Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/UxrZFlhbISSqx983eWp4TecFOyA.roa
File: UxrZFlhbISSqx983eWp4TecFOyA.roa (raw, json)
Hash identifier: vF7OIlMugwkaJIJaDpgqF44mPDRiH+Xjk6+AvcZ6u/w=
Subject key identifier: 53:1A:D9:16:58:5B:21:24:AA:C7:DF:37:79:6A:78:4D:E7:05:3B:20
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 018CC9BC70963562B9C5245B956EC48246D7
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/UxrZFlhbISSqx983eWp4TecFOyA.roa
Signing time: Tue 02 Jan 2024 10:33:39 +0000
ROA not before: Tue 02 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 217.147.181.0/24 maxlen: 24
217.147.180.0/24 maxlen: 24
217.147.180.0/23 maxlen: 24
2a0b:2900:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Apr 2024 13:21:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:70:96:35:62:b9:c5:24:5b:95:6e:c4:82:46:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Jan 2 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=531ad916585b2124aac7df37796a784de7053b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fc:50:21:04:fd:65:66:21:c4:db:90:6d:00:
bb:f6:8f:4b:96:92:4f:b0:0e:b2:67:c1:fb:12:61:
fa:1f:b1:ae:f8:7b:d8:64:b4:80:6f:6c:76:d3:63:
62:e2:ab:2d:b6:e1:d5:0d:e5:9c:38:cb:72:96:61:
ce:df:bd:cf:91:c1:82:c3:fe:a1:ea:d3:7f:30:f5:
50:5a:dc:06:92:83:65:e1:45:14:b4:67:84:7c:04:
f2:65:73:97:47:dd:f2:32:af:4d:4f:f8:4d:ba:72:
16:4b:7f:e5:b3:e9:2f:fc:bb:33:ac:d0:81:e6:bc:
d7:59:b2:0e:47:e7:7c:fb:0f:f9:18:f6:2f:f2:6e:
58:6c:59:09:f5:47:3b:cd:b3:35:eb:ed:76:92:20:
b5:ee:09:e3:cf:48:1a:e6:b9:5a:8f:a1:57:89:d5:
e5:3a:c4:f6:34:7e:1b:00:ff:78:ec:20:1b:92:b4:
1a:46:e0:fa:d8:97:3a:fd:c9:fe:da:ac:b0:64:fe:
70:2a:c5:3d:2f:08:d8:3e:08:ba:44:ca:6b:28:11:
9d:e3:c2:1b:c4:ef:88:63:35:ff:80:67:7c:7e:60:
66:b0:2f:91:07:f7:36:a5:c2:ee:05:dc:c1:0d:ba:
af:79:95:e2:b0:ed:77:fd:e4:25:83:82:a1:e2:ff:
83:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1A:D9:16:58:5B:21:24:AA:C7:DF:37:79:6A:78:4D:E7:05:3B:20
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/UxrZFlhbISSqx983eWp4TecFOyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
IPv6:
2a0b:2900:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
7f:70:d8:7a:35:99:c1:a4:dc:c1:bb:40:7d:aa:3e:12:d5:9f:
96:74:d5:1a:88:8e:e0:00:3b:0e:43:86:7f:fc:a9:63:74:6b:
2c:e8:8b:22:d8:4b:8e:72:3c:1f:f3:04:97:38:b4:86:46:f5:
71:dd:f7:75:2d:ad:d5:48:bc:b5:d7:ca:7c:55:63:e9:47:9c:
65:0f:34:a7:c9:17:f9:97:75:c9:27:af:e7:00:0e:b2:fa:d3:
40:14:dd:df:b3:c3:f3:89:58:43:ac:18:aa:b0:b8:34:8e:57:
ab:16:c6:b2:2b:0f:97:59:a1:fc:53:94:54:a0:24:1d:77:1b:
be:83:3f:f5:e5:5b:a3:ea:1e:40:1f:11:cc:ea:20:12:7f:2f:
e9:8b:5e:2b:2b:2f:e3:d1:16:59:c2:14:65:8a:0e:98:4a:af:
1b:ca:01:52:9d:f0:43:6e:96:ca:bc:a9:e3:24:df:16:53:27:
7d:69:60:f4:c3:3d:a9:49:0b:70:da:1e:1c:9d:82:72:eb:ba:
c6:b7:ab:34:f4:9a:c9:89:6b:70:0f:c1:c4:66:7f:5f:f2:7d:
42:ad:1f:f6:ee:d8:51:0f:bd:85:44:ba:91:90:25:e9:42:a4:
15:0a:ba:fc:e0:1d:f9:55:db:c3:f9:68:f6:5f:43:f4:7e:c5:
9c:3c:d7:01
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJvHCWNWK5xSRblW7EgkbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFhZDkxNjU4NWIyMTI0YWFjN2RmMzc3OTZhNzg0ZGU3MDUzYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPxQIQT9ZWYhxNuQbQC79o9LlpJP
sA6yZ8H7EmH6H7Gu+HvYZLSAb2x202Ni4qsttuHVDeWcOMtylmHO373PkcGCw/6h
6tN/MPVQWtwGkoNl4UUUtGeEfATyZXOXR93yMq9NT/hNunIWS3/ls+kv/LszrNCB
5rzXWbIOR+d8+w/5GPYv8m5YbFkJ9Uc7zbM16+12kiC17gnjz0ga5rlaj6FXidXl
OsT2NH4bAP947CAbkrQaRuD62Jc6/cn+2qywZP5wKsU9LwjYPgi6RMprKBGd48Ib
xO+IYzX/gGd8fmBmsC+RB/c2pcLuBdzBDbqveZXisO13/eQlg4Kh4v+DmQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFMa2RZYWyEkqsffN3lqeE3nBTsgMB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvVXhyWkZsaGJJU1NxeDk4M2VXcDRUZWNGT3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQB2ZO0MA4E
AgACMAgDBgAqCykA/zANBgkqhkiG9w0BAQsFAAOCAQEAf3DYejWZwaTcwbtAfao+
EtWflnTVGoiO4AA7DkOGf/ypY3RrLOiLIthLjnI8H/MElzi0hkb1cd33dS2t1Ui8
tdfKfFVj6UecZQ80p8kX+Zd1ySev5wAOsvrTQBTd37PD84lYQ6wYqrC4NI5XqxbG
sisPl1mh/FOUVKAkHXcbvoM/9eVbo+oeQB8RzOogEn8v6YteKysv49EWWcIUZYoO
mEqvG8oBUp3wQ26Wyryp4yTfFlMnfWlg9MM9qUkLcNoeHJ2Ccuu6xrerNPSayYlr
cA/BxGZ/X/J9Qq0f9u7YUQ+9hUS6kZAl6UKkFQq6/OAd+VXbw/lo9l9D9H7FnDzX
AQ==
-----END CERTIFICATE-----
Generated at Wed Apr 24 17:32:18 2024 by rpki-client on console-ams.rpki-client.org