Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ukc0Y50hpyhi7vpujrMT0Yucq5k.roa
File: ukc0Y50hpyhi7vpujrMT0Yucq5k.roa (raw, json)
Hash identifier: HWp5ZGiw9C3IEDREhi7TKb2PPpxjaVhoyFfbUDMuSTo=
Subject key identifier: BA:47:34:63:9D:21:A7:28:62:EE:FA:6E:8E:B3:13:D1:8B:9C:AB:99
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FE93752A03D679B14F1C3CA3109D04FBC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ukc0Y50hpyhi7vpujrMT0Yucq5k.roa
Signing time: Wed 05 Jun 2024 16:24:27 +0000
ROA not before: Wed 05 Jun 2024 16:24:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197737
IP address blocks: 217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jul 2024 16:10:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e9:37:52:a0:3d:67:9b:14:f1:c3:ca:31:09:d0:4f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 5 16:24:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba4734639d21a72862eefa6e8eb313d18b9cab99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:25:30:cd:55:be:2b:d8:fe:97:41:0f:73:e7:
57:00:b4:af:4e:2f:00:35:b5:ec:ea:a6:12:4a:a7:
6b:28:f1:75:67:a1:cc:8e:30:1c:b4:4b:56:3c:63:
11:b1:24:98:bd:96:94:df:3a:84:b6:7f:47:f4:de:
66:cb:6d:f1:9e:47:7a:38:37:8e:fe:a5:69:da:20:
32:24:30:a1:5a:2b:23:3c:1c:14:d9:35:e7:88:d1:
c6:2e:6b:ec:7e:3b:11:fa:e4:c1:94:3b:5a:89:19:
24:f3:e2:63:06:b9:cf:d5:8b:f4:07:05:bd:f0:0a:
c6:9d:3b:19:16:eb:54:f6:ab:5e:bc:42:54:36:95:
b0:ac:6a:e5:4a:df:91:20:55:00:1a:30:0d:80:be:
62:5a:39:e4:c3:de:ba:d2:db:60:85:b2:0a:81:21:
41:50:4c:49:38:ad:ca:85:a1:7b:4e:14:18:4b:3f:
f0:de:5e:9d:74:7b:61:2f:1e:95:f4:04:1f:71:6e:
5b:69:16:ce:d4:73:85:32:58:0a:cf:8b:76:9b:08:
6a:3a:a2:75:ff:8d:9b:66:af:f6:df:e1:4f:4a:c3:
66:81:4f:18:10:bf:6e:34:39:19:ea:9b:68:8f:61:
cf:9d:58:3f:7a:b1:f4:97:06:56:cc:29:2d:71:86:
7e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:47:34:63:9D:21:A7:28:62:EE:FA:6E:8E:B3:13:D1:8B:9C:AB:99
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ukc0Y50hpyhi7vpujrMT0Yucq5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
18:7e:fb:6b:59:4c:62:25:1a:d2:9f:68:54:23:71:c1:ed:9c:
f5:36:f4:53:dd:d0:c4:7c:d6:d1:d0:b4:c6:01:cf:ed:31:60:
76:0a:e4:56:2b:41:6b:19:08:39:82:ce:23:25:43:94:0a:39:
ae:93:ba:2c:5a:7e:f7:87:88:a2:eb:97:c1:9b:fe:2f:e8:38:
3a:8c:05:58:fd:b8:e4:d1:32:ae:48:eb:a7:67:46:8e:d0:17:
26:4c:d1:a7:85:9b:cb:16:eb:df:b9:d8:98:44:65:cc:af:64:
09:a7:dd:e0:22:26:ef:46:19:c2:32:c5:92:00:01:77:71:59:
fa:c6:61:b9:6d:e8:5b:d2:2b:29:82:38:60:02:0c:11:9e:69:
5c:a4:cf:99:89:bb:e5:0e:e0:47:75:b1:4a:58:0f:b0:bb:6c:
74:0d:2d:24:db:6c:36:7c:39:dc:4c:63:0c:58:6d:1d:9f:ac:
96:77:4b:b9:f6:a9:5a:d0:d9:14:f0:19:cb:50:a2:16:6f:25:
09:36:73:88:61:9f:cd:21:15:39:ee:4e:f8:16:e6:15:cf:83:
41:4a:5c:a9:a4:5e:e1:48:a4:81:81:c7:cd:61:b3:7c:17:30:
d5:c4:e0:0f:df:eb:c1:90:16:af:e0:c4:d5:39:6a:77:2b:d2:
36:57:f4:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/pN1KgPWebFPHDyjEJ0E+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjA1MTYyNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQ3MzQ2MzlkMjFhNzI4NjJlZWZhNmU4ZWIzMTNkMThiOWNhYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiUwzVW+K9j+l0EPc+dXALSvTi8A
NbXs6qYSSqdrKPF1Z6HMjjActEtWPGMRsSSYvZaU3zqEtn9H9N5my23xnkd6ODeO
/qVp2iAyJDChWisjPBwU2TXniNHGLmvsfjsR+uTBlDtaiRkk8+JjBrnP1Yv0BwW9
8ArGnTsZFutU9qtevEJUNpWwrGrlSt+RIFUAGjANgL5iWjnkw9660ttghbIKgSFB
UExJOK3KhaF7ThQYSz/w3l6ddHthLx6V9AQfcW5baRbO1HOFMlgKz4t2mwhqOqJ1
/42bZq/23+FPSsNmgU8YEL9uNDkZ6ptoj2HPnVg/erH0lwZWzCktcYZ+fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpHNGOdIacoYu76bo6zE9GLnKuZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdWtjMFk1MGhweWhpN3ZwdWpyTVQwWXVjcTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZFEMA0G
CSqGSIb3DQEBCwUAA4IBAQAYfvtrWUxiJRrSn2hUI3HB7Zz1NvRT3dDEfNbR0LTG
Ac/tMWB2CuRWK0FrGQg5gs4jJUOUCjmuk7osWn73h4ii65fBm/4v6Dg6jAVY/bjk
0TKuSOunZ0aO0BcmTNGnhZvLFuvfudiYRGXMr2QJp93gIibvRhnCMsWSAAF3cVn6
xmG5behb0ispgjhgAgwRnmlcpM+ZibvlDuBHdbFKWA+wu2x0DS0k22w2fDncTGMM
WG0dn6yWd0u59qla0NkU8BnLUKIWbyUJNnOIYZ/NIRU57k74FuYVz4NBSlyppF7h
SKSBgcfNYbN8FzDVxOAP3+vBkBav4MTVOWp3K9I2V/TE
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:58 2025 by rpki-client