Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/22d175-c71d-4637-a090-b19ad5455bfd/1/ucxjbWplkSIkoggz0YTp4vEEu7Q.roa
File: ucxjbWplkSIkoggz0YTp4vEEu7Q.roa (raw, json)
Hash identifier: iravP2nx19RAydGuvdIBtsyNgVFnE7df5UQtJrhJAlw=
Subject key identifier: B9:CC:63:6D:6A:65:91:22:24:A2:08:33:D1:84:E9:E2:F1:04:BB:B4
Certificate issuer: /CN=3e25ab6985f79ca9de06e98e8b9da245d8559ab6
Certificate serial: 019193EF0BD83BE6DA7F5767638CAFC6897A
Authority key identifier: 3E:25:AB:69:85:F7:9C:A9:DE:06:E9:8E:8B:9D:A2:45:D8:55:9A:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiWraYX3nKneBumOi52iRdhVmrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/22d175-c71d-4637-a090-b19ad5455bfd/1/ucxjbWplkSIkoggz0YTp4vEEu7Q.roa
Signing time: Tue 27 Aug 2024 13:03:22 +0000
ROA not before: Tue 27 Aug 2024 13:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60707
IP address blocks: 213.142.135.0/24 maxlen: 24
2a01:ed80::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Aug 2024 14:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:93:ef:0b:d8:3b:e6:da:7f:57:67:63:8c:af:c6:89:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e25ab6985f79ca9de06e98e8b9da245d8559ab6
Validity
Not Before: Aug 27 13:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9cc636d6a65912224a20833d184e9e2f104bbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d3:d3:29:05:ec:03:54:4c:39:4c:71:b3:d4:
34:97:be:7c:f9:e4:5f:1d:34:54:aa:e0:7e:d5:1b:
32:c5:72:ac:ab:c0:0e:6f:33:c1:99:01:d2:08:89:
af:71:ed:ea:bf:99:33:ba:6e:a9:c6:57:d5:fd:11:
01:c4:7f:ed:05:d2:9c:56:21:a5:df:41:0e:41:f1:
35:6d:cc:af:e6:9f:d0:ef:d6:9c:d1:b5:84:f8:ff:
9f:24:d7:41:23:91:45:70:9c:90:9b:80:62:e5:c5:
89:9f:24:8f:04:64:93:ca:ee:b9:d0:da:7d:21:e6:
58:02:a0:07:04:e8:7c:98:bb:f9:5d:43:8a:00:5c:
7f:77:aa:0e:74:bb:5a:3b:37:0b:6c:3c:a2:41:3c:
4e:46:65:c9:14:7e:36:1f:b7:03:47:61:88:94:42:
e1:15:67:6f:ab:3c:0e:6f:e6:b1:f8:70:81:98:15:
ab:dc:f8:7a:fb:c9:dd:92:a4:c4:d9:1c:6b:c1:8e:
d4:6c:5f:fa:b0:6b:29:84:81:8c:14:f3:e7:b3:05:
c7:c0:63:90:19:4f:0b:b9:28:ee:7d:a3:9c:00:87:
99:14:06:2f:79:a6:2f:4b:2b:8e:a0:cb:22:f9:17:
63:3f:0b:31:55:4a:2e:ad:82:5c:e0:d4:e0:63:85:
57:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:CC:63:6D:6A:65:91:22:24:A2:08:33:D1:84:E9:E2:F1:04:BB:B4
X509v3 Authority Key Identifier:
keyid:3E:25:AB:69:85:F7:9C:A9:DE:06:E9:8E:8B:9D:A2:45:D8:55:9A:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiWraYX3nKneBumOi52iRdhVmrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/22d175-c71d-4637-a090-b19ad5455bfd/1/ucxjbWplkSIkoggz0YTp4vEEu7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/22d175-c71d-4637-a090-b19ad5455bfd/1/PiWraYX3nKneBumOi52iRdhVmrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.135.0/24
IPv6:
2a01:ed80::/29
Signature Algorithm: sha256WithRSAEncryption
30:14:0e:6a:98:97:4a:42:e6:13:c3:3c:35:08:69:c7:38:36:
45:b3:42:88:27:57:bc:d3:04:4a:6f:cb:22:99:7b:86:48:3e:
25:50:e3:53:56:bc:0b:3b:e1:59:71:f5:1a:ba:2e:22:a0:11:
8f:74:37:7a:81:e0:42:c7:9b:8a:22:61:d4:f0:df:77:ae:d7:
fa:3f:37:74:27:56:1d:ca:dc:c2:fa:ec:4b:f2:4f:26:31:08:
60:e1:bc:54:d8:bc:0c:bc:c0:2e:72:1f:92:25:c6:3e:08:aa:
e0:04:a4:c5:19:2f:aa:cf:59:d3:2e:04:6c:48:8d:d5:8c:64:
a2:03:da:88:6b:70:54:72:3a:82:77:72:c2:8b:7f:cb:cf:9f:
d7:30:5b:33:50:80:f2:02:ce:ae:90:23:d7:42:5f:6f:12:84:
d8:3d:78:c1:8c:cc:34:76:0a:53:e9:86:d8:80:b5:8e:46:92:
cd:33:1f:54:a6:80:db:c8:4c:ed:ab:23:bd:c7:fd:d8:93:4a:
a1:bf:c3:30:3b:1a:78:71:55:f6:f6:f8:b1:67:4a:a5:62:37:
2c:c3:9d:9f:15:d2:c9:2a:01:22:c9:4d:8a:36:53:03:59:d0:
62:ec:88:19:62:55:d3:28:0b:bf:d6:dc:ac:db:e6:9e:b9:fe:
5c:d8:e7:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGT7wvYO+baf1dnY4yvxol6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjVhYjY5ODVmNzljYTlkZTA2ZTk4ZThiOWRhMjQ1ZDg1
NTlhYjYwHhcNMjQwODI3MTMwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWNjNjM2ZDZhNjU5MTIyMjRhMjA4MzNkMTg0ZTllMmYxMDRiYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNPTKQXsA1RMOUxxs9Q0l758+eRf
HTRUquB+1RsyxXKsq8AObzPBmQHSCImvce3qv5kzum6pxlfV/REBxH/tBdKcViGl
30EOQfE1bcyv5p/Q79ac0bWE+P+fJNdBI5FFcJyQm4Bi5cWJnySPBGSTyu650Np9
IeZYAqAHBOh8mLv5XUOKAFx/d6oOdLtaOzcLbDyiQTxORmXJFH42H7cDR2GIlELh
FWdvqzwOb+ax+HCBmBWr3Ph6+8ndkqTE2RxrwY7UbF/6sGsphIGMFPPnswXHwGOQ
GU8LuSjufaOcAIeZFAYveaYvSyuOoMsi+RdjPwsxVUourYJc4NTgY4VXJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLnMY21qZZEiJKIIM9GE6eLxBLu0MB8GA1UdIwQY
MBaAFD4lq2mF95yp3gbpjoudokXYVZq2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlXcmFZWDNuS25lQnVtT2k1MmlSZGhWbXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yMmQxNzUtYzcxZC00NjM3LWEwOTAt
YjE5YWQ1NDU1YmZkLzEvdWN4amJXcGxrU0lrb2dnejBZVHA0dkVFdTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yMmQxNzUtYzcxZC00NjM3LWEwOTAtYjE5YWQ1NDU1YmZk
LzEvUGlXcmFZWDNuS25lQnVtT2k1MmlSZGhWbXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1Y6HMA0E
AgACMAcDBQMqAe2AMA0GCSqGSIb3DQEBCwUAA4IBAQAwFA5qmJdKQuYTwzw1CGnH
ODZFs0KIJ1e80wRKb8simXuGSD4lUONTVrwLO+FZcfUaui4ioBGPdDd6geBCx5uK
ImHU8N93rtf6Pzd0J1YdytzC+uxL8k8mMQhg4bxU2LwMvMAuch+SJcY+CKrgBKTF
GS+qz1nTLgRsSI3VjGSiA9qIa3BUcjqCd3LCi3/Lz5/XMFszUIDyAs6ukCPXQl9v
EoTYPXjBjMw0dgpT6YbYgLWORpLNMx9UpoDbyEztqyO9x/3Yk0qhv8MwOxp4cVX2
9vixZ0qlYjcsw52fFdLJKgEiyU2KNlMDWdBi7IgZYlXTKAu/1tys2+aeuf5c2OcH
-----END CERTIFICATE-----
Generated at Tue Aug 27 18:20:06 2024 by rpki-client on console-fra.rpki-client.org