Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6e0ed3-eb01-44f7-8d54-39d9e0962440/1/tqUodV8JoGfBzIWMbPax4kr8Ops.roa
File: tqUodV8JoGfBzIWMbPax4kr8Ops.roa (raw, json)
Hash identifier: 9GVlXnv4EdTHXzBglHpktc1mlQtifUAb2vwqko33XIo=
Subject key identifier: B6:A5:28:75:5F:09:A0:67:C1:CC:85:8C:6C:F6:B1:E2:4A:FC:3A:9B
Certificate issuer: /CN=b9c89cfadd51f4d921bb3d0c55f9313663a71cc4
Certificate serial: 018CC3B6E68DE80BDE387A5B3C46D3801046
Authority key identifier: B9:C8:9C:FA:DD:51:F4:D9:21:BB:3D:0C:55:F9:31:36:63:A7:1C:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucic-t1R9Nkhuz0MVfkxNmOnHMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6e0ed3-eb01-44f7-8d54-39d9e0962440/1/tqUodV8JoGfBzIWMbPax4kr8Ops.roa
Signing time: Mon 01 Jan 2024 06:29:52 +0000
ROA not before: Mon 01 Jan 2024 06:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203687
IP address blocks: 185.167.140.0/22 maxlen: 22
185.167.140.0/23 maxlen: 23
185.167.142.0/23 maxlen: 23
2a0b:6e00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e6:8d:e8:0b:de:38:7a:5b:3c:46:d3:80:10:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9c89cfadd51f4d921bb3d0c55f9313663a71cc4
Validity
Not Before: Jan 1 06:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6a528755f09a067c1cc858c6cf6b1e24afc3a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:71:36:6e:5e:97:4a:03:c4:23:d1:b8:a4:df:
8d:c2:d1:34:e0:2a:50:ab:43:ac:8f:ff:cd:0c:ea:
10:fb:2f:c6:fe:11:36:6b:1d:60:25:22:3a:b5:bd:
ec:d0:5f:fe:fb:65:39:ad:ce:6a:83:dd:8e:ee:27:
bb:56:7b:42:a6:28:3f:d5:ec:7f:74:fd:b1:52:ac:
84:70:b8:f3:91:f7:19:22:08:d3:f0:9d:60:c5:d6:
42:34:46:b5:9a:33:5f:b6:3e:c6:40:43:dc:83:88:
ef:7d:92:36:b8:a7:ea:8f:64:55:77:89:ed:87:f7:
29:19:0e:0e:60:a4:3d:fe:fe:49:3c:f1:96:2e:c0:
41:9c:cf:8a:a9:55:0e:95:c3:f0:ea:d8:7b:dc:c1:
fd:83:a7:e7:58:b0:dc:5e:1a:0a:04:d3:d4:25:82:
6c:5e:30:7e:6a:1e:3c:1c:5f:ca:8e:cf:b0:05:99:
73:32:8c:5b:6f:1a:81:f5:cf:bd:8f:25:b7:c6:6d:
8d:f1:41:c0:e8:8a:84:88:5f:91:70:e3:d0:b8:c4:
04:45:86:87:fc:7e:8f:50:b6:fb:b6:5b:c2:aa:58:
60:48:28:1e:f2:99:8b:f0:6a:49:f4:a0:57:d3:47:
58:06:28:63:73:70:e7:ff:59:84:09:1a:bf:56:a1:
09:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A5:28:75:5F:09:A0:67:C1:CC:85:8C:6C:F6:B1:E2:4A:FC:3A:9B
X509v3 Authority Key Identifier:
keyid:B9:C8:9C:FA:DD:51:F4:D9:21:BB:3D:0C:55:F9:31:36:63:A7:1C:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucic-t1R9Nkhuz0MVfkxNmOnHMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6e0ed3-eb01-44f7-8d54-39d9e0962440/1/tqUodV8JoGfBzIWMbPax4kr8Ops.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6e0ed3-eb01-44f7-8d54-39d9e0962440/1/ucic-t1R9Nkhuz0MVfkxNmOnHMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.140.0/22
IPv6:
2a0b:6e00::/32
Signature Algorithm: sha256WithRSAEncryption
6c:a4:9a:7f:50:14:88:1b:f3:05:6a:2b:b8:13:19:ce:4f:f2:
4b:80:7c:16:ff:50:93:05:f4:b9:33:d1:39:f1:a0:c7:b9:eb:
0c:98:2f:91:e6:1f:7f:09:ad:dc:aa:16:50:ea:5a:16:1e:5d:
95:0e:cf:85:a1:a5:50:91:13:6b:a6:b3:61:05:de:c7:d8:41:
fe:c1:5e:f0:9f:1a:b2:33:4e:a2:25:48:e9:6b:f1:42:8f:d1:
af:01:48:a6:28:90:a5:ff:ca:e4:d9:0b:89:a2:ea:d0:bb:02:
ed:55:2b:0d:13:3a:1e:13:5d:04:15:84:51:8a:0b:5d:1c:e5:
5f:64:6f:f0:15:26:60:de:a7:f3:f5:1b:ee:bc:91:6f:0d:94:
be:03:af:0e:da:55:c4:44:92:5d:21:6a:8b:1a:e9:cd:ec:1a:
0a:d2:9a:af:4e:5b:5a:32:d1:e3:22:8f:5f:6d:6a:a3:58:b4:
7f:14:b3:79:51:0f:d7:74:b4:ca:0c:56:67:c4:28:cf:63:67:
ee:8f:4e:64:1c:85:3f:cf:a2:4d:20:d5:51:86:48:32:47:60:
90:10:06:12:e8:86:ef:a7:97:65:08:be:b2:01:4e:09:3e:83:
86:2c:f3:9e:9b:9a:42:9a:3c:32:7c:f7:a0:72:67:d3:eb:d0:
4f:bc:22:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtuaN6AveOHpbPEbTgBBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Yzg5Y2ZhZGQ1MWY0ZDkyMWJiM2QwYzU1ZjkzMTM2NjNh
NzFjYzQwHhcNMjQwMTAxMDYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmE1Mjg3NTVmMDlhMDY3YzFjYzg1OGM2Y2Y2YjFlMjRhZmMzYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXE2bl6XSgPEI9G4pN+NwtE04CpQ
q0Osj//NDOoQ+y/G/hE2ax1gJSI6tb3s0F/++2U5rc5qg92O7ie7VntCpig/1ex/
dP2xUqyEcLjzkfcZIgjT8J1gxdZCNEa1mjNftj7GQEPcg4jvfZI2uKfqj2RVd4nt
h/cpGQ4OYKQ9/v5JPPGWLsBBnM+KqVUOlcPw6th73MH9g6fnWLDcXhoKBNPUJYJs
XjB+ah48HF/Kjs+wBZlzMoxbbxqB9c+9jyW3xm2N8UHA6IqEiF+RcOPQuMQERYaH
/H6PULb7tlvCqlhgSCge8pmL8GpJ9KBX00dYBihjc3Dn/1mECRq/VqEJ5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLalKHVfCaBnwcyFjGz2seJK/DqbMB8GA1UdIwQY
MBaAFLnInPrdUfTZIbs9DFX5MTZjpxzEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNpYy10MVI5TmtodXowTVZma3hObU9uSE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ZTBlZDMtZWIwMS00NGY3LThkNTQt
MzlkOWUwOTYyNDQwLzEvdHFVb2RWOEpvR2ZCeklXTWJQYXg0a3I4T3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ZTBlZDMtZWIwMS00NGY3LThkNTQtMzlkOWUwOTYyNDQw
LzEvdWNpYy10MVI5TmtodXowTVZma3hObU9uSE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaeMMA0E
AgACMAcDBQAqC24AMA0GCSqGSIb3DQEBCwUAA4IBAQBspJp/UBSIG/MFaiu4ExnO
T/JLgHwW/1CTBfS5M9E58aDHuesMmC+R5h9/Ca3cqhZQ6loWHl2VDs+FoaVQkRNr
prNhBd7H2EH+wV7wnxqyM06iJUjpa/FCj9GvAUimKJCl/8rk2QuJourQuwLtVSsN
EzoeE10EFYRRigtdHOVfZG/wFSZg3qfz9RvuvJFvDZS+A68O2lXERJJdIWqLGunN
7BoK0pqvTltaMtHjIo9fbWqjWLR/FLN5UQ/XdLTKDFZnxCjPY2fuj05kHIU/z6JN
INVRhkgyR2CQEAYS6Ibvp5dlCL6yAU4JPoOGLPOem5pCmjwyfPegcmfT69BPvCLB
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:34 2025 by rpki-client