Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/uUg234lhbvVfupl0N3B1sKeSnH0.roa
File: uUg234lhbvVfupl0N3B1sKeSnH0.roa (raw, json)
Hash identifier: o+bnthBJQaazflBH56JgM6bgOLTAgey2m9tzvGfy2Fk=
Subject key identifier: B9:48:36:DF:89:61:6E:F5:5F:BA:99:74:37:70:75:B0:A7:92:9C:7D
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 0192D74FB0B56E71686CE9CAA6DFE5AA8AD1
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/uUg234lhbvVfupl0N3B1sKeSnH0.roa
Signing time: Tue 29 Oct 2024 08:06:16 +0000
ROA not before: Tue 29 Oct 2024 08:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47164
IP address blocks: 212.231.81.0/24 maxlen: 24
212.231.82.0/24 maxlen: 24
212.231.83.0/24 maxlen: 24
212.231.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 07:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:4f:b0:b5:6e:71:68:6c:e9:ca:a6:df:e5:aa:8a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Oct 29 08:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b94836df89616ef55fba9974377075b0a7929c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4b:b1:94:2d:20:83:4b:cd:71:28:2f:aa:ec:
3f:55:89:ae:1c:17:97:28:46:e0:c3:9c:97:35:47:
42:50:39:73:28:1f:f7:5c:2a:f2:2e:c0:4a:e7:fe:
00:52:e9:68:2a:b5:24:be:76:28:82:da:1e:cc:30:
53:2b:14:d6:b0:48:33:36:f2:40:11:0d:4f:d2:96:
0a:0e:17:f6:f4:e6:46:f1:d1:78:87:40:8d:1f:de:
f0:20:09:32:0c:53:9a:42:06:51:1f:e9:9f:d9:55:
78:da:32:9a:31:f2:ba:ef:97:fc:ae:3d:b1:91:56:
9b:13:32:4a:ef:86:2e:2c:0d:c6:45:51:67:26:a1:
94:95:5a:11:9e:21:88:87:71:e6:c0:0b:89:b3:ee:
9e:a3:a8:65:a4:5d:c9:cb:41:b2:3d:6d:bf:9c:a3:
0c:65:11:5e:73:c5:d4:10:90:96:21:2c:6d:7c:96:
86:ed:3f:1d:b1:b3:8c:f2:f0:3f:2f:0d:d2:80:97:
1c:50:11:e8:0a:39:d1:58:5c:77:12:f9:33:db:f7:
35:07:06:50:1a:9a:db:d4:8c:32:8e:75:23:6e:0c:
8c:40:f1:5d:83:1d:8c:bd:2a:ff:1a:26:64:de:16:
9f:3d:cf:bb:c5:91:74:59:44:7d:89:68:32:0f:42:
dc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:48:36:DF:89:61:6E:F5:5F:BA:99:74:37:70:75:B0:A7:92:9C:7D
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/uUg234lhbvVfupl0N3B1sKeSnH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.231.81.0-212.231.83.255
212.231.85.0/24
Signature Algorithm: sha256WithRSAEncryption
25:4a:5f:4f:9d:f7:74:34:13:36:40:74:1b:b8:5d:9e:6f:a1:
26:48:84:47:2a:e8:49:76:64:e0:21:cb:ea:30:e8:5b:a8:09:
34:29:05:a6:a2:a3:96:06:eb:fd:c1:f3:ff:42:58:c8:d1:9f:
b6:3d:ec:20:ec:61:31:09:5b:93:7f:df:7e:14:59:1c:b4:26:
5b:f2:cc:83:76:c2:74:87:62:78:f4:ed:a1:c1:18:89:f1:7d:
d2:79:05:01:74:4a:e7:55:2d:47:05:8f:40:1b:8b:5f:82:9f:
44:c9:aa:92:cf:f5:c8:1a:11:2b:5b:ef:6c:0d:a1:69:20:9d:
98:ff:fb:e9:2c:9b:db:97:d2:b4:75:68:0b:07:50:58:dc:d3:
81:f9:16:1b:3e:13:50:15:d2:5a:dc:63:d0:2c:c3:d7:4e:ae:
80:ed:95:cf:d9:57:95:66:5a:dd:25:84:31:a6:a2:1e:2e:6c:
8c:68:a0:f7:91:82:f4:28:06:63:c5:86:97:3b:04:be:86:db:
3e:94:2c:da:59:e7:b1:e6:4d:df:09:10:bb:45:bd:97:48:15:
95:09:22:79:30:69:7d:7f:02:f5:1e:32:1d:59:74:38:b9:3c:
77:61:ba:a6:9e:ea:da:69:a3:5f:f7:bf:68:d2:60:ec:be:2d:
7d:c0:02:34
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZLXT7C1bnFobOnKpt/lqorRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjQxMDI5MDgwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTQ4MzZkZjg5NjE2ZWY1NWZiYTk5NzQzNzcwNzViMGE3OTI5YzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0uxlC0gg0vNcSgvquw/VYmuHBeX
KEbgw5yXNUdCUDlzKB/3XCryLsBK5/4AUuloKrUkvnYogtoezDBTKxTWsEgzNvJA
EQ1P0pYKDhf29OZG8dF4h0CNH97wIAkyDFOaQgZRH+mf2VV42jKaMfK675f8rj2x
kVabEzJK74YuLA3GRVFnJqGUlVoRniGIh3HmwAuJs+6eo6hlpF3Jy0GyPW2/nKMM
ZRFec8XUEJCWISxtfJaG7T8dsbOM8vA/Lw3SgJccUBHoCjnRWFx3Evkz2/c1BwZQ
Gprb1IwyjnUjbgyMQPFdgx2MvSr/GiZk3hafPc+7xZF0WUR9iWgyD0LcTwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLlINt+JYW71X7qZdDdwdbCnkpx9MB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvdVVnMjM0bGhidlZmdXBsME4zQjFzS2VTbkgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADU51ED
BALU51ADBADU51UwDQYJKoZIhvcNAQELBQADggEBACVKX0+d93Q0EzZAdBu4XZ5v
oSZIhEcq6El2ZOAhy+ow6FuoCTQpBaaio5YG6/3B8/9CWMjRn7Y97CDsYTEJW5N/
334UWRy0JlvyzIN2wnSHYnj07aHBGInxfdJ5BQF0SudVLUcFj0Abi1+Cn0TJqpLP
9cgaEStb72wNoWkgnZj/++ksm9uX0rR1aAsHUFjc04H5Fhs+E1AV0lrcY9Asw9dO
roDtlc/ZV5VmWt0lhDGmoh4ubIxooPeRgvQoBmPFhpc7BL6G2z6ULNpZ57HmTd8J
ELtFvZdIFZUJInkwaX1/AvUeMh1ZdDi5PHdhuqae6tppo1/3v2jSYOy+LX3AAjQ=
-----END CERTIFICATE-----
Generated at Tue Nov 12 08:31:08 2024 by rpki-client on console-fra.rpki-client.org