Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/UGd9ilc-NRlPTbA2I4ZZUSNZJi4.roa
File: UGd9ilc-NRlPTbA2I4ZZUSNZJi4.roa (raw, json)
Hash identifier: 0msFgb4Le6g04Qo/YVsWea/FPlX/MEkwJ/wBmerPAvc=
Subject key identifier: 50:67:7D:8A:57:3E:35:19:4F:4D:B0:36:23:86:59:51:23:59:26:2E
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 018CC34963FF3C19CFDA2291D294CF3195B2
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/UGd9ilc-NRlPTbA2I4ZZUSNZJi4.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198382
IP address blocks: 185.123.81.0/24 maxlen: 24
212.84.64.0/21 maxlen: 24
212.84.72.0/21 maxlen: 24
212.84.80.0/21 maxlen: 24
212.84.88.0/21 maxlen: 24
2a00:14a0:6::/48 maxlen: 48
2a00:14a0:1::/48 maxlen: 48
2a00:14a0::/29 maxlen: 48
2a00:14a0:5::/48 maxlen: 48
2a00:14a0::/48 maxlen: 48
2a00:14a0:3::/48 maxlen: 48
2a00:14a0:9::/48 maxlen: 48
2a00:14a0:4::/48 maxlen: 48
2a00:14a0:7::/48 maxlen: 48
2a00:14a0:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:63:ff:3c:19:cf:da:22:91:d2:94:cf:31:95:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50677d8a573e35194f4db036238659512359262e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9b:1a:0e:af:e9:73:22:e4:c6:0e:a9:3b:b8:
07:71:6a:88:80:0c:2f:46:1a:54:53:c2:82:ba:75:
bc:d9:2f:d8:cc:9f:4f:8e:6a:9f:e6:6e:82:60:74:
50:b9:a1:40:87:d5:c9:c0:7f:03:21:84:89:39:99:
32:d1:a6:38:fc:b7:41:cd:51:bb:fa:2c:6c:97:70:
87:70:46:45:e1:22:c3:a8:95:84:c8:10:98:5e:16:
8a:0f:ff:3a:ff:c3:f9:0e:be:e3:b3:c7:af:73:1b:
59:2e:85:a0:bd:35:f7:a4:1b:cb:41:d4:f2:c0:e2:
84:89:d1:83:d5:d2:26:39:a8:9c:29:87:77:c2:9e:
59:6a:70:41:31:68:b0:1b:cd:19:5c:fb:5e:bf:35:
8e:d4:35:9c:f4:7a:c9:5f:d8:6b:50:20:b7:d2:bd:
0c:64:49:ac:e2:81:6d:3c:96:17:3c:f4:a9:d2:41:
6d:de:db:d0:a4:9e:07:6e:08:a3:26:af:df:b6:4f:
c7:b9:21:48:aa:22:08:a6:8f:ae:d4:44:a6:6b:62:
57:eb:d0:e4:ff:1e:7b:b1:e4:d5:38:a3:a9:99:4a:
2e:62:dc:eb:58:89:42:0b:90:1c:15:6c:85:e0:5a:
de:1f:da:d0:d7:b4:e7:77:7f:a8:10:24:9e:30:67:
f6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:67:7D:8A:57:3E:35:19:4F:4D:B0:36:23:86:59:51:23:59:26:2E
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/UGd9ilc-NRlPTbA2I4ZZUSNZJi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.81.0/24
212.84.64.0/19
IPv6:
2a00:14a0::/29
Signature Algorithm: sha256WithRSAEncryption
28:34:61:26:91:b1:af:c8:96:91:da:2c:e7:b0:f7:e9:17:f7:
c2:0e:f1:5c:1f:dd:19:83:7a:93:1f:0c:1f:40:2b:52:93:2f:
8a:89:6e:e6:24:5b:3a:83:d5:c7:ce:b2:2d:77:e2:68:4f:db:
12:2f:67:ce:96:35:66:57:49:c2:c3:40:81:2c:6d:ad:a7:e5:
7e:d4:8d:8d:53:ce:80:9f:35:d5:93:a8:1b:25:2c:14:4e:0a:
a9:6f:45:c1:45:f2:10:d0:88:f0:f6:56:69:80:ca:34:38:7c:
a0:d9:1a:41:23:2a:37:8a:8b:1e:d8:91:a4:0c:d6:00:72:f9:
5a:84:93:9f:53:70:6f:51:95:77:7e:14:54:db:00:d7:ef:fd:
97:c3:43:6f:4d:0a:ad:73:dd:f2:52:ee:9c:cf:df:be:09:a9:
fa:53:06:f0:e6:9b:be:e3:3b:58:03:16:9a:3c:74:1f:9e:f2:
b4:4d:a8:15:40:12:d3:ae:9d:e6:f9:fd:b0:b4:28:68:4c:87:
e8:6a:58:c0:a8:8f:1f:b7:bc:55:01:48:66:fd:ad:75:14:de:
2e:da:d2:9b:54:85:79:c6:34:53:66:0d:2a:0e:dc:b2:ab:f3:
41:b4:84:80:c8:a2:1c:6d:c5:6a:35:ff:e6:54:39:76:47:10:
dc:f9:04:aa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSWP/PBnP2iKR0pTPMZWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDY3N2Q4YTU3M2UzNTE5NGY0ZGIwMzYyMzg2NTk1MTIzNTkyNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJsaDq/pcyLkxg6pO7gHcWqIgAwv
RhpUU8KCunW82S/YzJ9Pjmqf5m6CYHRQuaFAh9XJwH8DIYSJOZky0aY4/LdBzVG7
+ixsl3CHcEZF4SLDqJWEyBCYXhaKD/86/8P5Dr7js8evcxtZLoWgvTX3pBvLQdTy
wOKEidGD1dImOaicKYd3wp5ZanBBMWiwG80ZXPtevzWO1DWc9HrJX9hrUCC30r0M
ZEms4oFtPJYXPPSp0kFt3tvQpJ4HbgijJq/ftk/HuSFIqiIIpo+u1ESma2JX69Dk
/x57seTVOKOpmUouYtzrWIlCC5AcFWyF4FreH9rQ17Tnd3+oECSeMGf2BQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFBnfYpXPjUZT02wNiOGWVEjWSYuMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvVUdkOWlsYy1OUmxQVGJBMkk0WlpVU05aSmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuXtRAwQF
1FRAMA0EAgACMAcDBQMqABSgMA0GCSqGSIb3DQEBCwUAA4IBAQAoNGEmkbGvyJaR
2iznsPfpF/fCDvFcH90Zg3qTHwwfQCtSky+KiW7mJFs6g9XHzrItd+JoT9sSL2fO
ljVmV0nCw0CBLG2tp+V+1I2NU86AnzXVk6gbJSwUTgqpb0XBRfIQ0Ijw9lZpgMo0
OHyg2RpBIyo3iose2JGkDNYAcvlahJOfU3BvUZV3fhRU2wDX7/2Xw0NvTQqtc93y
Uu6cz9++Can6Uwbw5pu+4ztYAxaaPHQfnvK0TagVQBLTrp3m+f2wtChoTIfoaljA
qI8ft7xVAUhm/a11FN4u2tKbVIV5xjRTZg0qDtyyq/NBtISAyKIcbcVqNf/mVDl2
RxDc+QSq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:51 2025 by rpki-client