Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/UHiR2tb3Odc5esUAYQrOArJcEmg.roa
File: UHiR2tb3Odc5esUAYQrOArJcEmg.roa (raw, json)
Hash identifier: cCbyYaB03wLGfBNuC7wYhr1fwfvPDt0iIWNZNa4RV1E=
Subject key identifier: 50:78:91:DA:D6:F7:39:D7:39:7A:C5:00:61:0A:CE:02:B2:5C:12:68
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0190C5151FD94601264B280567012E3D7C21
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/UHiR2tb3Odc5esUAYQrOArJcEmg.roa
Signing time: Thu 18 Jul 2024 09:03:34 +0000
ROA not before: Thu 18 Jul 2024 09:03:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205175
IP address blocks: 213.145.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:15:1f:d9:46:01:26:4b:28:05:67:01:2e:3d:7c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jul 18 09:03:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=507891dad6f739d7397ac500610ace02b25c1268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:02:5c:50:6e:5f:42:41:93:16:ad:94:a7:3c:
8b:05:a4:59:f9:41:7e:e0:30:50:12:6b:5f:ec:c0:
6d:39:8f:b2:84:07:ff:96:56:98:7b:24:5d:a6:35:
75:bf:f8:3a:16:6d:63:5e:fc:74:93:5d:ea:30:55:
62:83:10:1d:06:ac:c2:ea:f8:c2:da:c5:7f:43:97:
c3:41:85:f2:b4:ec:53:fb:6c:f3:e3:cd:eb:ed:12:
f1:7b:eb:e5:be:82:a6:66:a0:2a:88:7e:91:08:73:
f9:cc:fa:dd:5e:6d:fe:2d:2f:dc:68:61:a7:4f:49:
f4:bd:30:07:fa:6e:e1:e5:f5:47:72:84:c0:47:86:
9b:b0:18:72:7b:c4:bd:5c:04:07:c4:22:cc:5b:e5:
cd:82:3d:ff:4f:3d:58:5c:22:42:cd:81:02:35:75:
b0:4f:dd:68:56:69:d5:a9:fe:c8:96:26:97:fd:08:
6f:e6:dd:d6:83:e1:ff:76:01:14:26:a9:2f:76:08:
a1:56:c2:5f:08:a8:85:3b:01:17:3b:51:f0:0a:a6:
5f:79:76:44:55:d1:e6:f8:75:c6:f4:3e:26:59:1c:
54:b9:98:30:a3:8c:c9:d2:28:6e:5d:69:88:37:de:
a8:b4:b6:c3:e8:ad:53:e5:3b:a1:a0:dd:4c:d6:0b:
04:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:78:91:DA:D6:F7:39:D7:39:7A:C5:00:61:0A:CE:02:B2:5C:12:68
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/UHiR2tb3Odc5esUAYQrOArJcEmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.66.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:55:7e:b5:ba:f5:c7:32:55:f5:32:c2:40:3d:4f:1a:b9:64:
b3:5d:c0:e6:3c:3e:42:0c:57:f2:ec:ba:09:9d:11:19:07:13:
2b:97:f2:57:02:a0:2e:44:eb:fa:b4:de:98:35:27:f0:85:00:
31:62:a0:b0:06:cf:09:7f:69:e1:43:8b:b1:70:08:2d:95:db:
7b:64:2b:50:b8:96:e0:e4:b0:f0:f4:7e:c0:f2:c6:28:67:01:
97:1c:bf:22:dc:ae:68:2d:66:39:72:a3:19:ed:1d:94:52:96:
c3:69:aa:80:7c:88:7f:1f:5b:15:31:d3:0a:eb:b8:ea:72:4a:
c2:a7:b7:a6:9e:0b:36:34:d3:87:6c:8d:ca:4a:ba:f4:fe:e2:
35:21:bf:b0:fa:b9:70:72:e7:30:d4:9f:c4:2d:2d:7a:9a:ea:
c9:1c:89:e2:d2:2b:7e:ba:53:68:0f:a2:35:4c:33:e1:06:fa:
eb:2a:29:e6:f4:03:f2:3c:58:db:3b:eb:41:f3:c9:40:b1:32:
14:8d:70:a4:38:14:83:6f:30:a9:df:93:7c:66:9a:c6:0b:f2:
a3:cd:2b:12:d3:73:88:f6:54:f9:8a:65:b6:a7:fe:19:b5:70:
3a:1b:80:02:b6:43:8d:7d:97:7e:d1:a9:d3:55:47:01:64:0e:
9a:c5:b0:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDFFR/ZRgEmSygFZwEuPXwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwNzE4MDkwMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDc4OTFkYWQ2ZjczOWQ3Mzk3YWM1MDA2MTBhY2UwMmIyNWMxMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AJcUG5fQkGTFq2UpzyLBaRZ+UF+
4DBQEmtf7MBtOY+yhAf/llaYeyRdpjV1v/g6Fm1jXvx0k13qMFVigxAdBqzC6vjC
2sV/Q5fDQYXytOxT+2zz483r7RLxe+vlvoKmZqAqiH6RCHP5zPrdXm3+LS/caGGn
T0n0vTAH+m7h5fVHcoTAR4absBhye8S9XAQHxCLMW+XNgj3/Tz1YXCJCzYECNXWw
T91oVmnVqf7IliaX/Qhv5t3Wg+H/dgEUJqkvdgihVsJfCKiFOwEXO1HwCqZfeXZE
VdHm+HXG9D4mWRxUuZgwo4zJ0ihuXWmIN96otLbD6K1T5TuhoN1M1gsEqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFB4kdrW9znXOXrFAGEKzgKyXBJoMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvVUhpUjJ0YjNPZGM1ZXNVQVlRck9BckpjRW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZFCMA0G
CSqGSIb3DQEBCwUAA4IBAQBLVX61uvXHMlX1MsJAPU8auWSzXcDmPD5CDFfy7LoJ
nREZBxMrl/JXAqAuROv6tN6YNSfwhQAxYqCwBs8Jf2nhQ4uxcAgtldt7ZCtQuJbg
5LDw9H7A8sYoZwGXHL8i3K5oLWY5cqMZ7R2UUpbDaaqAfIh/H1sVMdMK67jqckrC
p7emngs2NNOHbI3KSrr0/uI1Ib+w+rlwcucw1J/ELS16murJHIni0it+ulNoD6I1
TDPhBvrrKinm9APyPFjbO+tB88lAsTIUjXCkOBSDbzCp35N8ZprGC/KjzSsS03OI
9lT5imW2p/4ZtXA6G4ACtkONfZd+0anTVUcBZA6axbBi
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:58:56 2025 by rpki-client