Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/0UtTfe0EGrNDncpL2RZrWyfTVJU.roa
File: 0UtTfe0EGrNDncpL2RZrWyfTVJU.roa (raw, json)
Hash identifier: iQMDFvnsm4yuF3kfpSbkKOX9+0kIjv6+mBurzDHZPdU=
Subject key identifier: D1:4B:53:7D:ED:04:1A:B3:43:9D:CA:4B:D9:16:6B:5B:27:D3:54:95
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DE0EDFF4E531C0114BAA273DFEF2E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/0UtTfe0EGrNDncpL2RZrWyfTVJU.roa
Signing time: Mon 01 Jan 2024 14:29:21 +0000
ROA not before: Mon 01 Jan 2024 14:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24866
IP address blocks: 178.177.40.0/24 maxlen: 24
178.177.49.0/24 maxlen: 24
178.176.227.0/24 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 12:22:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e0:ed:ff:4e:53:1c:01:14:ba:a2:73:df:ef:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d14b537ded041ab3439dca4bd9166b5b27d35495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:51:13:d7:00:1d:f1:33:06:79:5b:3d:da:a9:
ef:0f:6f:2f:53:f5:cd:fe:89:f8:9d:c9:6d:8a:44:
a5:f0:ab:7d:3a:82:8e:06:de:58:5a:ca:57:6d:1d:
46:5f:e5:d4:15:84:47:db:7a:fb:83:63:e1:a0:ea:
f0:cf:cf:38:a1:03:37:3b:94:5e:4e:e4:51:54:bd:
30:84:b5:37:8a:7b:8c:fb:95:28:e8:46:a2:d1:d7:
af:e0:5f:90:37:d5:a4:d0:18:88:a2:f5:3c:32:87:
10:84:41:c6:75:74:00:54:de:b6:f3:36:c4:c4:f0:
51:e9:ca:0d:ee:1e:c0:5a:ec:ec:ba:58:a2:ce:17:
ee:c3:ae:7d:aa:26:b8:ea:89:9b:99:85:ea:fd:82:
10:0f:86:08:39:55:30:0d:84:ec:74:44:a3:3c:b7:
23:91:f8:37:4d:e0:31:05:1c:b4:a5:5a:6c:6a:b5:
e4:81:ea:75:f9:e9:13:6e:1c:fa:66:1e:0a:64:a8:
29:52:f3:70:a8:21:dc:f2:66:4d:5f:3a:64:c0:11:
86:a6:99:b0:23:c4:79:75:34:4b:be:40:c4:47:d5:
db:ed:3d:40:2a:a3:73:8f:dc:44:bc:1b:2a:67:45:
db:a4:9a:27:52:79:39:5d:ec:4f:b9:7e:ea:0b:79:
48:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4B:53:7D:ED:04:1A:B3:43:9D:CA:4B:D9:16:6B:5B:27:D3:54:95
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/0UtTfe0EGrNDncpL2RZrWyfTVJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.176.227.0-178.176.229.255
178.177.40.0/24
178.177.49.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e1:a4:d6:65:07:6b:c9:54:49:32:99:eb:15:e6:c0:cc:5d:
42:8e:ce:62:a2:9a:4b:9f:32:7a:06:a0:ac:b5:2a:55:c6:c0:
e2:42:ab:cd:45:86:a1:ad:e8:2d:70:57:e1:53:69:fe:6c:0c:
24:16:a4:73:9b:d8:87:97:ca:0e:f7:44:65:00:0a:d7:d0:cf:
a3:07:b1:7a:b1:49:26:bc:bc:66:7f:e7:8f:04:1d:e7:fd:21:
c2:1e:c2:94:46:36:3e:4a:aa:dc:dc:15:05:c0:15:8a:f2:5e:
5f:aa:21:f3:1f:87:96:fe:9e:5b:56:29:94:ad:65:e9:8b:29:
49:55:9d:2b:7a:b6:45:36:7b:0a:75:02:d4:36:44:fc:2a:22:
ae:04:59:43:30:2c:c7:88:02:b1:b6:5b:12:0c:21:ba:5e:b5:
95:f7:3c:76:a3:b9:89:03:a9:ae:07:eb:10:52:e6:ef:ce:b0:
b7:1f:7b:b8:63:e5:84:0d:cf:18:f1:ba:10:d9:da:15:b8:07:
cd:38:f4:aa:27:e0:6b:a8:ab:ce:c9:5b:85:3c:b4:ae:93:cd:
d7:8d:1b:c3:07:fa:50:46:45:35:d2:42:5d:55:80:7f:b0:4e:
8f:d6:45:be:cc:03:70:0d:2d:9d:38:cb:16:77:72:37:7d:bd:
59:e6:3e:f4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbeDt/05THAEUuqJz3+8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRiNTM3ZGVkMDQxYWIzNDM5ZGNhNGJkOTE2NmI1YjI3ZDM1NDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFET1wAd8TMGeVs92qnvD28vU/XN
/on4ncltikSl8Kt9OoKOBt5YWspXbR1GX+XUFYRH23r7g2PhoOrwz884oQM3O5Re
TuRRVL0whLU3inuM+5Uo6Eai0dev4F+QN9Wk0BiIovU8MocQhEHGdXQAVN628zbE
xPBR6coN7h7AWuzsuliizhfuw659qia46ombmYXq/YIQD4YIOVUwDYTsdESjPLcj
kfg3TeAxBRy0pVpsarXkgep1+ekTbhz6Zh4KZKgpUvNwqCHc8mZNXzpkwBGGppmw
I8R5dTRLvkDER9Xb7T1AKqNzj9xEvBsqZ0XbpJonUnk5XexPuX7qC3lIkwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNFLU33tBBqzQ53KS9kWa1sn01SVMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMFV0VGZlMEVHck5EbmNwTDJSWnJXeWZUVkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACysOMD
BAGysOQDBACysSgDBACysTEwDQYJKoZIhvcNAQELBQADggEBAEHhpNZlB2vJVEky
mesV5sDMXUKOzmKimkufMnoGoKy1KlXGwOJCq81FhqGt6C1wV+FTaf5sDCQWpHOb
2IeXyg73RGUACtfQz6MHsXqxSSa8vGZ/548EHef9IcIewpRGNj5KqtzcFQXAFYry
Xl+qIfMfh5b+nltWKZStZemLKUlVnSt6tkU2ewp1AtQ2RPwqIq4EWUMwLMeIArG2
WxIMIbpetZX3PHajuYkDqa4H6xBS5u/OsLcfe7hj5YQNzxjxuhDZ2hW4B8049Kon
4Guoq87JW4U8tK6TzdeNG8MH+lBGRTXSQl1VgH+wTo/WRb7MA3ANLZ04yxZ3cjd9
vVnmPvQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:08 2025 by rpki-client