Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/uZQI6rgB9hrdVB1Otdt9EBdp31U.roa
File: uZQI6rgB9hrdVB1Otdt9EBdp31U.roa (raw, json)
Hash identifier: f5WgsuMfubqISe5Lox+Z3xJyVsweywuLCqgiaoLA7J0=
Subject key identifier: B9:94:08:EA:B8:01:F6:1A:DD:54:1D:4E:B5:DB:7D:10:17:69:DF:55
Certificate issuer: /CN=03f3fe6075082be8e588329b43d761bf6e7b01d0
Certificate serial: 018CC26D620C35198EA1AB36F5D39081EDA9
Authority key identifier: 03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/uZQI6rgB9hrdVB1Otdt9EBdp31U.roa
Signing time: Mon 01 Jan 2024 00:29:57 +0000
ROA not before: Mon 01 Jan 2024 00:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209823
IP address blocks: 195.24.245.0/24 maxlen: 24
2a12:5542::/32 maxlen: 32
2a12:5541:1::/48 maxlen: 48
2a12:5541:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Feb 2024 06:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:62:0c:35:19:8e:a1:ab:36:f5:d3:90:81:ed:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03f3fe6075082be8e588329b43d761bf6e7b01d0
Validity
Not Before: Jan 1 00:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b99408eab801f61add541d4eb5db7d101769df55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:16:87:fc:6b:26:4b:4c:bf:15:e3:a4:28:c0:
06:85:df:8a:9a:8d:b1:35:44:4b:46:f9:39:d6:d7:
ed:9a:c2:cb:9c:22:cc:5c:e3:bd:ca:86:0e:66:e8:
5c:a7:3e:5b:ab:46:20:48:a9:3c:e9:f2:fd:19:fc:
9f:3e:42:fd:96:3e:0a:bb:58:46:a9:66:a8:74:85:
ae:1f:ab:6a:eb:24:c2:57:7d:88:82:ac:d4:71:4b:
4c:a1:9f:7d:e1:03:15:1d:9d:c1:1d:e0:6b:b6:9f:
ce:71:c6:57:38:30:4e:cc:f3:7f:d5:5a:65:5d:d5:
12:00:b9:ee:f8:41:33:85:c0:c9:75:20:71:fd:bd:
c1:2a:3c:1d:54:9e:2b:0a:57:12:30:fe:64:14:80:
ea:35:93:d6:41:18:b0:4c:a6:24:b3:0c:6d:44:7c:
37:cf:fc:25:be:c3:6e:26:22:5d:f1:c9:cf:fb:ef:
38:e9:4a:48:77:14:37:b9:d7:40:94:4f:3b:b7:89:
b2:38:c3:8c:b0:a7:5a:de:0a:2a:ca:d0:f3:13:58:
17:22:7f:2f:18:7b:21:38:69:2d:e2:a3:67:2b:08:
5a:ed:48:59:34:7b:bc:54:7f:bb:a0:af:ea:b7:b6:
12:af:c2:53:01:6b:dc:6e:00:9a:bd:56:1e:ad:13:
a1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:94:08:EA:B8:01:F6:1A:DD:54:1D:4E:B5:DB:7D:10:17:69:DF:55
X509v3 Authority Key Identifier:
keyid:03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/uZQI6rgB9hrdVB1Otdt9EBdp31U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.24.245.0/24
IPv6:
2a12:5541:1::-2a12:5541:2:ffff:ffff:ffff:ffff:ffff
2a12:5542::/32
Signature Algorithm: sha256WithRSAEncryption
1b:f9:fa:c6:46:22:9e:57:01:c3:f6:68:c7:63:07:6c:f6:bb:
da:cb:fa:81:a9:86:f7:bd:ba:33:e5:49:ca:67:b2:37:74:75:
d1:6b:a6:af:44:f9:92:54:bc:64:21:9e:a8:41:ea:52:51:36:
d1:4f:60:3d:ca:d3:c3:5f:01:ac:20:40:b0:a3:7c:46:cc:81:
51:4c:47:6d:10:78:20:dc:d9:98:fa:ae:77:10:58:da:fc:33:
6b:20:67:06:32:d9:69:8f:4a:e3:ff:ed:70:d1:43:5f:10:10:
71:5c:08:cc:85:e1:a2:e0:fc:25:d1:f0:1d:61:1d:5e:fd:76:
7c:ea:20:a1:93:ed:f4:91:e1:f1:9e:9e:f2:80:f4:73:12:fb:
a1:02:c5:c4:9d:f0:51:e8:f7:21:25:25:1b:27:45:a0:e0:c8:
bc:f2:97:21:1a:de:12:f6:ea:41:e5:6d:06:88:30:47:39:fd:
48:d1:57:70:3a:2d:a4:26:41:ff:6d:4c:c0:6b:52:07:90:64:
3a:0f:85:55:2c:30:56:90:1d:30:cc:f4:c7:fd:04:aa:c6:a8:
a7:78:b2:da:1a:6a:f0:a2:87:6b:1a:18:07:dd:df:38:37:30:
8d:af:93:c6:18:77:0d:a6:50:99:a7:f2:8b:c3:90:aa:f1:0e:
b5:02:4c:c2
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzCbWIMNRmOoas29dOQge2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZjNmZTYwNzUwODJiZThlNTg4MzI5YjQzZDc2MWJmNmU3
YjAxZDAwHhcNMjQwMTAxMDAyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk0MDhlYWI4MDFmNjFhZGQ1NDFkNGViNWRiN2QxMDE3NjlkZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6RaH/GsmS0y/FeOkKMAGhd+Kmo2x
NURLRvk51tftmsLLnCLMXOO9yoYOZuhcpz5bq0YgSKk86fL9GfyfPkL9lj4Ku1hG
qWaodIWuH6tq6yTCV32IgqzUcUtMoZ994QMVHZ3BHeBrtp/OccZXODBOzPN/1Vpl
XdUSALnu+EEzhcDJdSBx/b3BKjwdVJ4rClcSMP5kFIDqNZPWQRiwTKYkswxtRHw3
z/wlvsNuJiJd8cnP++846UpIdxQ3uddAlE87t4myOMOMsKda3goqytDzE1gXIn8v
GHshOGkt4qNnKwha7UhZNHu8VH+7oK/qt7YSr8JTAWvcbgCavVYerROhZwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLmUCOq4AfYa3VQdTrXbfRAXad9VMB8GA1UdIwQY
MBaAFAPz/mB1CCvo5Ygym0PXYb9uewHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMt
ODJkYWZlMTA0YmM1LzEvdVpRSTZyZ0I5aHJkVkIxT3RkdDlFQmRwMzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMtODJkYWZlMTA0YmM1
LzEvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAwxj1MCEE
AgACMBswEgMHACoSVUEAAQMHACoSVUEAAgMFACoSVUIwDQYJKoZIhvcNAQELBQAD
ggEBABv5+sZGIp5XAcP2aMdjB2z2u9rL+oGphve9ujPlScpnsjd0ddFrpq9E+ZJU
vGQhnqhB6lJRNtFPYD3K08NfAawgQLCjfEbMgVFMR20QeCDc2Zj6rncQWNr8M2sg
ZwYy2WmPSuP/7XDRQ18QEHFcCMyF4aLg/CXR8B1hHV79dnzqIKGT7fSR4fGenvKA
9HMS+6ECxcSd8FHo9yElJRsnRaDgyLzylyEa3hL26kHlbQaIMEc5/UjRV3A6LaQm
Qf9tTMBrUgeQZDoPhVUsMFaQHTDM9Mf9BKrGqKd4stoaavCih2saGAfd3zg3MI2v
k8YYdw2mUJmn8ovDkKrxDrUCTMI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org