Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/uQ84OjfWymLhhXSjPJE0HdM5Edo.roa
File: uQ84OjfWymLhhXSjPJE0HdM5Edo.roa (raw, json)
Hash identifier: BKcmoZ4tD4ick2qhMB3PZ78y5jEeGU8XFql3VZxR6U8=
Subject key identifier: B9:0F:38:3A:37:D6:CA:62:E1:85:74:A3:3C:91:34:1D:D3:39:11:DA
Certificate issuer: /CN=abc2de820e02f3c3f86e5b8c9c49ddc49325123f
Certificate serial: 018CC424B5D568D3B0698A58D0C94323D9A9
Authority key identifier: AB:C2:DE:82:0E:02:F3:C3:F8:6E:5B:8C:9C:49:DD:C4:93:25:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8Legg4C88P4bluMnEndxJMlEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/uQ84OjfWymLhhXSjPJE0HdM5Edo.roa
Signing time: Mon 01 Jan 2024 08:29:49 +0000
ROA not before: Mon 01 Jan 2024 08:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201072
IP address blocks: 193.57.185.0/24 maxlen: 24
193.57.186.0/24 maxlen: 24
193.57.189.0/24 maxlen: 24
193.57.188.0/24 maxlen: 24
193.57.187.0/24 maxlen: 24
193.57.190.0/24 maxlen: 24
193.57.199.0/24 maxlen: 24
193.57.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:b5:d5:68:d3:b0:69:8a:58:d0:c9:43:23:d9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc2de820e02f3c3f86e5b8c9c49ddc49325123f
Validity
Not Before: Jan 1 08:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b90f383a37d6ca62e18574a33c91341dd33911da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4a:fc:fa:78:02:11:4e:58:4b:db:ec:c3:e6:
73:89:5d:70:46:b3:10:c6:65:78:96:bc:bd:e8:fc:
32:9b:27:6a:2f:fc:35:d2:b5:2d:c2:df:d8:b5:49:
23:ac:a0:eb:70:25:33:3d:1c:8b:ef:05:7d:a0:4b:
05:b0:ca:73:78:ac:91:a6:fd:5e:5c:b0:ff:5a:6b:
17:83:7f:f9:f8:72:a6:94:35:42:3e:38:28:2c:be:
51:75:7b:d8:71:1f:de:5e:35:14:b8:8b:33:7f:1f:
e8:75:43:b6:99:91:fe:28:30:10:72:be:fb:0d:bd:
aa:90:3b:a4:d8:db:10:81:21:89:3a:d3:3c:de:65:
ba:68:05:da:40:59:d8:39:ef:9d:97:6c:39:7b:fe:
54:8c:a3:71:80:c7:33:24:c9:16:a7:ab:dd:fa:16:
0f:90:d1:13:55:bc:9b:23:45:8b:40:4e:21:54:d4:
a8:72:eb:b9:b3:73:8a:89:e4:bc:77:a9:e3:ad:37:
01:f0:0a:a5:03:99:1d:55:5c:6f:4a:7a:e0:ea:eb:
a1:b7:db:16:01:ab:83:46:59:41:23:2c:ac:62:8d:
8b:8f:32:b7:d4:dc:14:cb:c5:26:8a:b7:7b:09:2b:
e9:b7:8a:f4:56:12:4f:c4:9c:20:17:fa:07:83:67:
a4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:0F:38:3A:37:D6:CA:62:E1:85:74:A3:3C:91:34:1D:D3:39:11:DA
X509v3 Authority Key Identifier:
keyid:AB:C2:DE:82:0E:02:F3:C3:F8:6E:5B:8C:9C:49:DD:C4:93:25:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8Legg4C88P4bluMnEndxJMlEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/uQ84OjfWymLhhXSjPJE0HdM5Edo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/56748e-c297-4de7-8e96-89783317ea29/1/q8Legg4C88P4bluMnEndxJMlEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.185.0-193.57.190.255
193.57.199.0/24
193.57.204.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f2:52:07:33:e2:08:6c:b1:f5:94:74:6e:d3:4b:fb:5e:25:
2d:4f:84:fb:18:4b:f8:1e:cf:e3:98:6c:e8:c8:dc:b2:22:2c:
66:0f:db:4f:40:25:da:d7:e4:13:5c:65:72:7b:91:23:55:1a:
1b:de:ee:58:80:96:00:39:7a:45:cf:90:30:9b:eb:00:01:af:
d4:67:01:fe:29:bc:8f:d7:72:76:63:d5:55:94:2d:ca:92:9b:
1f:79:b0:07:95:68:10:5e:5c:68:d8:db:1c:64:74:26:88:b1:
73:53:49:bf:09:4b:82:95:5d:85:b7:6b:b9:bc:ca:5e:5d:4d:
6d:d9:ee:2f:60:02:64:dd:0a:65:a8:58:98:d7:b7:be:f3:e4:
b5:8d:ea:96:96:64:5d:7f:47:8c:28:b6:31:a2:16:28:49:4d:
dc:d2:cf:c2:6f:42:69:c9:12:be:d5:db:0b:b1:6b:16:b4:82:
84:42:72:ca:4e:7f:48:6d:a1:f0:49:38:ee:e0:70:fd:e5:00:
2f:94:3f:88:04:24:1b:65:e3:31:e5:ec:36:56:e3:2d:88:d0:
e4:49:7e:b6:b2:fe:70:70:3e:60:1c:09:cf:66:ca:0b:a2:f9:
28:f1:f9:fd:84:44:1d:15:87:17:7c:53:88:cd:bd:f8:4e:c9:
81:e7:f8:f3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEJLXVaNOwaYpY0MlDI9mpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzJkZTgyMGUwMmYzYzNmODZlNWI4YzljNDlkZGM0OTMy
NTEyM2YwHhcNMjQwMTAxMDgyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTBmMzgzYTM3ZDZjYTYyZTE4NTc0YTMzYzkxMzQxZGQzMzkxMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEr8+ngCEU5YS9vsw+ZziV1wRrMQ
xmV4lry96PwymydqL/w10rUtwt/YtUkjrKDrcCUzPRyL7wV9oEsFsMpzeKyRpv1e
XLD/WmsXg3/5+HKmlDVCPjgoLL5RdXvYcR/eXjUUuIszfx/odUO2mZH+KDAQcr77
Db2qkDuk2NsQgSGJOtM83mW6aAXaQFnYOe+dl2w5e/5UjKNxgMczJMkWp6vd+hYP
kNETVbybI0WLQE4hVNSocuu5s3OKieS8d6njrTcB8AqlA5kdVVxvSnrg6uuht9sW
AauDRllBIyysYo2LjzK31NwUy8Umird7CSvpt4r0VhJPxJwgF/oHg2ekNQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLkPODo31spi4YV0ozyRNB3TORHaMB8GA1UdIwQY
MBaAFKvC3oIOAvPD+G5bjJxJ3cSTJRI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThMZWdnNEM4OFA0Ymx1TW5FbmR4Sk1sRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81Njc0OGUtYzI5Ny00ZGU3LThlOTYt
ODk3ODMzMTdlYTI5LzEvdVE4NE9qZld5bUxoaFhTalBKRTBIZE01RWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81Njc0OGUtYzI5Ny00ZGU3LThlOTYtODk3ODMzMTdlYTI5
LzEvcThMZWdnNEM4OFA0Ymx1TW5FbmR4Sk1sRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADBObkD
BADBOb4DBADBOccDBADBOcwwDQYJKoZIhvcNAQELBQADggEBACTyUgcz4ghssfWU
dG7TS/teJS1PhPsYS/gez+OYbOjI3LIiLGYP209AJdrX5BNcZXJ7kSNVGhve7liA
lgA5ekXPkDCb6wABr9RnAf4pvI/XcnZj1VWULcqSmx95sAeVaBBeXGjY2xxkdCaI
sXNTSb8JS4KVXYW3a7m8yl5dTW3Z7i9gAmTdCmWoWJjXt77z5LWN6paWZF1/R4wo
tjGiFihJTdzSz8JvQmnJEr7V2wuxaxa0goRCcspOf0htofBJOO7gcP3lAC+UP4gE
JBtl4zHl7DZW4y2I0ORJfray/nBwPmAcCc9mygui+Sjx+f2ERB0Vhxd8U4jNvfhO
yYHn+PM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:54 2025 by rpki-client