Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/UNsPiZGkr5Tr9rRrrIKStDfpcsg.roa
File: UNsPiZGkr5Tr9rRrrIKStDfpcsg.roa (raw, json)
Hash identifier: nuuW5kL/AOjG+zu32HD8Dkfv95UtzaduBFn+34PNTd0=
Subject key identifier: 50:DB:0F:89:91:A4:AF:94:EB:F6:B4:6B:AC:82:92:B4:37:E9:72:C8
Certificate issuer: /CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Certificate serial: 018CC26CF7AE9290B9A6B5ED1CB8CA24EF1D
Authority key identifier: A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/UNsPiZGkr5Tr9rRrrIKStDfpcsg.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202373
IP address blocks: 194.34.159.0/24 maxlen: 24
194.34.156.0/22 maxlen: 22
194.34.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f7:ae:92:90:b9:a6:b5:ed:1c:b8:ca:24:ef:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50db0f8991a4af94ebf6b46bac8292b437e972c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ba:f3:89:b0:73:dd:9f:e5:ed:0b:3f:2b:33:
bc:cf:3d:6a:85:c4:b6:2b:04:a3:d9:b2:84:db:50:
0b:39:4a:2f:3e:8e:22:0d:30:74:b6:78:82:7d:4b:
49:27:d4:5c:04:78:58:ac:e5:b0:9d:a8:20:cd:d1:
94:9d:59:34:85:6d:76:ca:10:8f:3f:7c:31:4e:55:
87:8f:74:a8:a1:20:b1:4e:37:5b:18:f1:04:c0:6d:
94:d3:ff:3d:36:40:9c:74:8b:d1:30:ea:a3:7f:f8:
fd:d5:c0:c4:f1:89:10:7e:e6:74:f8:d9:43:e1:5f:
e2:9e:81:4c:95:ab:a4:65:6e:b1:93:55:3e:36:66:
99:00:5c:3b:79:8c:83:42:82:a9:b2:24:1c:8d:64:
6f:06:ed:8c:af:1f:95:19:07:ff:8f:b0:3c:01:2f:
7c:26:0c:4e:31:37:3c:c0:c4:10:fa:64:a4:ac:b3:
9a:bb:18:06:b0:bb:bb:e3:c8:2a:0b:d3:e7:d4:c0:
a2:15:58:8a:9a:10:6a:08:c3:d6:8b:66:e6:81:66:
5a:49:ed:68:51:bd:da:e1:b2:e5:9d:cc:22:47:25:
d8:18:53:98:6e:63:b9:5c:a7:9a:10:9e:fb:1c:34:
52:78:06:dc:0e:bd:c8:9c:bf:ab:a6:59:61:c6:7d:
bb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DB:0F:89:91:A4:AF:94:EB:F6:B4:6B:AC:82:92:B4:37:E9:72:C8
X509v3 Authority Key Identifier:
keyid:A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/UNsPiZGkr5Tr9rRrrIKStDfpcsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.156.0/22
Signature Algorithm: sha256WithRSAEncryption
62:21:5f:49:40:33:63:9c:17:35:00:e6:25:b6:80:f0:0c:32:
ec:16:5a:26:28:30:b2:d7:ce:e8:70:8f:0e:69:39:46:37:55:
6f:75:d1:28:a7:79:33:8a:e3:74:fb:e6:81:4f:c8:68:b3:94:
a6:38:42:32:d8:51:f9:cd:44:dc:31:c9:d1:88:6c:cb:82:6b:
05:b3:6a:b3:6f:e5:e2:61:83:3a:ea:b1:67:eb:5f:0b:e0:83:
8a:79:e7:e6:bd:1d:8d:4e:bb:11:0e:d2:11:3c:ce:b0:73:49:
c9:e3:0f:6b:ad:bd:ce:44:d7:b4:77:d8:70:89:f9:69:dc:86:
69:b3:2d:31:6b:85:27:98:7e:39:34:53:60:09:ac:f2:35:aa:
d9:3f:4c:e9:6a:45:b6:60:86:92:28:d6:99:44:22:bc:48:2c:
86:08:c4:16:d9:3c:c8:fd:c7:9c:40:ff:58:5f:a4:c1:cf:49:
7d:92:c7:37:0e:d0:ec:14:3d:03:ae:49:79:5e:ee:82:ef:89:
69:61:f0:ce:14:8f:57:23:c9:14:ed:eb:1b:0f:30:17:c4:84:
95:6f:55:b8:59:68:f9:91:a8:aa:ad:24:3c:d3:3b:2c:e1:27:
cb:ac:88:8d:be:d1:48:6a:03:0e:4b:e8:a7:2e:a8:5c:7a:2c:
6f:45:26:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbPeukpC5prXtHLjKJO8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OWNhYTJhNzM2ODA2OThiMmM5ZTFhNmM5NjQxYTc0ZjNj
ZTc2ZTgwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGRiMGY4OTkxYTRhZjk0ZWJmNmI0NmJhYzgyOTJiNDM3ZTk3MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLrzibBz3Z/l7Qs/KzO8zz1qhcS2
KwSj2bKE21ALOUovPo4iDTB0tniCfUtJJ9RcBHhYrOWwnaggzdGUnVk0hW12yhCP
P3wxTlWHj3SooSCxTjdbGPEEwG2U0/89NkCcdIvRMOqjf/j91cDE8YkQfuZ0+NlD
4V/inoFMlaukZW6xk1U+NmaZAFw7eYyDQoKpsiQcjWRvBu2Mrx+VGQf/j7A8AS98
JgxOMTc8wMQQ+mSkrLOauxgGsLu748gqC9Pn1MCiFViKmhBqCMPWi2bmgWZaSe1o
Ub3a4bLlncwiRyXYGFOYbmO5XKeaEJ77HDRSeAbcDr3InL+rpllhxn27LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDbD4mRpK+U6/a0a6yCkrQ36XLIMB8GA1UdIwQY
MBaAFKWcqipzaAaYssnhpslkGnTzznboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYt
YWU5MWFiMzQyYmUxLzEvVU5zUGlaR2tyNVRyOXJScnJJS1N0RGZwY3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYtYWU5MWFiMzQyYmUx
LzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiKcMA0G
CSqGSIb3DQEBCwUAA4IBAQBiIV9JQDNjnBc1AOYltoDwDDLsFlomKDCy187ocI8O
aTlGN1VvddEop3kziuN0++aBT8hos5SmOEIy2FH5zUTcMcnRiGzLgmsFs2qzb+Xi
YYM66rFn618L4IOKeefmvR2NTrsRDtIRPM6wc0nJ4w9rrb3ORNe0d9hwiflp3IZp
sy0xa4UnmH45NFNgCazyNarZP0zpakW2YIaSKNaZRCK8SCyGCMQW2TzI/cecQP9Y
X6TBz0l9ksc3DtDsFD0Drkl5Xu6C74lpYfDOFI9XI8kU7esbDzAXxISVb1W4WWj5
kaiqrSQ80zss4SfLrIiNvtFIagMOS+inLqhceixvRSaO
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:39 2025 by rpki-client