Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/UvaEgfYXoj8gCTB3lwsJpDOydeQ.roa
File: UvaEgfYXoj8gCTB3lwsJpDOydeQ.roa (raw, json)
Hash identifier: 08TY9RRrzbEW6CgrZtDBLm4qjhJBJ/fFcONQlVZxrrM=
Subject key identifier: 52:F6:84:81:F6:17:A2:3F:20:09:30:77:97:0B:09:A4:33:B2:75:E4
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0192FFCD0D948CE253AD8E881CFE6B80B7B0
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/UvaEgfYXoj8gCTB3lwsJpDOydeQ.roa
Signing time: Wed 06 Nov 2024 04:48:01 +0000
ROA not before: Wed 06 Nov 2024 04:48:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 45.67.140.0/24 maxlen: 24
94.154.180.0/23 maxlen: 23
185.230.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ff:cd:0d:94:8c:e2:53:ad:8e:88:1c:fe:6b:80:b7:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 6 04:48:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52f68481f617a23f20093077970b09a433b275e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1d:0f:67:f6:1c:26:86:9a:68:7f:d9:0f:9f:
52:ae:f1:27:32:76:94:46:03:b9:81:99:1d:18:47:
51:61:ca:30:5f:d3:3e:97:24:a1:c8:78:5f:cb:5b:
34:87:58:bf:13:5f:6f:5c:0e:43:3e:9f:38:36:ab:
4d:0b:73:78:06:77:66:7f:58:f8:41:1c:57:43:3b:
6e:62:d7:20:b1:5e:6c:9c:72:c7:9b:cb:f1:f3:31:
8d:28:14:29:6e:a0:d9:62:57:fb:ec:bd:8e:ea:50:
85:94:b2:55:84:60:59:4f:1d:63:82:61:0b:59:dc:
f5:94:d0:b4:63:c2:45:07:a3:4c:46:12:88:f2:c7:
2a:1a:84:6a:c2:15:bb:70:03:27:35:f7:53:80:f4:
03:7e:50:bb:3e:06:c6:64:72:1c:e2:36:96:32:32:
04:99:79:4b:d3:6b:c8:5e:fd:94:e4:ee:de:8c:30:
59:05:60:4a:3b:32:88:1b:d9:b7:b1:56:a2:02:b0:
45:16:b9:3e:d6:dd:b3:51:e2:13:1d:6b:de:62:f1:
cc:f1:96:27:4a:f4:5f:e0:81:93:e2:64:8b:65:5a:
2e:14:a5:49:67:93:00:b3:7c:0b:c2:4b:a2:88:ac:
a2:f9:66:73:be:ac:00:de:3f:71:b9:50:e6:25:61:
60:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F6:84:81:F6:17:A2:3F:20:09:30:77:97:0B:09:A4:33:B2:75:E4
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/UvaEgfYXoj8gCTB3lwsJpDOydeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.140.0/24
94.154.180.0/23
185.230.122.0/24
Signature Algorithm: sha256WithRSAEncryption
05:85:0d:e3:f7:b6:62:04:42:c4:ee:b2:9c:b9:e0:d5:f4:c5:
b2:c5:da:7c:79:73:fa:4c:1c:f0:22:b0:3c:df:a4:ac:d6:55:
02:63:0c:56:d4:77:65:eb:67:6e:07:79:b3:81:93:75:c5:02:
99:43:af:e3:f4:88:73:35:68:4b:63:09:dc:64:a2:21:75:67:
9b:15:a0:a5:92:05:79:aa:72:82:5f:e5:32:bc:de:18:dc:30:
65:39:60:9a:f7:14:e1:30:39:88:cf:4e:91:be:42:61:02:45:
3d:4d:10:ac:81:a5:c6:43:94:ef:59:37:28:27:ed:17:9e:21:
e1:9c:25:d5:61:91:72:b7:32:60:e4:e8:9b:84:0d:a6:69:7a:
33:ed:ae:09:86:8d:69:c0:01:86:2c:d4:8c:c9:c5:84:6a:fe:
9d:6b:00:e1:44:98:7a:ab:01:76:5f:41:39:e2:78:c4:24:05:
17:bd:f7:e3:6b:ba:ab:79:8a:bb:a7:e5:be:5a:14:1e:42:aa:
a8:9c:9d:17:6b:53:08:02:08:8d:40:91:ae:38:8c:54:ad:46:
60:0e:3f:b2:f7:22:aa:3e:60:7f:16:ab:65:68:79:8c:7c:e8:
99:2a:0e:28:92:02:88:c9:b5:17:87:37:c9:54:a5:90:4e:dc:
e4:68:ad:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZL/zQ2UjOJTrY6IHP5rgLewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQxMTA2MDQ0ODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmY2ODQ4MWY2MTdhMjNmMjAwOTMwNzc5NzBiMDlhNDMzYjI3NWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR0PZ/YcJoaaaH/ZD59SrvEnMnaU
RgO5gZkdGEdRYcowX9M+lyShyHhfy1s0h1i/E19vXA5DPp84NqtNC3N4Bndmf1j4
QRxXQztuYtcgsV5snHLHm8vx8zGNKBQpbqDZYlf77L2O6lCFlLJVhGBZTx1jgmEL
Wdz1lNC0Y8JFB6NMRhKI8scqGoRqwhW7cAMnNfdTgPQDflC7PgbGZHIc4jaWMjIE
mXlL02vIXv2U5O7ejDBZBWBKOzKIG9m3sVaiArBFFrk+1t2zUeITHWveYvHM8ZYn
SvRf4IGT4mSLZVouFKVJZ5MAs3wLwkuiiKyi+WZzvqwA3j9xuVDmJWFggwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFL2hIH2F6I/IAkwd5cLCaQzsnXkMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvVXZhRWdmWVhvajhnQ1RCM2x3c0pwRE95ZGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUOMAwQB
Xpq0AwQAueZ6MA0GCSqGSIb3DQEBCwUAA4IBAQAFhQ3j97ZiBELE7rKcueDV9MWy
xdp8eXP6TBzwIrA836Ss1lUCYwxW1Hdl62duB3mzgZN1xQKZQ6/j9IhzNWhLYwnc
ZKIhdWebFaClkgV5qnKCX+UyvN4Y3DBlOWCa9xThMDmIz06RvkJhAkU9TRCsgaXG
Q5TvWTcoJ+0XniHhnCXVYZFytzJg5OibhA2maXoz7a4Jho1pwAGGLNSMycWEav6d
awDhRJh6qwF2X0E54njEJAUXvffja7qreYq7p+W+WhQeQqqonJ0Xa1MIAgiNQJGu
OIxUrUZgDj+y9yKqPmB/FqtlaHmMfOiZKg4okgKIybUXhzfJVKWQTtzkaK2r
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:05:37 2025 by rpki-client