Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Uu68JcU9PMVYFmMdUUg_42sWMrY.roa
File: Uu68JcU9PMVYFmMdUUg_42sWMrY.roa (raw, json)
Hash identifier: qItb121qoAFVMCMFNvpNf0CRrIlTGEmrryzou1AfciY=
Subject key identifier: 52:EE:BC:25:C5:3D:3C:C5:58:16:63:1D:51:48:3F:E3:6B:16:32:B6
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 0190B0B08D7FF196F982581D56DAB093BF86
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Uu68JcU9PMVYFmMdUUg_42sWMrY.roa
Signing time: Sun 14 Jul 2024 10:01:18 +0000
ROA not before: Sun 14 Jul 2024 10:01:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50917
IP address blocks: 217.147.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 05:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b0:b0:8d:7f:f1:96:f9:82:58:1d:56:da:b0:93:bf:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jul 14 10:01:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52eebc25c53d3cc55816631d51483fe36b1632b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e6:96:ac:c2:0c:73:5a:c4:79:03:25:1c:be:
e8:7d:41:4f:44:0a:66:25:9e:fe:23:10:8f:8e:61:
fb:25:b1:ac:a6:21:7b:68:26:82:21:5f:a6:31:69:
60:df:fa:18:22:bd:1b:14:44:97:be:7f:2f:9d:46:
b3:94:4a:3a:29:8b:51:ab:ad:d8:6b:e4:e7:18:94:
36:2f:7d:7d:4d:30:89:d9:b4:b3:a6:fa:91:9d:8f:
cb:36:bd:9e:e9:f0:86:7b:c1:fe:0f:7f:3c:ec:4a:
73:f3:1c:e4:04:10:ca:b4:90:29:99:bd:2d:ab:d1:
b3:48:90:e5:5c:34:04:78:a5:04:f7:05:ca:15:84:
13:c3:07:42:af:62:4e:ad:e1:3d:51:46:0b:79:72:
0e:70:40:ef:a1:76:7f:02:66:95:1c:3b:b9:31:97:
18:df:20:3d:78:25:b9:ff:2d:73:19:03:97:c1:05:
60:c3:a5:ff:eb:1c:3c:2e:00:c3:ab:d5:73:ef:b6:
4c:1d:c4:fe:0d:55:24:24:86:3e:f5:7a:92:02:56:
cd:bf:a3:50:2f:49:7c:08:8a:c1:f4:3c:f3:26:2b:
30:80:d4:12:3f:b9:6f:b3:5f:84:e7:d6:20:6c:29:
63:fb:eb:72:b5:20:6c:5c:a4:4b:e6:62:c3:ba:ba:
57:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:EE:BC:25:C5:3D:3C:C5:58:16:63:1D:51:48:3F:E3:6B:16:32:B6
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Uu68JcU9PMVYFmMdUUg_42sWMrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.168.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:89:04:f5:67:70:06:ad:34:85:0b:cf:da:51:92:a7:a3:cc:
c4:73:01:dc:48:22:cd:a0:9a:f3:22:9f:79:90:1e:52:70:80:
ad:ef:aa:8c:62:32:67:3b:4b:ff:b9:3c:6c:66:27:bf:4e:ba:
06:e0:f1:ad:94:7e:b3:d3:dd:43:27:da:eb:a7:dc:a3:db:4c:
ef:90:b1:b7:ac:c8:58:15:d3:d8:7c:ca:cf:47:1c:97:24:a0:
fe:6e:0c:4a:60:2c:79:af:58:18:1e:58:c8:01:ac:9e:5e:23:
a2:c4:83:8f:ee:db:3b:db:d7:24:24:e4:ce:b6:a1:e1:68:8b:
05:81:3d:53:db:f0:a2:fd:82:a7:d0:13:61:3f:da:c1:58:49:
82:7a:ca:15:f4:e0:f9:05:a2:6b:68:52:db:34:88:54:7e:ac:
5d:bb:28:09:94:0f:bb:a4:f6:a0:39:55:81:f9:65:1d:43:05:
09:c4:f6:2e:59:bf:97:b0:58:3d:ec:b1:f4:04:14:18:4c:ad:
9e:0c:af:af:9b:ba:8a:ff:e2:47:c9:42:b7:90:77:a5:7e:58:
8e:b2:b8:df:34:35:db:d7:35:e7:46:bf:43:ad:99:69:d9:e4:
f2:ed:20:35:fe:8c:d9:0c:3e:6f:ad:c9:a6:2f:4e:9a:b1:08:
52:af:60:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCwsI1/8Zb5glgdVtqwk7+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQwNzE0MTAwMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmVlYmMyNWM1M2QzY2M1NTgxNjYzMWQ1MTQ4M2ZlMzZiMTYzMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+aWrMIMc1rEeQMlHL7ofUFPRApm
JZ7+IxCPjmH7JbGspiF7aCaCIV+mMWlg3/oYIr0bFESXvn8vnUazlEo6KYtRq63Y
a+TnGJQ2L319TTCJ2bSzpvqRnY/LNr2e6fCGe8H+D3887Epz8xzkBBDKtJApmb0t
q9GzSJDlXDQEeKUE9wXKFYQTwwdCr2JOreE9UUYLeXIOcEDvoXZ/AmaVHDu5MZcY
3yA9eCW5/y1zGQOXwQVgw6X/6xw8LgDDq9Vz77ZMHcT+DVUkJIY+9XqSAlbNv6NQ
L0l8CIrB9DzzJiswgNQSP7lvs1+E59YgbClj++tytSBsXKRL5mLDurpXUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLuvCXFPTzFWBZjHVFIP+NrFjK2MB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvVXU2OEpjVTlQTVZZRm1NZFVVZ180MnNXTXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOoMA0G
CSqGSIb3DQEBCwUAA4IBAQCPiQT1Z3AGrTSFC8/aUZKno8zEcwHcSCLNoJrzIp95
kB5ScICt76qMYjJnO0v/uTxsZie/TroG4PGtlH6z091DJ9rrp9yj20zvkLG3rMhY
FdPYfMrPRxyXJKD+bgxKYCx5r1gYHljIAayeXiOixIOP7ts729ckJOTOtqHhaIsF
gT1T2/Ci/YKn0BNhP9rBWEmCesoV9OD5BaJraFLbNIhUfqxduygJlA+7pPagOVWB
+WUdQwUJxPYuWb+XsFg97LH0BBQYTK2eDK+vm7qK/+JHyUK3kHelfliOsrjfNDXb
1zXnRr9DrZlp2eTy7SA1/ozZDD5vrcmmL06asQhSr2B9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:29 2025 by rpki-client