Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UZCgk10oCwSBpOOVnNq6f_9CiaA.roa
File: UZCgk10oCwSBpOOVnNq6f_9CiaA.roa (raw, json)
Hash identifier: oIpl9o99teIunJuvmTBtRVuL4fih/s/e/ET48Pk38VU=
Subject key identifier: 51:90:A0:93:5D:28:0B:04:81:A4:E3:95:9C:DA:BA:7F:FF:42:89:A0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421443B750226D0DF14BA204394AD3126
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UZCgk10oCwSBpOOVnNq6f_9CiaA.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398465
IP address blocks: 82.153.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 09:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3b:75:02:26:d0:df:14:ba:20:43:94:ad:31:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5190a0935d280b0481a4e3959cdaba7fff4289a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9c:5a:61:93:aa:0d:06:a4:86:db:03:9e:1d:
de:fa:23:6f:74:eb:95:35:a2:5c:dd:8f:78:4a:97:
c2:50:16:20:5d:00:e6:60:2f:f1:c2:20:0f:f4:9f:
c0:05:dd:23:04:2c:38:a5:82:f0:bb:86:f5:c0:b2:
f4:52:6e:d0:40:5a:f4:47:c3:3e:54:27:8d:f3:62:
71:21:59:4d:36:fe:65:4b:58:55:ab:93:4e:ee:05:
b6:ef:97:e0:45:31:14:85:df:ee:fe:56:cc:d1:d9:
0b:c6:11:74:6e:28:41:28:c6:bd:7a:94:dd:58:9d:
b6:49:f5:0e:a5:8d:0e:67:48:12:0f:a3:5c:dc:35:
13:1c:f9:69:20:d6:b3:98:40:38:36:eb:a3:50:c3:
09:f8:99:c8:42:f4:75:48:fb:4e:7a:d6:78:4d:5d:
25:34:19:27:ac:4e:33:69:45:5d:a0:c5:1c:b6:8e:
c1:7f:e9:bb:4e:d1:bd:78:bf:e7:11:36:f0:61:48:
ba:d3:f5:4a:9b:37:e4:82:fe:60:55:af:fd:82:ab:
be:40:8f:f5:9e:3e:3c:38:f8:3d:35:35:4c:ac:3c:
d8:1d:24:45:3b:60:b8:97:04:19:2e:02:d0:cd:9c:
23:9d:fc:22:d0:e9:9e:f4:e7:da:d5:5c:db:ef:e9:
2e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:90:A0:93:5D:28:0B:04:81:A4:E3:95:9C:DA:BA:7F:FF:42:89:A0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UZCgk10oCwSBpOOVnNq6f_9CiaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.50.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:29:1d:6a:6e:80:41:f5:48:40:b0:7b:db:f3:a0:d2:d6:42:
b6:6d:bc:ea:27:3d:77:bd:8d:c3:4e:f1:28:7a:54:87:67:90:
b9:0f:6d:7f:47:92:40:97:60:9a:eb:41:bd:d8:5b:54:0b:95:
23:f5:9e:d5:96:b0:0b:5c:b2:5f:d7:db:ac:44:73:0d:b5:56:
fb:db:83:50:19:90:83:74:4a:96:50:dc:aa:08:72:ca:2f:48:
db:c6:f0:d5:5f:d3:f0:22:df:1d:2a:d5:ca:96:57:35:79:69:
4b:f2:f5:23:b2:1e:fc:23:b0:f2:54:90:41:1a:82:6b:5c:5a:
45:54:5f:77:54:c7:22:c8:aa:93:cb:f0:c8:73:c8:2d:30:8a:
2a:e7:e3:53:cd:04:2a:0d:28:18:0a:1a:dc:52:20:1f:9d:8b:
97:1f:59:a3:e4:cb:3f:b2:73:18:a8:3f:0b:4a:b9:cd:2b:55:
79:73:67:c5:58:18:b0:8c:ff:1a:66:a7:fb:8c:d5:82:65:0e:
6f:d3:c4:66:dd:56:c0:cf:8f:8e:fc:5b:b6:37:80:90:18:a2:
e9:f8:35:27:b0:d6:13:25:16:9b:e9:b7:e7:8c:e6:0a:58:22:
c5:37:87:d0:d1:3a:e8:a1:cd:1c:78:d5:ed:90:f2:8c:27:95:
7e:71:ea:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDt1AibQ3xS6IEOUrTEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTkwYTA5MzVkMjgwYjA0ODFhNGUzOTU5Y2RhYmE3ZmZmNDI4OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5xaYZOqDQakhtsDnh3e+iNvdOuV
NaJc3Y94SpfCUBYgXQDmYC/xwiAP9J/ABd0jBCw4pYLwu4b1wLL0Um7QQFr0R8M+
VCeN82JxIVlNNv5lS1hVq5NO7gW275fgRTEUhd/u/lbM0dkLxhF0bihBKMa9epTd
WJ22SfUOpY0OZ0gSD6Nc3DUTHPlpINazmEA4NuujUMMJ+JnIQvR1SPtOetZ4TV0l
NBknrE4zaUVdoMUcto7Bf+m7TtG9eL/nETbwYUi60/VKmzfkgv5gVa/9gqu+QI/1
nj48OPg9NTVMrDzYHSRFO2C4lwQZLgLQzZwjnfwi0Ome9Ofa1Vzb7+kuVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGQoJNdKAsEgaTjlZzaun//QomgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVVpDZ2sxMG9Dd1NCcE9PVm5OcTZmXzlDaWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkyMA0G
CSqGSIb3DQEBCwUAA4IBAQCiKR1qboBB9UhAsHvb86DS1kK2bbzqJz13vY3DTvEo
elSHZ5C5D21/R5JAl2Ca60G92FtUC5Uj9Z7VlrALXLJf19usRHMNtVb724NQGZCD
dEqWUNyqCHLKL0jbxvDVX9PwIt8dKtXKllc1eWlL8vUjsh78I7DyVJBBGoJrXFpF
VF93VMciyKqTy/DIc8gtMIoq5+NTzQQqDSgYChrcUiAfnYuXH1mj5Ms/snMYqD8L
SrnNK1V5c2fFWBiwjP8aZqf7jNWCZQ5v08Rm3VbAz4+O/Fu2N4CQGKLp+DUnsNYT
JRab6bfnjOYKWCLFN4fQ0Trooc0ceNXtkPKMJ5V+cer+
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:49:51 2025 by rpki-client