Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/UfTJ74wczzc9juUhYmO09VcB4cA.roa
File: UfTJ74wczzc9juUhYmO09VcB4cA.roa (raw, json)
Hash identifier: 4Px2YrR2gdtzDdvV6yW5jcNKCP6KRrnCXACP7dOXFBM=
Subject key identifier: 51:F4:C9:EF:8C:1C:CF:37:3D:8E:E5:21:62:63:B4:F5:57:01:E1:C0
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019006EF73EEDDA6824DFD322CA37D764199
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/UfTJ74wczzc9juUhYmO09VcB4cA.roa
Signing time: Tue 11 Jun 2024 10:54:34 +0000
ROA not before: Tue 11 Jun 2024 10:54:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59432
IP address blocks: 194.143.214.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.200.0/24 maxlen: 24
195.114.206.0/24 maxlen: 24
195.114.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 06:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:ef:73:ee:dd:a6:82:4d:fd:32:2c:a3:7d:76:41:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jun 11 10:54:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51f4c9ef8c1ccf373d8ee5216263b4f55701e1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:32:95:13:58:c1:34:57:4d:54:5c:87:28:ca:
84:2e:65:07:b2:75:2c:89:dc:da:25:0d:e8:8c:1e:
e5:23:5e:f0:93:d1:d7:50:fe:ab:34:ee:cb:b5:76:
77:9c:ec:03:c4:16:f2:13:ae:7f:ce:b2:ab:ab:2f:
14:b9:a2:9a:c4:46:3a:ed:bc:0a:b0:0c:81:89:15:
cb:c8:bf:a4:4e:29:a4:1b:d6:34:52:bf:3a:8f:65:
a3:28:89:7f:b2:d9:a6:32:fd:11:42:52:7b:1e:5f:
75:6e:e3:32:42:83:15:d0:0b:d7:0d:fd:d5:68:db:
1f:a1:16:73:d1:01:d0:03:5d:d6:bc:b5:18:fc:60:
85:7f:f7:b6:46:a2:05:b1:11:ef:6a:35:9d:33:80:
4d:94:02:35:79:d7:96:2d:24:ee:9b:64:97:b1:52:
39:b2:ac:0e:36:eb:cc:2d:d2:74:3c:32:a8:cf:eb:
c5:5d:80:35:f3:26:a8:b9:82:a1:72:27:8f:b0:5d:
e0:06:b9:94:2a:5f:0d:34:64:c3:5c:ad:76:ac:dc:
74:cc:bb:70:77:a6:e8:f3:2f:fa:f2:73:0f:07:68:
d9:99:49:56:14:ec:2f:85:43:b8:99:c0:fd:95:73:
56:c4:c9:55:00:37:0b:ae:74:11:e8:de:6a:8f:3d:
22:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F4:C9:EF:8C:1C:CF:37:3D:8E:E5:21:62:63:B4:F5:57:01:E1:C0
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/UfTJ74wczzc9juUhYmO09VcB4cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.214.0/24
195.114.195.0/24
195.114.200.0/24
195.114.206.0/23
Signature Algorithm: sha256WithRSAEncryption
54:67:11:9e:8c:9e:b1:c2:f3:70:94:51:fd:83:97:e0:9d:05:
33:20:20:73:52:4c:f6:62:cc:80:7c:0c:cd:24:ad:cc:54:80:
33:2d:c9:55:99:56:dd:ce:21:57:35:aa:7c:0a:6d:41:35:ad:
60:0d:62:32:8c:22:da:78:89:66:a0:6e:fd:bb:9e:10:6b:ef:
82:60:d3:29:58:bd:73:54:2b:cc:75:6f:51:eb:ae:eb:99:80:
34:c8:47:32:9c:dc:63:f3:3d:7b:3a:7a:10:82:59:4a:d3:6e:
0d:d3:a4:e9:96:bf:15:61:34:14:4b:7e:5c:80:e9:7a:54:e9:
4c:22:56:3a:b3:33:a9:c3:ec:2b:24:89:a8:2d:77:59:0c:a8:
c8:b1:70:3a:f3:1d:9c:7a:d4:7f:6b:31:82:39:94:b5:48:91:
70:4a:45:d2:0d:e3:40:56:88:d3:ff:7b:6e:f1:33:5c:c4:e9:
cf:58:07:c4:45:92:f0:52:27:fa:10:84:c9:78:4e:5b:e2:c2:
de:65:ee:7d:dd:0b:a7:97:34:b1:18:fd:66:f1:43:dd:a4:6e:
7c:aa:42:ba:cc:3c:32:00:e5:40:55:60:a0:40:91:c9:23:7b:
1a:2e:34:6d:c9:43:b1:15:e1:85:2d:7d:c1:b1:71:ae:ea:9c:
70:1c:f6:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZAG73Pu3aaCTf0yLKN9dkGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNjExMTA1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWY0YzllZjhjMWNjZjM3M2Q4ZWU1MjE2MjYzYjRmNTU3MDFlMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjKVE1jBNFdNVFyHKMqELmUHsnUs
idzaJQ3ojB7lI17wk9HXUP6rNO7LtXZ3nOwDxBbyE65/zrKrqy8UuaKaxEY67bwK
sAyBiRXLyL+kTimkG9Y0Ur86j2WjKIl/stmmMv0RQlJ7Hl91buMyQoMV0AvXDf3V
aNsfoRZz0QHQA13WvLUY/GCFf/e2RqIFsRHvajWdM4BNlAI1edeWLSTum2SXsVI5
sqwONuvMLdJ0PDKoz+vFXYA18yaouYKhciePsF3gBrmUKl8NNGTDXK12rNx0zLtw
d6bo8y/68nMPB2jZmUlWFOwvhUO4mcD9lXNWxMlVADcLrnQR6N5qjz0iDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFH0ye+MHM83PY7lIWJjtPVXAeHAMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvVWZUSjc0d2N6emM5anVVaFltTzA5VmNCNGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwo/WAwQA
w3LDAwQAw3LIAwQBw3LOMA0GCSqGSIb3DQEBCwUAA4IBAQBUZxGejJ6xwvNwlFH9
g5fgnQUzICBzUkz2YsyAfAzNJK3MVIAzLclVmVbdziFXNap8Cm1BNa1gDWIyjCLa
eIlmoG79u54Qa++CYNMpWL1zVCvMdW9R667rmYA0yEcynNxj8z17OnoQgllK024N
06Tplr8VYTQUS35cgOl6VOlMIlY6szOpw+wrJImoLXdZDKjIsXA68x2cetR/azGC
OZS1SJFwSkXSDeNAVojT/3tu8TNcxOnPWAfERZLwUif6EITJeE5b4sLeZe593Qun
lzSxGP1m8UPdpG58qkK6zDwyAOVAVWCgQJHJI3saLjRtyUOxFeGFLX3BsXGu6pxw
HPYa
-----END CERTIFICATE-----
Generated at Thu Jul 11 08:35:48 2024 by rpki-client on console-ams.rpki-client.org