Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/UicACP-LWFKIY87je4qotSXW8ug.roa
File: UicACP-LWFKIY87je4qotSXW8ug.roa (raw, json)
Hash identifier: yO8QtDPoejUFF7jVpXr4ws+JP+y8ga0i2A7uFWI43jk=
Subject key identifier: 52:27:00:08:FF:8B:58:52:88:63:CE:E3:7B:8A:A8:B5:25:D6:F2:E8
Certificate issuer: /CN=ad367bc19f066996490a206674c8da8f5ed2cd0e
Certificate serial: 018CC9BBD60EF1F92398127E9C2B98C666CC
Authority key identifier: AD:36:7B:C1:9F:06:69:96:49:0A:20:66:74:C8:DA:8F:5E:D2:CD:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/UicACP-LWFKIY87je4qotSXW8ug.roa
Signing time: Tue 02 Jan 2024 10:32:59 +0000
ROA not before: Tue 02 Jan 2024 10:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56322
IP address blocks: 185.163.204.0/24 maxlen: 24
91.219.236.0/24 maxlen: 24
91.219.237.0/24 maxlen: 24
91.219.238.0/24 maxlen: 24
91.219.236.0/22 maxlen: 22
91.219.239.0/24 maxlen: 24
2a10:c800:1::/48 maxlen: 48
2a10:c800::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 18:57:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:d6:0e:f1:f9:23:98:12:7e:9c:2b:98:c6:66:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad367bc19f066996490a206674c8da8f5ed2cd0e
Validity
Not Before: Jan 2 10:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52270008ff8b58528863cee37b8aa8b525d6f2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:07:d2:a9:91:03:7d:d1:7c:b8:96:08:d1:
bf:34:c1:a4:e6:5c:9d:bc:8e:71:c0:71:46:c9:fe:
99:a4:0e:68:1f:bb:77:77:0c:ba:b6:f1:e7:4f:25:
fc:55:c0:5b:30:50:bf:46:80:5e:45:6f:5e:9c:e1:
df:99:e0:5f:c4:e5:91:45:0b:14:d2:8e:73:2d:7e:
06:5c:07:1e:fc:32:17:f7:04:2b:c5:42:2c:25:a2:
e0:0a:81:8e:b6:81:e9:ef:7e:60:56:93:82:79:eb:
4c:98:8e:da:58:96:ad:8e:4a:29:ab:6d:08:2a:7b:
9e:08:26:07:45:c7:a9:e7:0b:07:89:d4:fb:e1:8e:
c8:38:e6:f8:90:3d:74:c8:fc:d3:2f:6d:02:ba:5b:
bb:24:8a:dd:a5:d3:b4:30:77:86:2f:3b:ae:16:10:
97:2f:99:19:35:f1:94:59:c6:fd:86:11:c1:33:b3:
59:5d:0b:89:ff:ac:8b:18:5d:10:da:78:26:54:51:
02:51:d7:51:9d:14:7f:33:44:f9:c2:ff:3f:0f:4d:
f1:45:0c:8a:f8:81:7a:44:ef:66:d4:27:3c:e7:70:
9d:ac:20:29:bb:65:9c:c5:13:1e:32:c7:67:9a:e1:
c4:0f:89:e7:17:99:ff:5f:a4:ae:31:42:ff:26:9e:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:27:00:08:FF:8B:58:52:88:63:CE:E3:7B:8A:A8:B5:25:D6:F2:E8
X509v3 Authority Key Identifier:
keyid:AD:36:7B:C1:9F:06:69:96:49:0A:20:66:74:C8:DA:8F:5E:D2:CD:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/UicACP-LWFKIY87je4qotSXW8ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.236.0/22
185.163.204.0/24
IPv6:
2a10:c800::/47
Signature Algorithm: sha256WithRSAEncryption
6c:80:be:5f:fa:6d:85:96:d2:6b:c2:ad:fc:cc:84:05:72:c4:
39:9f:9d:2c:cf:72:95:d7:6a:37:69:62:a3:06:9a:a5:23:f8:
fa:bc:d3:c0:e0:53:a7:bb:06:79:ce:b1:64:5e:d2:6d:f5:77:
eb:c3:40:c1:b4:58:1f:a2:3f:71:a3:48:68:16:cc:68:7d:13:
19:15:12:04:44:1d:b0:1a:b4:26:84:fd:1a:f2:aa:a4:bd:92:
69:c8:e6:7b:61:44:18:2e:2d:db:c2:f4:aa:51:99:36:02:34:
2f:44:d7:af:64:3a:e5:61:83:86:02:61:17:84:4e:55:2a:79:
98:fc:8a:34:f9:15:3a:37:38:b8:36:df:cd:02:07:26:f3:54:
75:80:41:f6:d5:ed:c0:93:46:a3:cd:18:17:91:36:72:5a:17:
2c:22:84:12:64:59:3f:77:f4:08:17:28:d7:81:0c:e5:7e:04:
57:7f:26:86:2c:49:42:62:97:0c:f7:1e:dd:f7:2e:64:72:77:
5a:e7:2f:d6:13:c6:96:7b:2e:35:06:ab:0d:43:0c:db:f3:c6:
dc:d4:82:b5:6c:16:91:b1:14:d6:70:14:bf:b0:30:cf:c5:66:
31:f2:08:1c:01:92:ef:ad:ae:91:72:d5:0e:30:04:35:bd:f4:
c1:16:35:40
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJu9YO8fkjmBJ+nCuYxmbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzY3YmMxOWYwNjY5OTY0OTBhMjA2Njc0YzhkYThmNWVk
MmNkMGUwHhcNMjQwMTAyMTAzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjI3MDAwOGZmOGI1ODUyODg2M2NlZTM3YjhhYThiNTI1ZDZmMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7kH0qmRA33RfLiWCNG/NMGk5lyd
vI5xwHFGyf6ZpA5oH7t3dwy6tvHnTyX8VcBbMFC/RoBeRW9enOHfmeBfxOWRRQsU
0o5zLX4GXAce/DIX9wQrxUIsJaLgCoGOtoHp735gVpOCeetMmI7aWJatjkopq20I
KnueCCYHRcep5wsHidT74Y7IOOb4kD10yPzTL20Culu7JIrdpdO0MHeGLzuuFhCX
L5kZNfGUWcb9hhHBM7NZXQuJ/6yLGF0Q2ngmVFECUddRnRR/M0T5wv8/D03xRQyK
+IF6RO9m1Cc853CdrCApu2WcxRMeMsdnmuHED4nnF5n/X6SuMUL/Jp7ZmQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFInAAj/i1hSiGPO43uKqLUl1vLoMB8GA1UdIwQY
MBaAFK02e8GfBmmWSQogZnTI2o9e0s0OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclRaN3daOEdhWlpKQ2lCbWRNamFqMTdTelE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zY2M4NDgtNzg2MS00Y2UxLTg3MGQt
ODRiNjdiNDcwYjA0LzEvVWljQUNQLUxXRktJWTg3amU0cW90U1hXOHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zY2M4NDgtNzg2MS00Y2UxLTg3MGQtODRiNjdiNDcwYjA0
LzEvclRaN3daOEdhWlpKQ2lCbWRNamFqMTdTelE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW9vsAwQA
uaPMMA8EAgACMAkDBwEqEMgAAAAwDQYJKoZIhvcNAQELBQADggEBAGyAvl/6bYWW
0mvCrfzMhAVyxDmfnSzPcpXXajdpYqMGmqUj+Pq808DgU6e7BnnOsWRe0m31d+vD
QMG0WB+iP3GjSGgWzGh9ExkVEgREHbAatCaE/RryqqS9kmnI5nthRBguLdvC9KpR
mTYCNC9E169kOuVhg4YCYReETlUqeZj8ijT5FTo3OLg2380CBybzVHWAQfbV7cCT
RqPNGBeRNnJaFywihBJkWT939AgXKNeBDOV+BFd/JoYsSUJilwz3Ht33LmRyd1rn
L9YTxpZ7LjUGqw1DDNvzxtzUgrVsFpGxFNZwFL+wMM/FZjHyCBwBku+trpFy1Q4w
BDW99MEWNUA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:18:14 2025 by rpki-client