Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UozV45ymVI0hCp7pbKGdefvBLEg.roa
File: UozV45ymVI0hCp7pbKGdefvBLEg.roa (raw, json)
Hash identifier: zRoh1C5Yv43ZfMwokkdb58UAGvRTg9jj44vutRQIbIA=
Subject key identifier: 52:8C:D5:E3:9C:A6:54:8D:21:0A:9E:E9:6C:A1:9D:79:FB:C1:2C:48
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942144048DA373BC0821729600ED551FE9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UozV45ymVI0hCp7pbKGdefvBLEg.roa
Signing time: Wed 01 Jan 2025 09:48:13 +0000
ROA not before: Wed 01 Jan 2025 09:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203758
IP address blocks: 82.153.70.0/24 maxlen: 24
109.176.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 09:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:04:8d:a3:73:bc:08:21:72:96:00:ed:55:1f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=528cd5e39ca6548d210a9ee96ca19d79fbc12c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:78:cb:05:90:7c:e4:e7:35:94:2e:ab:c8:d8:
fb:dd:8b:87:ce:9e:70:cb:25:4f:ad:5f:e6:38:73:
bd:a0:59:79:9f:27:f7:06:63:4e:f0:68:46:7d:64:
b2:3f:d1:38:3f:00:ac:73:90:cc:cf:91:14:3d:49:
7a:29:44:39:b4:7e:e7:86:e5:61:77:50:72:87:8f:
03:cb:7c:51:f7:6b:d8:d2:7e:01:f6:16:3d:65:7c:
66:15:f8:b6:48:02:30:e7:bb:a8:23:22:f2:ff:29:
c5:9a:4e:3d:2a:e1:11:da:e2:a6:ba:92:b0:64:e4:
46:74:d1:00:ac:2f:2c:36:1f:56:5b:e9:2e:d2:ee:
50:92:26:3a:6b:fb:cf:7c:d9:a5:cc:a4:a9:a8:6c:
31:97:08:42:c0:af:89:42:b4:40:2a:94:a6:0c:98:
43:47:6c:f7:4f:f2:ce:1d:38:85:74:a4:39:dd:0d:
6d:9b:ec:ab:3e:25:a5:51:6c:41:34:fa:d0:0d:49:
2f:e5:f8:23:6f:e5:c8:df:7a:c3:17:4c:6e:23:35:
b3:68:e2:d9:e6:02:f9:a9:4a:87:36:8f:92:14:9a:
1b:bf:1b:f6:cd:a1:1c:07:e2:dc:55:db:96:4f:8a:
0a:0f:2b:ed:00:66:57:0c:88:cd:24:73:97:47:f1:
9f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:8C:D5:E3:9C:A6:54:8D:21:0A:9E:E9:6C:A1:9D:79:FB:C1:2C:48
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UozV45ymVI0hCp7pbKGdefvBLEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.70.0/24
109.176.252.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:a5:ee:f8:c3:62:db:92:5b:eb:5b:71:91:32:80:81:3f:4f:
64:8e:ca:7d:0b:c6:01:bd:b9:30:89:4b:a6:d8:66:2c:b3:44:
e2:5b:0a:e6:a2:cb:1d:3c:be:75:a3:5a:5e:52:e8:84:71:f4:
6f:3a:6e:d8:76:5a:46:15:b6:7a:e5:5f:db:14:6b:f2:8a:a3:
5d:6c:29:f1:8b:c0:ff:87:3f:32:9a:0b:4d:86:f6:e0:b7:85:
18:3f:26:8c:56:df:14:6f:1f:3c:81:c5:30:3b:0f:f8:3a:ea:
5e:79:03:de:cc:0e:43:72:19:d7:62:07:ed:72:79:26:13:04:
78:34:d9:85:72:34:0a:c0:ec:f2:ac:f9:37:ef:94:e2:26:43:
96:3a:f0:58:e4:e3:23:11:27:69:bc:ab:b3:7e:67:f6:e2:02:
2c:f6:60:7b:23:95:dc:81:24:16:e2:40:8d:0e:a1:ce:e7:80:
5d:16:b7:e4:64:be:79:56:8b:46:ab:c1:ce:61:ad:ec:15:f5:
d9:6e:cf:cd:f8:06:0e:65:cc:6b:ce:5a:4f:6a:b4:f1:2c:48:
e4:1f:76:f9:3e:5a:12:52:da:33:4b:df:d7:87:e6:ea:8e:2c:
c5:1d:6f:96:19:99:de:cb:a1:e4:41:0d:22:78:ec:29:27:b0:
05:98:8c:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhRASNo3O8CCFylgDtVR/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjhjZDVlMzljYTY1NDhkMjEwYTllZTk2Y2ExOWQ3OWZiYzEyYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HjLBZB85Oc1lC6ryNj73YuHzp5w
yyVPrV/mOHO9oFl5nyf3BmNO8GhGfWSyP9E4PwCsc5DMz5EUPUl6KUQ5tH7nhuVh
d1Byh48Dy3xR92vY0n4B9hY9ZXxmFfi2SAIw57uoIyLy/ynFmk49KuER2uKmupKw
ZORGdNEArC8sNh9WW+ku0u5QkiY6a/vPfNmlzKSpqGwxlwhCwK+JQrRAKpSmDJhD
R2z3T/LOHTiFdKQ53Q1tm+yrPiWlUWxBNPrQDUkv5fgjb+XI33rDF0xuIzWzaOLZ
5gL5qUqHNo+SFJobvxv2zaEcB+LcVduWT4oKDyvtAGZXDIjNJHOXR/Gf/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFKM1eOcplSNIQqe6WyhnXn7wSxIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVW96VjQ1eW1WSTBoQ3A3cGJLR2RlZnZCTEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplGAwQA
bbD8MA0GCSqGSIb3DQEBCwUAA4IBAQB7pe74w2LbklvrW3GRMoCBP09kjsp9C8YB
vbkwiUum2GYss0TiWwrmossdPL51o1peUuiEcfRvOm7YdlpGFbZ65V/bFGvyiqNd
bCnxi8D/hz8ymgtNhvbgt4UYPyaMVt8Ubx88gcUwOw/4OupeeQPezA5DchnXYgft
cnkmEwR4NNmFcjQKwOzyrPk375TiJkOWOvBY5OMjESdpvKuzfmf24gIs9mB7I5Xc
gSQW4kCNDqHO54BdFrfkZL55VotGq8HOYa3sFfXZbs/N+AYOZcxrzlpParTxLEjk
H3b5PloSUtozS9/Xh+bqjizFHW+WGZney6HkQQ0ieOwpJ7AFmIzW
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:51:49 2025 by rpki-client