Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/ugiX3mXtWgmBpsDB5ksNwPOahDk.roa
File: ugiX3mXtWgmBpsDB5ksNwPOahDk.roa (raw, json)
Hash identifier: c+DQ5PEmUfo/4P+1+niExWCxK4OWRGye1MQgr4Xy4cE=
Subject key identifier: BA:08:97:DE:65:ED:5A:09:81:A6:C0:C1:E6:4B:0D:C0:F3:9A:84:39
Certificate issuer: /CN=c4402c55758faee473938f8067a889ad5e271261
Certificate serial: 01856B40F11779E213AB885F6E7823AF341C
Authority key identifier: C4:40:2C:55:75:8F:AE:E4:73:93:8F:80:67:A8:89:AD:5E:27:12:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/ugiX3mXtWgmBpsDB5ksNwPOahDk.roa
Signing time: Sun 01 Jan 2023 02:54:56 +0000
ROA not before: Sun 01 Jan 2023 02:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207995
IP address blocks: 194.24.162.0/23 maxlen: 24
194.24.176.0/23 maxlen: 24
212.221.128.0/17 maxlen: 24
2a10:340::/30 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:f1:17:79:e2:13:ab:88:5f:6e:78:23:af:34:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4402c55758faee473938f8067a889ad5e271261
Validity
Not Before: Jan 1 02:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba0897de65ed5a0981a6c0c1e64b0dc0f39a8439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:67:c0:4b:fc:b6:1e:53:b4:0a:94:e1:57:bc:
3a:e4:f9:7a:17:2c:05:91:20:fc:6f:65:c3:56:b8:
e4:db:3b:bb:12:53:14:8f:3a:a7:2f:fe:3e:be:30:
f9:44:c6:da:6c:b9:ae:68:7c:5d:2d:a5:15:7b:6c:
e2:81:c2:3a:ee:7c:3f:65:49:aa:cf:75:d8:5e:ed:
aa:61:58:16:e4:ad:ac:55:d1:0c:74:03:24:94:ca:
1e:3e:da:10:1a:4e:29:27:14:81:8b:1e:8c:46:57:
b6:50:84:33:59:d7:fa:79:3d:29:64:b4:cb:98:5c:
43:24:18:19:37:f3:99:78:ec:da:d3:85:42:69:45:
37:28:28:4d:db:1e:05:ce:2a:8d:58:a8:c7:b2:d5:
72:53:04:81:82:01:5a:3d:c8:40:2b:c7:66:9a:14:
53:25:e2:cb:5e:d8:67:aa:ba:20:b6:8f:d4:d4:66:
e1:85:e2:30:0d:cb:4d:40:92:7e:ee:fa:7c:0a:ca:
a0:4b:e2:6e:50:9c:95:8c:b8:fe:41:88:11:61:1a:
c5:94:2a:7d:56:da:2c:ba:da:ed:41:2b:2a:9d:22:
c8:9a:5d:05:92:2b:86:0d:42:01:8a:bb:cb:9d:a3:
a2:d9:42:6e:9c:1f:e8:6f:01:12:c7:d3:63:8c:34:
00:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:08:97:DE:65:ED:5A:09:81:A6:C0:C1:E6:4B:0D:C0:F3:9A:84:39
X509v3 Authority Key Identifier:
keyid:C4:40:2C:55:75:8F:AE:E4:73:93:8F:80:67:A8:89:AD:5E:27:12:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/ugiX3mXtWgmBpsDB5ksNwPOahDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/xEAsVXWPruRzk4-AZ6iJrV4nEmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.162.0/23
194.24.176.0/23
212.221.128.0/17
IPv6:
2a10:340::/30
Signature Algorithm: sha256WithRSAEncryption
18:5e:c8:44:af:57:6f:b7:92:fe:a5:82:8c:ba:ab:9d:bb:d1:
05:98:80:3c:27:b1:b7:9c:9b:fc:cb:74:31:f7:b0:95:d7:9e:
8f:2c:2a:54:0a:9d:42:f2:0a:4d:34:2e:3e:31:b7:08:7e:0a:
54:53:a1:c1:97:79:16:82:1b:d7:da:03:a0:27:ef:fc:47:18:
1d:23:ef:31:51:79:5e:0f:1c:63:49:43:bf:1d:13:98:4a:54:
d3:26:80:84:5b:79:90:cb:bd:74:4e:b9:69:26:9d:ae:80:b2:
1b:c4:71:67:5c:7c:00:0d:8e:e7:d0:99:0f:87:09:ef:16:80:
b8:df:26:e5:24:42:65:b1:c0:9a:20:2e:73:99:5d:8a:51:c6:
c9:a2:ca:ad:a6:56:ab:cf:92:9e:09:87:a7:b1:1c:88:b1:3d:
b5:d2:02:cc:6d:92:1b:74:ab:f9:6a:9c:15:7d:e5:3c:3c:59:
dc:9b:45:e7:c5:8d:ae:75:fe:8c:13:ed:b5:90:c7:a7:05:8f:
cc:10:a0:d8:ff:4d:0e:79:cf:07:7f:0b:3d:20:5b:ba:aa:58:
0e:f9:ae:34:49:98:4b:4d:ab:4c:5b:1a:47:d8:0b:7e:bc:a1:
0f:09:7d:c8:b7:13:36:68:fe:11:ee:bc:27:93:8e:d9:8f:fb:
bc:08:25:25
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrQPEXeeITq4hfbngjrzQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDAyYzU1NzU4ZmFlZTQ3MzkzOGY4MDY3YTg4OWFkNWUy
NzEyNjEwHhcNMjMwMTAxMDI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTA4OTdkZTY1ZWQ1YTA5ODFhNmMwYzFlNjRiMGRjMGYzOWE4NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWfAS/y2HlO0CpThV7w65Pl6FywF
kSD8b2XDVrjk2zu7ElMUjzqnL/4+vjD5RMbabLmuaHxdLaUVe2zigcI67nw/ZUmq
z3XYXu2qYVgW5K2sVdEMdAMklMoePtoQGk4pJxSBix6MRle2UIQzWdf6eT0pZLTL
mFxDJBgZN/OZeOza04VCaUU3KChN2x4FziqNWKjHstVyUwSBggFaPchAK8dmmhRT
JeLLXthnqrogto/U1GbhheIwDctNQJJ+7vp8CsqgS+JuUJyVjLj+QYgRYRrFlCp9
VtosutrtQSsqnSLIml0FkiuGDUIBirvLnaOi2UJunB/obwESx9NjjDQAyQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLoIl95l7VoJgabAweZLDcDzmoQ5MB8GA1UdIwQY
MBaAFMRALFV1j67kc5OPgGeoia1eJxJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVBc1ZYV1BydVJ6azQtQVo2aUpyVjRuRW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NjRjM2MtYjU3MC00MTEzLWI0YWEt
Y2ZkZjAzMTFhZDhjLzEvdWdpWDNtWHRXZ21CcHNEQjVrc053UE9haERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NjRjM2MtYjU3MC00MTEzLWI0YWEtY2ZkZjAzMTFhZDhj
LzEveEVBc1ZYV1BydVJ6azQtQVo2aUpyVjRuRW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwhiiAwQB
whiwAwQH1N2AMA0EAgACMAcDBQIqEANAMA0GCSqGSIb3DQEBCwUAA4IBAQAYXshE
r1dvt5L+pYKMuqudu9EFmIA8J7G3nJv8y3Qx97CV156PLCpUCp1C8gpNNC4+MbcI
fgpUU6HBl3kWghvX2gOgJ+/8RxgdI+8xUXleDxxjSUO/HROYSlTTJoCEW3mQy710
TrlpJp2ugLIbxHFnXHwADY7n0JkPhwnvFoC43yblJEJlscCaIC5zmV2KUcbJosqt
plarz5KeCYensRyIsT210gLMbZIbdKv5apwVfeU8PFncm0XnxY2udf6ME+21kMen
BY/MEKDY/00Oec8Hfws9IFu6qlgO+a40SZhLTatMWxpH2At+vKEPCX3ItxM2aP4R
7rwnk47Zj/u8CCUl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:03 2024 by rpki-client on console-ams.rpki-client.org