Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/3e9394-e271-49ab-b37b-ea38420b2579/1/x9oVQsgEoZLAIsEEASIddhz_utg.roa
File: x9oVQsgEoZLAIsEEASIddhz_utg.roa (raw, json)
Hash identifier: LPLw2MwZApK6XtW2Xm+m1EnRruFG0IMkSVBSNVCYP9U=
Subject key identifier: C7:DA:15:42:C8:04:A1:92:C0:22:C1:04:01:22:1D:76:1C:FF:BA:D8
Certificate issuer: /CN=1000c0d7a59ac2f59804e7c3515f14cd2fd50d97
Certificate serial: 018CC424650C3511C97E955E6A2B648B8AFB
Authority key identifier: 10:00:C0:D7:A5:9A:C2:F5:98:04:E7:C3:51:5F:14:CD:2F:D5:0D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EADA16WawvWYBOfDUV8UzS_VDZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/3e9394-e271-49ab-b37b-ea38420b2579/1/x9oVQsgEoZLAIsEEASIddhz_utg.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204793
IP address blocks: 185.136.116.0/22 maxlen: 22
2a06:fc40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:65:0c:35:11:c9:7e:95:5e:6a:2b:64:8b:8a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1000c0d7a59ac2f59804e7c3515f14cd2fd50d97
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7da1542c804a192c022c10401221d761cffbad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:31:7c:96:8d:a1:66:88:7b:3a:71:ef:29:d8:
d9:8c:dc:39:73:02:c3:65:22:82:4f:82:96:17:d7:
50:c8:a0:1b:ae:07:a5:18:85:53:35:d5:f5:3c:ae:
fa:d2:6d:5b:90:01:77:c6:da:39:00:39:73:06:b1:
58:16:a0:9e:3c:d1:05:c2:70:bc:f8:bd:d0:19:a2:
a0:0f:6c:42:11:73:65:7b:7d:ac:66:58:b2:a1:07:
a8:02:bf:c5:59:0d:f8:f4:12:00:a4:00:75:bf:cf:
66:29:f5:56:aa:f1:ba:fc:88:44:59:b5:da:0c:30:
d4:99:5e:e9:b7:c8:fb:84:d9:f6:24:1e:af:71:35:
e9:34:6f:cf:db:83:72:3b:79:ba:c6:0a:ac:7e:0f:
59:02:35:98:ce:5e:26:20:6e:0c:b7:52:34:1a:4a:
58:18:99:a2:23:3f:82:5f:70:f9:77:da:bb:81:f5:
fa:d9:8b:9e:49:df:06:d5:50:5d:72:a7:71:f2:c1:
67:04:f5:0b:5c:60:8b:5a:73:0f:18:60:db:36:77:
33:14:6d:4a:f7:08:8f:80:d9:c4:ba:3d:e9:05:61:
a1:05:33:69:6a:22:06:6f:43:af:ea:78:13:74:5e:
4a:3e:3a:8f:39:c2:39:3c:ff:ec:c5:a8:fa:29:47:
81:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DA:15:42:C8:04:A1:92:C0:22:C1:04:01:22:1D:76:1C:FF:BA:D8
X509v3 Authority Key Identifier:
keyid:10:00:C0:D7:A5:9A:C2:F5:98:04:E7:C3:51:5F:14:CD:2F:D5:0D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EADA16WawvWYBOfDUV8UzS_VDZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/3e9394-e271-49ab-b37b-ea38420b2579/1/x9oVQsgEoZLAIsEEASIddhz_utg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/3e9394-e271-49ab-b37b-ea38420b2579/1/EADA16WawvWYBOfDUV8UzS_VDZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.116.0/22
IPv6:
2a06:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
21:96:5f:f3:a1:d6:64:e8:da:a4:53:5d:d9:26:c3:48:a8:4f:
1e:ad:ef:0f:f7:63:a5:f5:55:86:65:35:be:12:9d:06:36:37:
03:71:1d:95:e3:a4:c6:9d:fe:d1:f9:cf:8a:9f:4c:90:a2:d0:
93:4e:c5:e1:b0:cc:af:35:06:84:97:71:4c:b7:dd:2c:0d:a6:
86:8d:11:4e:59:ec:fd:f6:45:9e:61:df:37:c2:54:3d:40:a4:
23:4f:e5:e6:80:14:0e:f6:79:a0:40:1b:9a:a3:95:ef:e9:05:
bc:5c:b0:03:8c:2a:4e:23:01:96:9c:75:af:bb:42:5d:31:5a:
57:d1:7a:b9:6a:a0:e5:31:a2:fe:21:3d:de:fd:74:7f:f1:0b:
0e:e3:5e:72:af:95:b4:8c:34:a9:ba:c6:73:4f:3f:91:ff:ed:
12:8e:10:ad:01:2a:9d:f7:ed:1d:10:13:99:f7:c6:14:15:da:
25:12:e8:b1:f1:35:7b:a8:9e:d1:fb:52:6f:bb:8a:61:54:e5:
87:34:32:45:1f:70:42:90:e1:c2:2e:f8:58:ca:82:6a:47:9b:
30:95:12:36:1d:ae:2d:a3:11:cf:59:0e:63:a4:80:24:f0:bb:
0b:9c:2f:4c:61:03:f5:5b:83:79:b4:3d:eb:4d:8d:bb:35:5c:
da:5e:21:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJGUMNRHJfpVeaitki4r7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDBjMGQ3YTU5YWMyZjU5ODA0ZTdjMzUxNWYxNGNkMmZk
NTBkOTcwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RhMTU0MmM4MDRhMTkyYzAyMmMxMDQwMTIyMWQ3NjFjZmZiYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TF8lo2hZoh7OnHvKdjZjNw5cwLD
ZSKCT4KWF9dQyKAbrgelGIVTNdX1PK760m1bkAF3xto5ADlzBrFYFqCePNEFwnC8
+L3QGaKgD2xCEXNle32sZliyoQeoAr/FWQ349BIApAB1v89mKfVWqvG6/IhEWbXa
DDDUmV7pt8j7hNn2JB6vcTXpNG/P24NyO3m6xgqsfg9ZAjWYzl4mIG4Mt1I0GkpY
GJmiIz+CX3D5d9q7gfX62YueSd8G1VBdcqdx8sFnBPULXGCLWnMPGGDbNnczFG1K
9wiPgNnEuj3pBWGhBTNpaiIGb0Ov6ngTdF5KPjqPOcI5PP/sxaj6KUeBXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMfaFULIBKGSwCLBBAEiHXYc/7rYMB8GA1UdIwQY
MBaAFBAAwNelmsL1mATnw1FfFM0v1Q2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFEQTE2V2F3dldZQk9mRFVWOFV6U19WRFpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8zZTkzOTQtZTI3MS00OWFiLWIzN2It
ZWEzODQyMGIyNTc5LzEveDlvVlFzZ0VvWkxBSXNFRUFTSWRkaHpfdXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8zZTkzOTQtZTI3MS00OWFiLWIzN2ItZWEzODQyMGIyNTc5
LzEvRUFEQTE2V2F3dldZQk9mRFVWOFV6U19WRFpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYh0MA0E
AgACMAcDBQMqBvxAMA0GCSqGSIb3DQEBCwUAA4IBAQAhll/zodZk6NqkU13ZJsNI
qE8ere8P92Ol9VWGZTW+Ep0GNjcDcR2V46TGnf7R+c+Kn0yQotCTTsXhsMyvNQaE
l3FMt90sDaaGjRFOWez99kWeYd83wlQ9QKQjT+XmgBQO9nmgQBuao5Xv6QW8XLAD
jCpOIwGWnHWvu0JdMVpX0Xq5aqDlMaL+IT3e/XR/8QsO415yr5W0jDSpusZzTz+R
/+0SjhCtASqd9+0dEBOZ98YUFdolEuix8TV7qJ7R+1Jvu4phVOWHNDJFH3BCkOHC
LvhYyoJqR5swlRI2Ha4toxHPWQ5jpIAk8LsLnC9MYQP1W4N5tD3rTY27NVzaXiEn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:12 2025 by rpki-client