Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9eb64a-939c-4584-987e-7f19e8c8b83d/1/UwRvUT989icN7vmQ4c_6PT3YA78.roa
File: UwRvUT989icN7vmQ4c_6PT3YA78.roa (raw, json)
Hash identifier: IIdxVGueESdCC4ubsGu/Ln9VHcniQ57HNbZSzFw4LwM=
Subject key identifier: 53:04:6F:51:3F:7C:F6:27:0D:EE:F9:90:E1:CF:FA:3D:3D:D8:03:BF
Certificate issuer: /CN=bf4d1747f35c0cd6b25f0b0a0e68d0442c93914c
Certificate serial: 0192BF79D6062393888D74C8F72E279D1A62
Authority key identifier: BF:4D:17:47:F3:5C:0C:D6:B2:5F:0B:0A:0E:68:D0:44:2C:93:91:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v00XR_NcDNayXwsKDmjQRCyTkUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/9eb64a-939c-4584-987e-7f19e8c8b83d/1/UwRvUT989icN7vmQ4c_6PT3YA78.roa
Signing time: Thu 24 Oct 2024 17:01:25 +0000
ROA not before: Thu 24 Oct 2024 17:01:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41283
IP address blocks: 195.74.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:79:d6:06:23:93:88:8d:74:c8:f7:2e:27:9d:1a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf4d1747f35c0cd6b25f0b0a0e68d0442c93914c
Validity
Not Before: Oct 24 17:01:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53046f513f7cf6270deef990e1cffa3d3dd803bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e3:ec:4f:1d:2a:3e:18:51:ee:49:40:26:1f:
60:4e:8e:dd:50:1a:69:ca:89:5b:da:f5:95:36:27:
e2:77:03:ef:29:fb:2e:6c:67:c5:b9:d6:4e:1a:38:
b5:83:92:90:86:05:f0:90:cb:c6:ef:85:cd:9f:21:
0f:90:9b:5e:63:5c:b5:94:19:b1:6f:cb:86:6e:d4:
31:5d:3d:36:27:4d:15:01:0c:bc:b7:fd:59:6a:76:
c8:26:e2:3f:8a:dc:e6:1a:4d:0f:ec:40:c9:aa:bc:
8f:41:97:e9:50:93:78:82:05:d2:38:5d:d9:3d:e7:
45:60:f3:47:f5:b1:6b:b9:72:9a:c9:4a:a8:53:54:
39:13:7d:27:af:c6:a3:5c:39:8a:d8:cb:3f:a0:10:
5e:85:c0:b9:d9:36:84:5c:d7:4d:4b:a7:ed:8b:66:
5f:18:4d:52:5d:c3:dc:0d:99:9f:c9:11:3f:75:16:
d4:db:2d:30:ca:d7:39:22:20:a3:1b:99:65:ed:e4:
7d:66:7a:ad:bc:24:83:74:3c:b7:30:52:ba:cd:f2:
79:11:42:d2:0c:0a:28:0f:8e:4a:e0:65:99:10:ea:
b9:69:eb:41:78:f3:d6:5b:8c:ea:f2:e6:f2:1b:2b:
be:cf:44:fd:3f:3c:ab:9d:a0:a1:fc:82:8c:76:4b:
68:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:04:6F:51:3F:7C:F6:27:0D:EE:F9:90:E1:CF:FA:3D:3D:D8:03:BF
X509v3 Authority Key Identifier:
keyid:BF:4D:17:47:F3:5C:0C:D6:B2:5F:0B:0A:0E:68:D0:44:2C:93:91:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v00XR_NcDNayXwsKDmjQRCyTkUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9eb64a-939c-4584-987e-7f19e8c8b83d/1/UwRvUT989icN7vmQ4c_6PT3YA78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9eb64a-939c-4584-987e-7f19e8c8b83d/1/v00XR_NcDNayXwsKDmjQRCyTkUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.74.67.0/24
Signature Algorithm: sha256WithRSAEncryption
01:5e:b4:40:11:27:d7:db:39:8d:ab:4e:be:bc:12:87:fa:ce:
ca:50:ed:57:7b:5f:ba:38:b3:3a:2e:03:74:8f:a1:55:c8:92:
14:ad:1a:ff:48:5b:78:f0:34:ce:0f:67:c3:19:2d:90:2c:64:
22:4a:91:76:53:a6:ad:6a:a3:20:7f:1f:8c:fe:95:98:13:06:
7e:35:08:a5:db:c9:61:60:2a:23:49:58:d1:6b:5f:78:3b:d2:
4e:35:cb:2c:65:ea:8f:37:58:46:ba:fa:90:c1:15:2a:23:36:
30:50:74:57:81:da:cc:56:83:33:35:04:dd:39:3d:36:8b:7b:
fe:69:d2:ca:d1:03:85:b5:4f:c5:10:87:05:3c:59:bc:b5:92:
26:03:ca:d1:7c:e6:b7:d0:c4:db:33:14:bb:74:c0:46:56:b3:
44:14:1d:fc:72:92:5b:f7:b9:34:b4:e0:20:1d:38:f9:77:54:
23:74:51:83:62:71:66:0f:9b:50:97:59:65:45:3b:3f:33:0e:
df:cb:04:c9:7e:c8:d1:4a:41:4e:33:ee:d0:a0:99:6a:62:e1:
cb:fc:56:4e:9a:09:8e:01:07:62:c4:4f:11:0c:48:8e:be:98:
0f:59:eb:9a:eb:64:cb:fd:ee:c7:d1:90:dc:67:d4:c4:c4:4a:
d2:56:06:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK/edYGI5OIjXTI9y4nnRpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNGQxNzQ3ZjM1YzBjZDZiMjVmMGIwYTBlNjhkMDQ0MmM5
MzkxNGMwHhcNMjQxMDI0MTcwMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzA0NmY1MTNmN2NmNjI3MGRlZWY5OTBlMWNmZmEzZDNkZDgwM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsePsTx0qPhhR7klAJh9gTo7dUBpp
yolb2vWVNifidwPvKfsubGfFudZOGji1g5KQhgXwkMvG74XNnyEPkJteY1y1lBmx
b8uGbtQxXT02J00VAQy8t/1ZanbIJuI/itzmGk0P7EDJqryPQZfpUJN4ggXSOF3Z
PedFYPNH9bFruXKayUqoU1Q5E30nr8ajXDmK2Ms/oBBehcC52TaEXNdNS6fti2Zf
GE1SXcPcDZmfyRE/dRbU2y0wytc5IiCjG5ll7eR9ZnqtvCSDdDy3MFK6zfJ5EULS
DAooD45K4GWZEOq5aetBePPWW4zq8ubyGyu+z0T9PzyrnaCh/IKMdktoOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMEb1E/fPYnDe75kOHP+j092AO/MB8GA1UdIwQY
MBaAFL9NF0fzXAzWsl8LCg5o0EQsk5FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjAwWFJfTmNETmF5WHdzS0RtalFSQ3lUa1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85ZWI2NGEtOTM5Yy00NTg0LTk4N2Ut
N2YxOWU4YzhiODNkLzEvVXdSdlVUOTg5aWNON3ZtUTRjXzZQVDNZQTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85ZWI2NGEtOTM5Yy00NTg0LTk4N2UtN2YxOWU4YzhiODNk
LzEvdjAwWFJfTmNETmF5WHdzS0RtalFSQ3lUa1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0pDMA0G
CSqGSIb3DQEBCwUAA4IBAQABXrRAESfX2zmNq06+vBKH+s7KUO1Xe1+6OLM6LgN0
j6FVyJIUrRr/SFt48DTOD2fDGS2QLGQiSpF2U6ataqMgfx+M/pWYEwZ+NQil28lh
YCojSVjRa194O9JONcssZeqPN1hGuvqQwRUqIzYwUHRXgdrMVoMzNQTdOT02i3v+
adLK0QOFtU/FEIcFPFm8tZImA8rRfOa30MTbMxS7dMBGVrNEFB38cpJb97k0tOAg
HTj5d1QjdFGDYnFmD5tQl1llRTs/Mw7fywTJfsjRSkFOM+7QoJlqYuHL/FZOmgmO
AQdixE8RDEiOvpgPWeua62TL/e7H0ZDcZ9TExErSVgZb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:14 2025 by rpki-client