Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/UGWZytFXBSTiJgNKNCCarirukKc.roa
File: UGWZytFXBSTiJgNKNCCarirukKc.roa (raw, json)
Hash identifier: 3ZLhMwlpW668mhfvkUGZf0jI6WrEGECOTuhia2dkomI=
Subject key identifier: 50:65:99:CA:D1:57:05:24:E2:26:03:4A:34:20:9A:AE:2A:EE:90:A7
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 018CC3B7436A0530EE6696E9CAD2D42A5B67
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/UGWZytFXBSTiJgNKNCCarirukKc.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 146.109.0.0/16 maxlen: 24
185.210.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:43:6a:05:30:ee:66:96:e9:ca:d2:d4:2a:5b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=506599cad1570524e226034a34209aae2aee90a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c1:37:67:3b:fc:14:de:b2:75:7f:be:36:3d:
01:ed:56:fd:22:4e:75:17:59:35:6c:77:be:19:4e:
ae:8d:0d:43:0f:73:8e:38:2f:42:1d:90:d6:7a:3e:
94:8a:1e:a3:27:81:82:51:03:45:1f:ef:d5:8a:b1:
0d:fa:51:93:51:f2:ab:cb:6e:c8:0e:18:66:08:d8:
71:f0:32:64:ab:74:2b:33:28:bc:0b:10:50:26:e4:
67:14:c1:05:d0:18:f5:0c:de:5b:80:93:bf:85:5d:
82:c3:81:3d:6c:a6:df:8f:7d:59:20:30:39:8a:3e:
ac:6c:30:be:d3:5c:e7:07:f9:db:29:cd:0c:7a:f1:
4d:69:bf:76:30:2a:79:a2:f4:3c:0b:fe:c9:ad:9d:
b5:75:5e:94:2c:3a:03:64:82:0d:ca:b4:25:6d:93:
be:ae:11:e2:82:51:a9:e0:80:f8:14:ed:23:3e:c5:
3f:19:18:4c:88:98:83:8b:a3:ca:e0:4b:52:03:90:
13:27:c3:83:4c:2e:22:f4:f2:66:72:50:35:e0:0e:
f1:ae:6f:20:29:88:81:3b:61:a8:97:85:1f:14:cf:
42:ec:a8:af:49:d9:ae:6c:66:ea:b4:ba:de:3b:75:
60:d3:c3:6c:70:5e:97:66:ba:3e:5b:51:d5:f6:bc:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:65:99:CA:D1:57:05:24:E2:26:03:4A:34:20:9A:AE:2A:EE:90:A7
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/UGWZytFXBSTiJgNKNCCarirukKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.0.0/16
185.210.32.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:7c:49:71:a8:81:b5:a6:68:43:6c:8b:7b:bd:24:ba:36:c4:
5a:5a:3d:15:ce:aa:a5:d3:db:60:93:3f:9e:a0:20:7d:07:38:
05:86:63:18:c9:f5:4f:99:e1:08:a6:fd:6e:7f:8d:29:b7:ea:
84:12:e2:03:9c:56:95:38:77:d0:d9:1b:18:78:94:a8:a4:b4:
9e:70:00:2b:27:dd:11:b3:6d:7e:d5:f6:97:09:07:fb:2a:2b:
cb:65:53:5c:db:15:02:42:e8:69:98:60:b4:55:3c:ec:fe:fa:
82:aa:04:8f:1a:d9:36:fe:ec:d7:0f:b3:09:e3:ba:c1:f3:80:
fc:8b:21:e2:12:40:3e:c7:98:47:94:a1:4a:60:66:14:64:7f:
90:be:5b:8f:05:62:ac:eb:e2:4b:01:c7:ed:98:a6:25:93:f2:
c0:f8:c0:a2:de:ef:47:ee:96:8e:8b:a0:1b:4c:63:d5:d9:30:
2f:bd:d3:6d:de:55:84:6e:8a:a0:35:c9:d4:3e:ed:35:05:58:
58:a3:de:fa:ea:d2:c2:4d:45:27:cf:5b:13:d2:0e:cd:db:d8:
13:26:ed:3b:76:d3:ec:72:72:8d:25:76:4b:8e:0b:58:f7:6c:
ee:ed:c0:5f:f2:7d:aa:30:84:7f:33:bf:49:26:fa:7a:3c:34:
8a:36:5e:bf
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzDt0NqBTDuZpbpytLUKltnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjQyNzc2YmU1MzJiZDA1NzUzMzI4NTVkOGM0MmM0OTUy
ZWQ5MzEwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY1OTljYWQxNTcwNTI0ZTIyNjAzNGEzNDIwOWFhZTJhZWU5MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58E3Zzv8FN6ydX++Nj0B7Vb9Ik51
F1k1bHe+GU6ujQ1DD3OOOC9CHZDWej6Uih6jJ4GCUQNFH+/VirEN+lGTUfKry27I
DhhmCNhx8DJkq3QrMyi8CxBQJuRnFMEF0Bj1DN5bgJO/hV2Cw4E9bKbfj31ZIDA5
ij6sbDC+01znB/nbKc0MevFNab92MCp5ovQ8C/7JrZ21dV6ULDoDZIINyrQlbZO+
rhHiglGp4ID4FO0jPsU/GRhMiJiDi6PK4EtSA5ATJ8ODTC4i9PJmclA14A7xrm8g
KYiBO2Gol4UfFM9C7KivSdmubGbqtLreO3Vg08NscF6XZro+W1HV9rwMIQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFFBlmcrRVwUk4iYDSjQgmq4q7pCnMB8GA1UdIwQY
MBaAFOz0J3a+UyvQV1MyhV2MQsSVLtkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgt
NWU1M2MyM2I1NWIwLzEvVUdXWnl0RlhCU1RpSmdOS05DQ2FyaXJ1a0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgtNWU1M2MyM2I1NWIw
LzEvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAkm0DBAK5
0iAwDQYJKoZIhvcNAQELBQADggEBAH58SXGogbWmaENsi3u9JLo2xFpaPRXOqqXT
22CTP56gIH0HOAWGYxjJ9U+Z4Qim/W5/jSm36oQS4gOcVpU4d9DZGxh4lKiktJ5w
ACsn3RGzbX7V9pcJB/sqK8tlU1zbFQJC6GmYYLRVPOz++oKqBI8a2Tb+7NcPswnj
usHzgPyLIeISQD7HmEeUoUpgZhRkf5C+W48FYqzr4ksBx+2YpiWT8sD4wKLe70fu
lo6LoBtMY9XZMC+9023eVYRuiqA1ydQ+7TUFWFij3vrq0sJNRSfPWxPSDs3b2BMm
7Tt20+xyco0ldkuOC1j3bO7twF/yfaowhH8zv0km+no8NIo2Xr8=
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:56:57 2025 by rpki-client