Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/UCqxCGFVhMNhcAx5MGg79_QwVaE.roa
File: UCqxCGFVhMNhcAx5MGg79_QwVaE.roa (raw, json)
Hash identifier: I2TcnwRx9O0c038hZuzpceMT2cVhqIH/JiyZ6Da6f78=
Subject key identifier: 50:2A:B1:08:61:55:84:C3:61:70:0C:79:30:68:3B:F7:F4:30:55:A1
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 018D8F19499D404EDEC66ADDE68B064B5553
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/UCqxCGFVhMNhcAx5MGg79_QwVaE.roa
Signing time: Fri 09 Feb 2024 18:20:15 +0000
ROA not before: Fri 09 Feb 2024 18:20:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399976
IP address blocks: 194.54.146.0/24 maxlen: 24
2a12:c6c0::/29 maxlen: 64
2a12:c6c0::/32 maxlen: 48
2a12:c6c1::/32 maxlen: 48
2a12:c6c2::/32 maxlen: 48
2a12:c6c3::/32 maxlen: 48
2a12:c6c4::/32 maxlen: 48
2a12:c6c5::/32 maxlen: 48
2a12:c6c6::/32 maxlen: 48
2a12:c6c7::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8f:19:49:9d:40:4e:de:c6:6a:dd:e6:8b:06:4b:55:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Feb 9 18:20:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=502ab108615584c361700c7930683bf7f43055a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ef:5c:d5:0d:be:cc:f6:bf:22:95:73:d9:48:
31:3e:d8:7a:64:f2:36:58:c4:42:b9:85:eb:2b:24:
0d:30:82:47:f4:f0:7c:fd:4b:04:cf:af:e6:b5:bc:
43:b3:5c:a7:4c:2d:f1:4e:8c:82:63:67:b9:a6:65:
36:5d:ee:85:bb:69:71:67:91:c2:7e:8a:81:a6:74:
74:09:6b:80:8b:ea:c6:86:5b:b9:ad:f0:f4:5a:3f:
8f:52:fe:d9:cc:e2:03:e8:58:0f:04:27:48:24:87:
a4:32:df:68:09:cb:c0:b6:db:c3:93:a0:4b:e1:07:
d0:e5:22:5b:f3:50:4b:ee:11:86:a5:f3:d7:15:18:
8a:34:c4:80:e4:41:2f:b5:fd:8f:96:0f:b2:36:71:
7f:04:ae:a2:df:17:44:4d:ec:73:06:7f:e1:ac:8b:
79:04:00:79:fe:ee:7d:7b:b7:df:df:75:15:79:10:
e4:60:e3:78:5c:f6:ef:e2:a4:5e:2b:1d:78:d8:12:
cd:44:52:9c:21:af:8d:af:17:c5:ee:49:f8:24:36:
45:89:b4:ac:79:56:e0:e2:57:c8:44:d7:95:63:96:
df:7f:b2:17:d4:5a:2a:03:9e:83:4e:12:b4:f9:a9:
46:53:30:18:58:48:7c:08:0f:24:2b:ad:32:10:01:
ae:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:2A:B1:08:61:55:84:C3:61:70:0C:79:30:68:3B:F7:F4:30:55:A1
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/UCqxCGFVhMNhcAx5MGg79_QwVaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.146.0/24
IPv6:
2a12:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:28:69:ef:23:74:f5:ec:7c:74:fd:5d:46:fd:a7:62:6a:1c:
aa:d6:50:3d:8a:05:c1:04:4c:75:6f:f8:fb:67:b0:07:13:71:
48:8d:ea:40:03:ee:22:55:3a:d0:b3:28:90:3d:b4:cf:66:35:
32:53:dc:e3:c3:39:fe:55:9c:e6:00:e8:4d:c6:a8:67:b3:09:
af:2e:f5:e6:41:fc:42:08:9b:6c:7e:80:b2:06:5d:3f:67:69:
c3:84:ba:e0:44:77:9e:1a:46:5c:25:c2:f0:c7:0a:25:74:15:
5e:f8:d2:49:a0:da:e7:7f:e3:ac:0f:85:c4:5b:31:c8:70:d2:
59:eb:db:2e:d5:4c:40:2f:e5:f5:28:87:0d:fd:37:a7:b6:52:
ad:3c:bc:0f:ed:99:e2:3b:a0:a8:2e:07:2e:00:d0:00:ce:b8:
b8:25:84:e1:ba:14:75:bc:a9:08:97:a2:ee:89:f1:1c:1a:67:
bf:ff:8f:e7:30:a2:31:55:75:98:87:a2:c9:fa:8f:34:0c:59:
ca:29:13:15:51:bf:43:c7:61:99:46:0f:eb:22:71:1e:f6:df:
ed:12:0a:9d:b5:d1:7c:6e:22:05:eb:17:a5:de:aa:9c:80:38:
73:0f:3b:65:f0:25:d6:3a:cc:0b:95:89:25:68:64:55:99:c7:
f9:21:8e:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2PGUmdQE7exmrd5osGS1VTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjQwMjA5MTgyMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDJhYjEwODYxNTU4NGMzNjE3MDBjNzkzMDY4M2JmN2Y0MzA1NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu9c1Q2+zPa/IpVz2UgxPth6ZPI2
WMRCuYXrKyQNMIJH9PB8/UsEz6/mtbxDs1ynTC3xToyCY2e5pmU2Xe6Fu2lxZ5HC
foqBpnR0CWuAi+rGhlu5rfD0Wj+PUv7ZzOID6FgPBCdIJIekMt9oCcvAttvDk6BL
4QfQ5SJb81BL7hGGpfPXFRiKNMSA5EEvtf2Plg+yNnF/BK6i3xdETexzBn/hrIt5
BAB5/u59e7ff33UVeRDkYON4XPbv4qReKx142BLNRFKcIa+NrxfF7kn4JDZFibSs
eVbg4lfIRNeVY5bff7IX1FoqA56DThK0+alGUzAYWEh8CA8kK60yEAGu6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFAqsQhhVYTDYXAMeTBoO/f0MFWhMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvVUNxeENHRlZoTU5oY0F4NU1HZzc5X1F3VmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjaSMA0E
AgACMAcDBQMqEsbAMA0GCSqGSIb3DQEBCwUAA4IBAQA+KGnvI3T17Hx0/V1G/adi
ahyq1lA9igXBBEx1b/j7Z7AHE3FIjepAA+4iVTrQsyiQPbTPZjUyU9zjwzn+VZzm
AOhNxqhnswmvLvXmQfxCCJtsfoCyBl0/Z2nDhLrgRHeeGkZcJcLwxwoldBVe+NJJ
oNrnf+OsD4XEWzHIcNJZ69su1UxAL+X1KIcN/TentlKtPLwP7ZniO6CoLgcuANAA
zri4JYThuhR1vKkIl6LuifEcGme//4/nMKIxVXWYh6LJ+o80DFnKKRMVUb9Dx2GZ
Rg/rInEe9t/tEgqdtdF8biIF6xel3qqcgDhzDztl8CXWOswLlYklaGRVmcf5IY6M
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:56:56 2025 by rpki-client