Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/bf426a-3a8f-4252-a17f-ba02c960b8f4/1/UZXh4i9_kXBfCYKsKCK2HOr_mpU.roa
File: UZXh4i9_kXBfCYKsKCK2HOr_mpU.roa (raw, json)
Hash identifier: AKjb9p0DSWzmea0h2Sszep/rvD7zGoiJVRlIkXsdRbI=
Subject key identifier: 51:95:E1:E2:2F:7F:91:70:5F:09:82:AC:28:22:B6:1C:EA:FF:9A:95
Certificate issuer: /CN=4516e53b32caa761906f0fcdea275b720e1742c8
Certificate serial: 0194266C4009BDE827B766A0BAC44C531556
Authority key identifier: 45:16:E5:3B:32:CA:A7:61:90:6F:0F:CD:EA:27:5B:72:0E:17:42:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RRblOzLKp2GQbw_N6idbcg4XQsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/bf426a-3a8f-4252-a17f-ba02c960b8f4/1/UZXh4i9_kXBfCYKsKCK2HOr_mpU.roa
Signing time: Thu 02 Jan 2025 09:50:16 +0000
ROA not before: Thu 02 Jan 2025 09:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 193.177.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 Jan 2025 10:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:40:09:bd:e8:27:b7:66:a0:ba:c4:4c:53:15:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4516e53b32caa761906f0fcdea275b720e1742c8
Validity
Not Before: Jan 2 09:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5195e1e22f7f91705f0982ac2822b61ceaff9a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f1:f2:a2:dc:61:c7:ac:2b:ff:b4:c4:ac:af:
18:55:0d:72:60:55:ea:a7:e6:7e:5e:9f:36:69:5c:
94:80:af:17:2e:b6:ec:d4:0f:8c:4c:19:1b:6e:a1:
e8:4f:ea:a6:76:93:1c:9a:38:83:f2:0b:06:fa:86:
4e:d6:2b:52:8e:46:9e:dc:80:94:04:d8:31:87:74:
ec:e7:99:4e:fc:fa:97:fe:82:8d:de:e8:eb:27:6c:
4b:61:fe:e3:72:74:5f:ae:68:20:53:05:4a:e2:0e:
fb:93:6b:57:84:a1:5d:cc:8d:b9:43:72:36:36:87:
49:18:ca:a8:08:6b:fa:aa:9c:b9:dc:73:ea:ba:37:
68:8a:97:f2:71:2c:c1:4c:aa:34:fd:71:58:90:85:
91:53:27:1d:c3:52:aa:f9:37:fc:00:5e:5e:1e:75:
6d:fa:34:a6:cb:34:cf:a4:3b:f5:1f:f6:ad:20:a3:
99:40:d3:04:8c:3a:e7:91:ec:6e:db:d0:22:4d:32:
8f:23:0b:bc:04:09:6a:8d:b6:ab:7c:4d:9d:84:64:
1f:49:e6:1f:99:79:83:46:f5:09:bd:c6:80:08:e3:
e7:14:84:64:ba:78:5f:46:7c:ab:ac:d8:67:28:93:
b9:e8:78:d9:61:68:dc:78:76:4b:1e:0d:c3:f9:f8:
20:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:95:E1:E2:2F:7F:91:70:5F:09:82:AC:28:22:B6:1C:EA:FF:9A:95
X509v3 Authority Key Identifier:
keyid:45:16:E5:3B:32:CA:A7:61:90:6F:0F:CD:EA:27:5B:72:0E:17:42:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RRblOzLKp2GQbw_N6idbcg4XQsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/bf426a-3a8f-4252-a17f-ba02c960b8f4/1/UZXh4i9_kXBfCYKsKCK2HOr_mpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/bf426a-3a8f-4252-a17f-ba02c960b8f4/1/RRblOzLKp2GQbw_N6idbcg4XQsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.176.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:9c:3b:3c:9a:aa:ef:12:c5:39:33:0b:8c:71:63:2a:31:c1:
92:4d:ba:dc:25:fa:04:d9:38:99:29:68:26:a2:c5:ff:94:63:
09:d3:46:a4:17:7c:6e:8b:82:ed:25:0d:c2:7e:d4:ea:90:36:
5e:51:02:5d:1e:e0:42:42:bf:79:48:be:ea:07:fe:4c:18:8b:
6e:45:b9:1b:30:77:6f:49:6f:6b:7d:ca:76:73:f9:f7:43:98:
e3:fb:6a:f4:77:c0:68:d1:93:f7:57:48:5a:47:f8:65:ef:e6:
cf:c1:ec:ae:85:13:29:eb:ef:f1:e3:76:19:a7:f9:e6:3d:69:
f9:05:42:3d:3e:31:c5:58:b1:cb:55:50:07:ba:78:c1:bf:d4:
29:63:07:0e:ff:2f:62:d1:ee:26:08:19:18:7b:70:54:ee:c7:
7f:0b:0a:75:a1:58:d6:18:80:03:3d:91:a3:32:57:33:9c:9a:
1e:ba:ee:8f:99:52:0b:2c:2e:7a:a4:b7:a8:53:65:3e:3c:69:
7a:18:5c:19:1b:12:78:ca:0a:57:73:77:6a:c8:d9:45:35:eb:
d9:e6:87:41:db:b3:bf:7a:2d:53:82:97:22:46:37:c7:05:ca:
7a:8b:42:3b:5e:7f:bd:19:87:9a:0f:16:1c:1b:ad:b1:ac:08:
c7:f9:9a:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbEAJvegnt2agusRMUxVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MTZlNTNiMzJjYWE3NjE5MDZmMGZjZGVhMjc1YjcyMGUx
NzQyYzgwHhcNMjUwMTAyMDk1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTk1ZTFlMjJmN2Y5MTcwNWYwOTgyYWMyODIyYjYxY2VhZmY5YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PHyotxhx6wr/7TErK8YVQ1yYFXq
p+Z+Xp82aVyUgK8XLrbs1A+MTBkbbqHoT+qmdpMcmjiD8gsG+oZO1itSjkae3ICU
BNgxh3Ts55lO/PqX/oKN3ujrJ2xLYf7jcnRfrmggUwVK4g77k2tXhKFdzI25Q3I2
NodJGMqoCGv6qpy53HPqujdoipfycSzBTKo0/XFYkIWRUycdw1Kq+Tf8AF5eHnVt
+jSmyzTPpDv1H/atIKOZQNMEjDrnkexu29AiTTKPIwu8BAlqjbarfE2dhGQfSeYf
mXmDRvUJvcaACOPnFIRkunhfRnyrrNhnKJO56HjZYWjceHZLHg3D+fgg+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGV4eIvf5FwXwmCrCgithzq/5qVMB8GA1UdIwQY
MBaAFEUW5TsyyqdhkG8PzeonW3IOF0LIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlJibE96TEtwMkdRYndfTjZpZGJjZzRYUXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9iZjQyNmEtM2E4Zi00MjUyLWExN2Yt
YmEwMmM5NjBiOGY0LzEvVVpYaDRpOV9rWEJmQ1lLc0tDSzJIT3JfbXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9iZjQyNmEtM2E4Zi00MjUyLWExN2YtYmEwMmM5NjBiOGY0
LzEvUlJibE96TEtwMkdRYndfTjZpZGJjZzRYUXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwbGwMA0G
CSqGSIb3DQEBCwUAA4IBAQCtnDs8mqrvEsU5MwuMcWMqMcGSTbrcJfoE2TiZKWgm
osX/lGMJ00akF3xui4LtJQ3CftTqkDZeUQJdHuBCQr95SL7qB/5MGItuRbkbMHdv
SW9rfcp2c/n3Q5jj+2r0d8Bo0ZP3V0haR/hl7+bPweyuhRMp6+/x43YZp/nmPWn5
BUI9PjHFWLHLVVAHunjBv9QpYwcO/y9i0e4mCBkYe3BU7sd/Cwp1oVjWGIADPZGj
MlcznJoeuu6PmVILLC56pLeoU2U+PGl6GFwZGxJ4ygpXc3dqyNlFNevZ5odB27O/
ei1TgpciRjfHBcp6i0I7Xn+9GYeaDxYcG62xrAjH+ZoA
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:53:35 2025 by rpki-client