Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/uKwCNOatyoMb_3rpzo4NBydFgv0.roa
File: uKwCNOatyoMb_3rpzo4NBydFgv0.roa (raw, json)
Hash identifier: uHY0yPv1B7ijwb9Qfw1X5GSx/MGrUnVybb1fUeFRNos=
Subject key identifier: B8:AC:02:34:E6:AD:CA:83:1B:FF:7A:E9:CE:8E:0D:07:27:45:82:FD
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 018FA0B27B3E474954F219D887346A3CE011
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/uKwCNOatyoMb_3rpzo4NBydFgv0.roa
Signing time: Wed 22 May 2024 14:26:42 +0000
ROA not before: Wed 22 May 2024 14:26:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 202.49.176.0/24 maxlen: 24
202.181.148.0/24 maxlen: 24
2a13:d207::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Jun 2024 15:55:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:b2:7b:3e:47:49:54:f2:19:d8:87:34:6a:3c:e0:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: May 22 14:26:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8ac0234e6adca831bff7ae9ce8e0d07274582fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:34:7e:d7:f0:64:35:78:22:19:79:95:de:33:
55:e9:14:20:1c:47:f3:ec:36:7d:87:da:37:1a:03:
04:97:f8:6b:81:98:f2:c0:0b:06:af:9e:db:aa:6e:
0c:16:6b:ca:b4:89:6b:3c:78:c5:ff:aa:b7:f4:da:
3c:b1:e2:18:8a:95:74:d8:20:ef:1f:23:7f:61:c4:
69:1b:bd:50:a4:85:da:76:08:cd:e9:37:05:04:7a:
58:b6:21:2f:2f:4d:4b:83:55:27:80:ec:5b:e0:7d:
b8:c4:fa:86:00:4e:0b:ee:e0:c3:46:85:f7:5d:fb:
23:7c:85:77:dc:d2:02:0f:c5:05:aa:95:81:29:47:
89:58:e6:c0:7d:71:5e:4a:c7:b0:ba:0c:48:d3:84:
e3:a0:95:0a:d9:6a:b8:ef:19:cd:2b:38:d6:f3:81:
d7:38:36:bb:ee:9c:a5:9c:9c:d2:79:47:8f:92:82:
90:36:1c:9c:90:04:c1:af:88:6b:0c:73:b3:35:dd:
f1:07:3e:e3:59:45:a7:47:b0:68:42:d6:f1:25:b1:
dc:63:ab:a3:65:0c:8f:24:6f:e4:e2:fb:d6:f9:6e:
4b:1f:03:85:21:a2:1c:c3:73:fd:e3:2e:b6:e5:63:
b7:8a:32:37:fd:55:2b:b2:5c:e8:27:50:ae:6a:b7:
bb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AC:02:34:E6:AD:CA:83:1B:FF:7A:E9:CE:8E:0D:07:27:45:82:FD
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/uKwCNOatyoMb_3rpzo4NBydFgv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.49.176.0/24
202.181.148.0/24
IPv6:
2a13:d207::/32
Signature Algorithm: sha256WithRSAEncryption
6e:82:ee:d4:21:a7:78:ec:67:7e:1f:4b:34:25:16:c1:13:72:
d7:43:90:87:a4:2f:49:88:0e:da:f4:41:77:f9:44:3e:7b:3a:
f2:4b:e5:9c:a7:11:6e:2b:f8:35:2a:4e:68:84:7c:b3:77:b9:
19:52:f3:d7:d4:a8:bb:8b:07:99:5a:b7:71:bc:6d:ba:b2:40:
aa:2d:b4:d7:52:92:eb:b0:ba:9d:dc:fe:b7:17:2c:89:7c:e2:
45:6b:ab:be:c4:9a:58:89:a3:80:a8:ff:89:d4:f6:f3:da:23:
8f:4d:15:ec:4c:bc:03:a1:31:a2:e3:82:8f:40:72:9e:15:49:
31:08:fd:dd:3a:9a:8b:18:cd:87:4c:98:bb:a6:a7:e7:58:06:
b4:dc:af:2b:87:2f:22:ee:7a:57:12:c4:96:bc:e9:23:51:68:
ac:9b:b4:98:4e:e9:1e:5a:f2:e8:33:e6:20:b9:1b:09:3f:5e:
6c:0f:12:40:3a:4c:62:55:af:63:41:95:05:9c:7a:c5:90:b1:
27:4e:1f:1b:87:d8:9a:1b:a7:b9:bd:e0:aa:4d:79:22:8b:e0:
92:5b:64:b7:ba:e0:bf:e2:dc:74:b8:16:36:e2:94:52:f2:ef:
6c:a7:41:c6:bd:1a:11:d3:6f:e8:26:55:a4:74:9d:29:c0:12:
f3:d3:51:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY+gsns+R0lU8hnYhzRqPOARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjQwNTIyMTQyNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGFjMDIzNGU2YWRjYTgzMWJmZjdhZTljZThlMGQwNzI3NDU4MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TR+1/BkNXgiGXmV3jNV6RQgHEfz
7DZ9h9o3GgMEl/hrgZjywAsGr57bqm4MFmvKtIlrPHjF/6q39No8seIYipV02CDv
HyN/YcRpG71QpIXadgjN6TcFBHpYtiEvL01Lg1UngOxb4H24xPqGAE4L7uDDRoX3
XfsjfIV33NICD8UFqpWBKUeJWObAfXFeSsewugxI04TjoJUK2Wq47xnNKzjW84HX
ODa77pylnJzSeUePkoKQNhyckATBr4hrDHOzNd3xBz7jWUWnR7BoQtbxJbHcY6uj
ZQyPJG/k4vvW+W5LHwOFIaIcw3P94y625WO3ijI3/VUrslzoJ1Cuare7LQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLisAjTmrcqDG/966c6ODQcnRYL9MB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvdUt3Q05PYXR5b01iXzNycHpvNE5CeWRGZ3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAyjGwAwQA
yrWUMA0EAgACMAcDBQAqE9IHMA0GCSqGSIb3DQEBCwUAA4IBAQBugu7UIad47Gd+
H0s0JRbBE3LXQ5CHpC9JiA7a9EF3+UQ+ezryS+WcpxFuK/g1Kk5ohHyzd7kZUvPX
1Ki7iweZWrdxvG26skCqLbTXUpLrsLqd3P63FyyJfOJFa6u+xJpYiaOAqP+J1Pbz
2iOPTRXsTLwDoTGi44KPQHKeFUkxCP3dOpqLGM2HTJi7pqfnWAa03K8rhy8i7npX
EsSWvOkjUWism7SYTukeWvLoM+YguRsJP15sDxJAOkxiVa9jQZUFnHrFkLEnTh8b
h9iaG6e5veCqTXkii+CSW2S3uuC/4tx0uBY24pRS8u9sp0HGvRoR02/oJlWkdJ0p
wBLz01H6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:03 2024 by rpki-client on console-ams.rpki-client.org