Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/UrIFBOHngq1YcCV8YEv72GKsg9c.roa
File: UrIFBOHngq1YcCV8YEv72GKsg9c.roa (raw, json)
Hash identifier: amjkl6flwGII/oEsrU4nnWJXLPXJ3RDcuj9FgRRlJ9Y=
Subject key identifier: 52:B2:05:04:E1:E7:82:AD:58:70:25:7C:60:4B:FB:D8:62:AC:83:D7
Certificate issuer: /CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Certificate serial: 018CC348D78474BF3780813C53F9A186CF6D
Authority key identifier: 8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/UrIFBOHngq1YcCV8YEv72GKsg9c.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12324
IP address blocks: 87.246.240.0/20 maxlen: 20
212.182.64.0/20 maxlen: 20
87.246.192.0/19 maxlen: 19
212.182.0.0/18 maxlen: 18
5.201.0.0/17 maxlen: 17
2a04:440::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d7:84:74:bf:37:80:81:3c:53:f9:a1:86:cf:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b20504e1e782ad5870257c604bfbd862ac83d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a9:2a:a6:3c:f5:a3:77:74:d4:c8:87:46:32:
fc:a4:99:cc:a3:74:26:9a:89:e9:25:19:54:81:c2:
16:4f:6f:3c:58:84:4f:23:4f:ea:3b:49:fc:be:46:
f6:d3:49:80:78:d9:ce:0c:4f:18:7a:d9:10:c3:9b:
68:ac:3d:0b:fb:ac:b5:42:57:49:66:94:90:58:31:
61:15:3d:1e:36:3c:2f:5b:6c:7c:ca:c9:6d:3d:11:
cc:9c:a5:b4:09:91:ad:6a:3c:b5:af:f4:09:d2:f3:
c3:dd:f5:95:dc:64:d1:6d:50:83:51:0c:6c:25:cc:
1c:6a:aa:51:15:28:2b:4e:f4:6c:7f:cb:1f:ec:a8:
42:24:15:b7:f1:70:c9:6a:48:fc:1e:45:1b:cf:3b:
58:1c:8d:30:1f:a9:1b:f1:7d:23:0c:09:6b:f7:cb:
cf:c6:2f:1b:a8:0f:9f:79:5d:99:46:c4:cb:9c:25:
24:e3:91:27:bb:c6:7e:9a:99:c3:fd:ca:8a:72:42:
06:4f:f2:25:90:90:ed:68:32:1c:69:3e:2f:88:1a:
33:7c:ea:dd:0b:36:aa:71:b8:3b:54:c2:45:2d:0a:
2a:0e:5f:c9:02:9e:62:ca:74:a0:22:ef:d3:fb:92:
c4:52:c4:44:b2:e8:23:cf:a3:27:c0:66:7f:df:ec:
f5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B2:05:04:E1:E7:82:AD:58:70:25:7C:60:4B:FB:D8:62:AC:83:D7
X509v3 Authority Key Identifier:
keyid:8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/UrIFBOHngq1YcCV8YEv72GKsg9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/jU8_i6fc9YlPL2Edffq1PUpjwKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.0.0/17
87.246.192.0/19
87.246.240.0/20
212.182.0.0-212.182.79.255
IPv6:
2a04:440::/32
Signature Algorithm: sha256WithRSAEncryption
c5:17:6e:6f:81:c6:1d:a5:43:46:7d:f4:c2:50:0c:77:39:d7:
05:e8:f8:c0:08:22:f6:4d:cc:95:b1:f5:cf:f2:be:45:0d:36:
e4:78:17:44:52:aa:6b:b4:fd:6a:d8:09:cc:66:46:03:da:5e:
e8:26:18:56:60:33:68:ab:58:42:bb:ce:59:c7:32:35:2a:dc:
21:48:39:a2:8c:7a:4d:ec:0f:2b:03:30:d0:ef:0a:07:79:60:
f2:70:c4:b3:de:90:e8:99:de:b8:e7:2e:b9:40:da:ed:5d:a4:
03:70:5c:42:19:d4:93:fe:60:fa:0d:f4:1e:66:73:ce:ef:89:
ea:95:d4:f7:d6:12:98:5b:7b:ad:a1:94:1e:95:70:f5:ca:06:
94:4f:bc:6b:87:f9:d5:54:92:d7:23:81:d1:79:c0:09:4b:5c:
52:96:aa:51:c7:ef:e3:15:0f:ca:02:ba:0e:97:0f:5f:e8:cc:
69:ab:a3:09:96:4b:46:d9:dc:0d:53:31:68:9d:9e:50:5d:a7:
45:df:6e:65:30:55:16:96:39:03:d5:b4:bd:24:0e:02:48:2d:
1d:29:24:b2:e9:12:1c:6c:af:6b:89:47:37:af:49:12:d6:66:
7b:6b:c3:ba:1e:b7:0c:5f:ff:89:e0:fa:10:51:4d:b7:6f:d9:
5d:70:f1:37
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzDSNeEdL83gIE8U/mhhs9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNGYzZjhiYTdkY2Y1ODk0ZjJmNjExZDdkZmFiNTNkNGE2
M2MwYTkwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIyMDUwNGUxZTc4MmFkNTg3MDI1N2M2MDRiZmJkODYyYWM4M2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qkqpjz1o3d01MiHRjL8pJnMo3Qm
monpJRlUgcIWT288WIRPI0/qO0n8vkb200mAeNnODE8YetkQw5torD0L+6y1QldJ
ZpSQWDFhFT0eNjwvW2x8ysltPRHMnKW0CZGtajy1r/QJ0vPD3fWV3GTRbVCDUQxs
JcwcaqpRFSgrTvRsf8sf7KhCJBW38XDJakj8HkUbzztYHI0wH6kb8X0jDAlr98vP
xi8bqA+feV2ZRsTLnCUk45Enu8Z+mpnD/cqKckIGT/IlkJDtaDIcaT4viBozfOrd
Czaqcbg7VMJFLQoqDl/JAp5iynSgIu/T+5LEUsREsugjz6MnwGZ/3+z1lwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFKyBQTh54KtWHAlfGBL+9hirIPXMB8GA1UdIwQY
MBaAFI1PP4un3PWJTy9hHX36tT1KY8CpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalU4X2k2ZmM5WWxQTDJFZGZmcTFQVXBqd0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81NTIyOWMtZTI4Mi00YTg1LWI3YTQt
OGFjYmZlYTJlY2ZhLzEvVXJJRkJPSG5ncTFZY0NWOFlFdjcyR0tzZzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81NTIyOWMtZTI4Mi00YTg1LWI3YTQtOGFjYmZlYTJlY2Zh
LzEvalU4X2k2ZmM5WWxQTDJFZGZmcTFQVXBqd0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwQHBckAAwQF
V/bAAwQEV/bwMAsDAwHUtgMEBNS2QDANBAIAAjAHAwUAKgQEQDANBgkqhkiG9w0B
AQsFAAOCAQEAxRdub4HGHaVDRn30wlAMdznXBej4wAgi9k3MlbH1z/K+RQ025HgX
RFKqa7T9atgJzGZGA9pe6CYYVmAzaKtYQrvOWccyNSrcIUg5oox6TewPKwMw0O8K
B3lg8nDEs96Q6JneuOcuuUDa7V2kA3BcQhnUk/5g+g30HmZzzu+J6pXU99YSmFt7
raGUHpVw9coGlE+8a4f51VSS1yOB0XnACUtcUpaqUcfv4xUPygK6DpcPX+jMaauj
CZZLRtncDVMxaJ2eUF2nRd9uZTBVFpY5A9W0vSQOAkgtHSkksukSHGyva4lHN69J
EtZme2vDuh63DF//ieD6EFFNt2/ZXXDxNw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:32 2025 by rpki-client