ca:c2:02:f7:24:8d:4b:2a:aa:
a4:7c:1d:e8:fb:fc:12:ea:e1:0e:e6:a4:58:83:bc:
25:29:76:5a:3b:91:4f:e8:a7:3e:b5:20:53:71:5a:
ee:ac:cf:a3:a3:aa:04:6d:5b:f7:c4:76:9a:2e:c0:
57:82:e0:3a:2c:28:99:7d:8a:60:cf:01:18:49:84:
e4:be:78:62:2d:93:83:0b:0e:c8:7a:2a:10:23:b2:
ec:30:5d:1f:3d:75:78:fd:e9:02:68:84:39:28:85:
87:dd:8d:eb:11:a7:98:79:a8:e2:38:e9:22:8c:29:
f2:48:12:0c:33:b2:fa:9b:ad:b4:d6:b4:46:43:50:
23:0d:74:63:9f:91:d7:31:ec:15:5c:cd:e4:4d:e6:
95:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2A:F7:C2:C4:95:D7:A9:E2:C0:82:08:79:61:CD:B1:42:9B:F6:79
X509v3 Authority Key Identifier:
keyid:CC:65:32:64:9A:6A:EF:47:14:84:1B:9C:8F:54:66:0D:88:9B:06:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/uCr3wsSV16niwIIIeWHNsUKb9nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/zGUyZJpq70cUhBucj1RmDYibBik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.145.0/24
Signature Algorithm: sha256WithRSAEncryption
51:36:1c:f2:a9:50:8d:92:68:1b:ba:48:c6:16:a6:9a:f7:79:
ab:e3:03:d7:c3:6f:75:1a:7c:5d:b3:85:03:37:df:eb:d3:ed:
c6:3f:3f:df:e2:72:02:cd:6d:30:a2:c2:db:62:51:e9:79:97:
17:0a:c7:a5:27:90:72:19:a8:c3:c4:fe:52:41:47:63:33:ae:
cd:6e:cd:5e:56:db:08:4c:08:ce:4f:1c:e2:e3:cf:18:44:dc:
82:8b:26:cf:d3:ec:db:58:36:cd:47:53:58:db:01:55:18:e0:
70:8e:39:98:da:c2:2f:96:0b:fb:d7:8f:9f:7a:ef:df:d9:52:
4a:71:cf:6a:e2:0f:09:6c:17:2d:2f:e6:f9:44:d1:82:a7:95:
33:a1:f8:54:f7:6b:83:d9:ab:56:a8:5b:9f:52:59:4c:b7:19:
cf:0e:5a:53:24:e7:76:27:04:e7:ac:7a:45:a7:e9:7f:7e:c8:
9c:26:fa:d9:46:af:89:81:6a:24:91:9b:03:77:87:49:d7:4d:
ea:51:b9:7f:f0:ae:ca:d0:db:94:74:d3:1a:3d:65:e5:f3:02:
56:cd:d2:42:bb:dc:2b:d8:e0:da:92:d5:19:0e:e6:fb:42:12:
ed:c7:60:9c:48:f6:fb:ea:55:5b:63:d4:fe:fe:70:38:b8:cd:
4e:4b:5c:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Nnhi1vcrEA2uLoSo/8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNjUzMjY0OWE2YWVmNDcxNDg0MWI5YzhmNTQ2NjBkODg5
YjA2MjkwHhcNMjQwMTAxMTYzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODJhZjdjMmM0OTVkN2E5ZTJjMDgyMDg3OTYxY2RiMTQyOWJmNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXESSGXKtlo9+NiZJ1EOLdThNG4L
96Uojt69YBJiSdOQdVF+ovBpTEhmZv38ZX4eDxik/QOIa2+BbbEvxlkjWX1eDH5N
DXT2QbYx8ZXQyvPJcL2Q+t24yQQ/EmzUq4KElNPJhkGjob2dVtFfRVbKwgL3JI1L
KqqkfB3o+/wS6uEO5qRYg7wlKXZaO5FP6Kc+tSBTcVrurM+jo6oEbVv3xHaaLsBX
guA6LCiZfYpgzwEYSYTkvnhiLZODCw7IeioQI7LsMF0fPXV4/ekCaIQ5KIWH3Y3r
EaeYeajiOOkijCnySBIMM7L6m6201rRGQ1AjDXRjn5HXMewVXM3kTeaVCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgq98LEldep4sCCCHlhzbFCm/Z5MB8GA1UdIwQY
MBaAFMxlMmSaau9HFIQbnI9UZg2ImwYpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekdVeVpKcHE3MGNVaEJ1Y2oxUm1EWWliQmlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zMTBkMzQtZjVkOC00ZTk2LTliN2Mt
NjQ4ZjUwMWFmYWU1LzEvdUNyM3dzU1YxNm5pd0lJSWVXSE5zVUtiOW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zMTBkMzQtZjVkOC00ZTk2LTliN2MtNjQ4ZjUwMWFmYWU1
LzEvekdVeVpKcHE3MGNVaEJ1Y2oxUm1EWWliQmlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qRMA0G
CSqGSIb3DQEBCwUAA4IBAQBRNhzyqVCNkmgbukjGFqaa93mr4wPXw291Gnxds4UD
N9/r0+3GPz/f4nICzW0wosLbYlHpeZcXCselJ5ByGajDxP5SQUdjM67Nbs1eVtsI
TAjOTxzi488YRNyCiybP0+zbWDbNR1NY2wFVGOBwjjmY2sIvlgv714+feu/f2VJK
cc9q4g8JbBctL+b5RNGCp5UzofhU92uD2atWqFufUllMtxnPDlpTJOd2JwTnrHpF
p+l/fsicJvrZRq+JgWokkZsDd4dJ103qUbl/8K7K0NuUdNMaPWXl8wJWzdJCu9wr
2ODaktUZDub7QhLtx2CcSPb76lVbY9T+/nA4uM1OS1z4
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:33 2025 by rpki-client