Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/UTCT1imBH0gPbFRwj2Z1eGZutKY.roa
File: UTCT1imBH0gPbFRwj2Z1eGZutKY.roa (raw, json)
Hash identifier: 3bURSAZ6gq5mDl5sCOImW53ftqofBGoZ55b3mikt/3s=
Subject key identifier: 51:30:93:D6:29:81:1F:48:0F:6C:54:70:8F:66:75:78:66:6E:B4:A6
Certificate issuer: /CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Certificate serial: 018CC49395C9D842E5E4801D505E30F2ED7A
Authority key identifier: 3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/UTCT1imBH0gPbFRwj2Z1eGZutKY.roa
Signing time: Mon 01 Jan 2024 10:30:55 +0000
ROA not before: Mon 01 Jan 2024 10:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 212.4.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:95:c9:d8:42:e5:e4:80:1d:50:5e:30:f2:ed:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Validity
Not Before: Jan 1 10:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=513093d629811f480f6c54708f667578666eb4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3a:c6:b1:30:56:c7:9b:3f:ca:0c:1b:2f:37:
64:74:b2:ca:58:33:ed:e1:9e:31:c9:1d:73:e7:10:
ed:14:c1:6d:80:4d:7c:7e:1b:dd:dc:65:dd:1c:82:
0e:99:0d:36:f7:e2:ce:7a:cc:31:ba:14:e4:73:e2:
42:62:69:4f:ae:27:3e:99:ef:3b:ef:d3:81:c8:8c:
92:01:8c:bf:88:3b:35:ff:22:ec:e2:de:10:9b:93:
23:9f:ed:11:1b:fb:14:af:a8:77:dd:ff:b1:17:91:
9a:a5:7b:bf:a0:24:18:8d:49:98:86:1c:86:81:dd:
d2:39:87:9a:2c:86:8a:82:fe:7a:d5:fc:f2:f9:05:
e3:f3:e5:32:10:02:b1:f5:ce:69:6b:24:bf:ff:68:
ba:30:a4:cc:d8:b7:20:a1:0d:97:8a:de:ee:f5:ae:
af:bb:56:1f:81:41:26:84:2d:b1:b2:84:db:fb:0e:
cb:79:4f:b5:c3:ed:0f:a8:19:6d:bf:34:90:07:89:
dc:08:66:68:a9:3f:94:ce:19:e6:6d:c6:46:12:a6:
98:4e:65:cf:c2:71:c6:12:2b:42:9a:26:d9:84:17:
72:47:0b:03:60:e5:ff:48:ff:2d:19:f0:75:e3:a6:
f0:76:90:20:ec:49:ea:ab:04:90:8b:48:35:47:52:
82:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:30:93:D6:29:81:1F:48:0F:6C:54:70:8F:66:75:78:66:6E:B4:A6
X509v3 Authority Key Identifier:
keyid:3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/UTCT1imBH0gPbFRwj2Z1eGZutKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.4.240.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:86:b9:bf:50:b3:78:dc:51:15:89:4e:7d:f8:c0:00:07:43:
e1:f3:b2:7c:63:93:79:12:7b:bf:e5:f6:52:e7:cd:c9:15:7e:
91:30:c1:48:23:63:67:4b:15:6b:6f:ea:be:55:5c:24:6a:a3:
73:68:1d:cd:15:53:e3:5e:c4:53:28:e3:2b:e5:ec:7d:78:cc:
53:00:b8:5f:c3:8d:97:6b:41:b6:3e:62:2b:e1:0e:a3:ad:f7:
e6:05:4b:81:0d:63:53:ef:40:53:2f:20:03:cf:fc:7c:fd:15:
19:75:29:0c:1f:fe:c7:4f:cb:6c:1f:06:33:a0:7b:83:84:e4:
41:d0:65:39:98:ff:4b:d5:df:f2:6a:89:3c:df:5e:1e:7e:6b:
ba:54:eb:c4:81:95:d7:8b:5c:c2:d1:78:73:18:b1:63:11:ff:
59:83:ca:79:06:f3:d3:91:c7:f7:f2:5b:d4:1a:47:1e:00:0a:
50:06:21:d7:ed:48:fb:29:1f:fa:1a:2d:2e:49:5e:5d:b9:1a:
fc:86:3d:af:b3:39:6c:e6:d6:47:97:7d:82:2b:6c:d1:3c:33:
2f:33:39:fb:5e:e7:b4:f0:81:78:a1:79:bb:52:78:27:19:49:
06:45:94:34:3f:18:da:0e:20:3a:31:ed:3b:39:d2:cc:e7:d7:
1a:31:ae:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk5XJ2ELl5IAdUF4w8u16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjhhNDBjNmEyYzY5OTNjOWZiZTgxZGYzZWE3ZGQzNzJm
OTZkZWMwHhcNMjQwMTAxMTAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTMwOTNkNjI5ODExZjQ4MGY2YzU0NzA4ZjY2NzU3ODY2NmViNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jrGsTBWx5s/ygwbLzdkdLLKWDPt
4Z4xyR1z5xDtFMFtgE18fhvd3GXdHIIOmQ029+LOeswxuhTkc+JCYmlPric+me87
79OByIySAYy/iDs1/yLs4t4Qm5Mjn+0RG/sUr6h33f+xF5GapXu/oCQYjUmYhhyG
gd3SOYeaLIaKgv561fzy+QXj8+UyEAKx9c5payS//2i6MKTM2LcgoQ2Xit7u9a6v
u1YfgUEmhC2xsoTb+w7LeU+1w+0PqBltvzSQB4ncCGZoqT+UzhnmbcZGEqaYTmXP
wnHGEitCmibZhBdyRwsDYOX/SP8tGfB146bwdpAg7EnqqwSQi0g1R1KC7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEwk9YpgR9ID2xUcI9mdXhmbrSmMB8GA1UdIwQY
MBaAFD34pAxqLGmTyfvoHfPqfdNy+W3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2Yt
ODk1YTVhMzkyNDM4LzEvVVRDVDFpbUJIMGdQYkZSd2oyWjFlR1p1dEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2YtODk1YTVhMzkyNDM4
LzEvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1ATwMA0G
CSqGSIb3DQEBCwUAA4IBAQB+hrm/ULN43FEViU59+MAAB0Ph87J8Y5N5Enu/5fZS
583JFX6RMMFII2NnSxVrb+q+VVwkaqNzaB3NFVPjXsRTKOMr5ex9eMxTALhfw42X
a0G2PmIr4Q6jrffmBUuBDWNT70BTLyADz/x8/RUZdSkMH/7HT8tsHwYzoHuDhORB
0GU5mP9L1d/yaok8314efmu6VOvEgZXXi1zC0XhzGLFjEf9Zg8p5BvPTkcf38lvU
GkceAApQBiHX7Uj7KR/6Gi0uSV5duRr8hj2vszls5tZHl32CK2zRPDMvMzn7Xue0
8IF4oXm7UngnGUkGRZQ0PxjaDiA6Me07OdLM59caMa6u
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:31 2025 by rpki-client