Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/UvHCbzdBx1HlTJ7soUqxbKm7u1g.roa
File: UvHCbzdBx1HlTJ7soUqxbKm7u1g.roa (raw, json)
Hash identifier: FfdDpeCu5nJseE8loAkUi/pmWcZ/JQ1xB0ojOODTIJ8=
Subject key identifier: 52:F1:C2:6F:37:41:C7:51:E5:4C:9E:EC:A1:4A:B1:6C:A9:BB:BB:58
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 01920B9BBC92D74AD3810EEC469D0168B2C9
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/UvHCbzdBx1HlTJ7soUqxbKm7u1g.roa
Signing time: Thu 19 Sep 2024 18:46:48 +0000
ROA not before: Thu 19 Sep 2024 18:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 80.246.230.0/24 maxlen: 24
80.246.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 07:46:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0b:9b:bc:92:d7:4a:d3:81:0e:ec:46:9d:01:68:b2:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Sep 19 18:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52f1c26f3741c751e54c9eeca14ab16ca9bbbb58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5c:2e:94:fb:42:77:60:a0:67:1c:57:44:17:
6d:35:b7:a2:1b:44:9c:fb:c3:aa:f5:87:d5:7c:b9:
ed:c5:b3:f9:35:d3:75:9e:fb:43:9c:24:e7:8b:45:
59:6a:b1:dc:96:95:a8:d2:8c:a1:f7:dc:1c:21:31:
5d:44:2d:d8:37:67:7c:03:12:cd:eb:9a:08:75:96:
80:52:e5:b3:00:86:f8:42:b3:48:36:80:1e:a8:2b:
05:06:e1:5b:a7:df:00:da:48:3b:c5:ed:24:ad:3d:
bc:31:03:6d:d9:23:e1:e8:b9:64:0f:3b:8c:b5:31:
44:60:3b:bc:2f:0a:43:d3:13:9e:e2:19:66:c6:62:
5a:97:ba:e5:34:92:c1:23:27:3d:38:c9:63:b9:9e:
71:b4:c6:c8:87:17:ef:da:17:47:f7:bb:97:25:37:
cc:f1:8b:d7:cc:43:18:a4:ca:dc:20:26:0c:4e:b2:
77:3a:b2:93:d7:8b:58:4f:ef:7a:45:38:35:01:e8:
9f:1e:0d:e0:91:11:de:3e:79:e4:7c:f1:ce:4c:b3:
cc:39:7b:5c:9e:f9:58:10:1a:41:35:37:e3:14:bf:
b1:2a:7f:67:c4:8e:06:f8:d0:95:27:04:86:61:82:
37:32:98:a8:31:45:49:5a:35:97:98:13:b2:5e:9d:
90:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F1:C2:6F:37:41:C7:51:E5:4C:9E:EC:A1:4A:B1:6C:A9:BB:BB:58
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/UvHCbzdBx1HlTJ7soUqxbKm7u1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.230.0/24
80.246.232.0/21
Signature Algorithm: sha256WithRSAEncryption
37:96:dd:3f:ac:e0:6d:19:53:60:c8:5e:72:06:de:ce:99:9c:
08:02:50:52:82:bb:8a:5c:37:62:ff:e7:40:77:f4:21:f0:bb:
1a:d3:8f:fe:22:1d:4a:c6:58:9c:25:48:80:19:c9:1c:4a:44:
a4:7b:9a:39:43:ef:69:bd:f9:98:b8:e8:fa:13:1d:63:f6:e9:
ad:bb:46:29:94:d6:3e:94:48:e6:f8:02:29:a9:60:a1:47:92:
89:5d:dc:d4:f5:8e:51:bc:70:d3:19:86:71:08:62:46:86:a0:
72:4d:3b:54:02:dd:05:94:86:f8:32:ce:35:6d:aa:cc:04:b3:
39:ac:39:de:24:2d:4c:be:c6:85:8f:2a:77:d4:74:f5:f3:16:
0b:bc:20:59:84:28:54:5e:82:11:fd:b9:95:76:f4:2f:96:b3:
72:4e:a2:18:65:eb:94:42:6a:5b:2f:a1:4c:dc:92:69:91:09:
3b:a0:71:4c:9f:9c:98:1a:24:78:21:49:f1:b2:97:ef:d8:05:
1a:c8:4f:57:56:bf:a2:70:6e:a6:1e:16:49:1c:14:7b:28:ec:
ac:6f:44:85:ba:fd:03:2b:1a:6b:cd:35:76:38:6f:87:53:8a:
84:6a:31:b6:c5:04:3c:18:2f:4c:7b:4e:ce:40:e0:3c:64:69:
98:59:52:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZILm7yS10rTgQ7sRp0BaLLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwOTE5MTg0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmYxYzI2ZjM3NDFjNzUxZTU0YzllZWNhMTRhYjE2Y2E5YmJiYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1wulPtCd2CgZxxXRBdtNbeiG0Sc
+8Oq9YfVfLntxbP5NdN1nvtDnCTni0VZarHclpWo0oyh99wcITFdRC3YN2d8AxLN
65oIdZaAUuWzAIb4QrNINoAeqCsFBuFbp98A2kg7xe0krT28MQNt2SPh6LlkDzuM
tTFEYDu8LwpD0xOe4hlmxmJal7rlNJLBIyc9OMljuZ5xtMbIhxfv2hdH97uXJTfM
8YvXzEMYpMrcICYMTrJ3OrKT14tYT+96RTg1AeifHg3gkRHePnnkfPHOTLPMOXtc
nvlYEBpBNTfjFL+xKn9nxI4G+NCVJwSGYYI3MpioMUVJWjWXmBOyXp2QKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFLxwm83QcdR5Uye7KFKsWypu7tYMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvVXZIQ2J6ZEJ4MUhsVEo3c29VcXhiS203dTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUPbmAwQD
UPboMA0GCSqGSIb3DQEBCwUAA4IBAQA3lt0/rOBtGVNgyF5yBt7OmZwIAlBSgruK
XDdi/+dAd/Qh8Lsa04/+Ih1KxlicJUiAGckcSkSke5o5Q+9pvfmYuOj6Ex1j9umt
u0YplNY+lEjm+AIpqWChR5KJXdzU9Y5RvHDTGYZxCGJGhqByTTtUAt0FlIb4Ms41
barMBLM5rDneJC1MvsaFjyp31HT18xYLvCBZhChUXoIR/bmVdvQvlrNyTqIYZeuU
QmpbL6FM3JJpkQk7oHFMn5yYGiR4IUnxspfv2AUayE9XVr+icG6mHhZJHBR7KOys
b0SFuv0DKxprzTV2OG+HU4qEajG2xQQ8GC9Me07OQOA8ZGmYWVJW
-----END CERTIFICATE-----
Generated at Fri Oct 18 09:59:26 2024 by rpki-client on console-fra.rpki-client.org