Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/ucBPtgr_ZkrzXmyeAjQ42PVOILs.roa
File: ucBPtgr_ZkrzXmyeAjQ42PVOILs.roa (raw, json)
Hash identifier: E5PrnYE9WzBNqDb90VIsI/vTNBFX/WRSS4Jqa3Skcf8=
Subject key identifier: B9:C0:4F:B6:0A:FF:66:4A:F3:5E:6C:9E:02:34:38:D8:F5:4E:20:BB
Certificate issuer: /CN=582e2170a7bcbec310154f2bce99833fec2801fb
Certificate serial: 018DE6E8BAF54A0D56602DBA4593E06E3AEB
Authority key identifier: 58:2E:21:70:A7:BC:BE:C3:10:15:4F:2B:CE:99:83:3F:EC:28:01:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WC4hcKe8vsMQFU8rzpmDP-woAfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/ucBPtgr_ZkrzXmyeAjQ42PVOILs.roa
Signing time: Mon 26 Feb 2024 19:33:48 +0000
ROA not before: Mon 26 Feb 2024 19:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200184
IP address blocks: 67.63.56.0/21 maxlen: 24
67.63.60.0/24 maxlen: 24
67.63.61.0/24 maxlen: 24
67.63.62.0/24 maxlen: 24
80.75.216.0/24 maxlen: 24
2a13:f800::/29 maxlen: 64
2a13:f800:1001::/48 maxlen: 48
2a13:f800:3101::/48 maxlen: 48
2a13:f800:3102::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Feb 2024 20:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:e8:ba:f5:4a:0d:56:60:2d:ba:45:93:e0:6e:3a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=582e2170a7bcbec310154f2bce99833fec2801fb
Validity
Not Before: Feb 26 19:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9c04fb60aff664af35e6c9e023438d8f54e20bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:72:d6:d8:57:f4:9e:c1:47:e2:71:04:ed:79:
bf:db:f5:f7:6a:aa:65:88:00:b7:f9:52:1d:9c:1e:
90:f8:f7:f8:67:01:9d:bd:2e:5c:40:b0:3e:26:21:
3c:6d:82:4b:b2:7e:69:2b:e2:83:e0:bf:31:86:40:
60:f3:a3:36:44:40:53:e8:92:5d:3c:f8:cb:29:39:
a5:89:06:11:d8:71:4d:71:af:4c:54:fa:c6:f4:e2:
21:62:a1:d7:e6:a6:f3:e2:26:16:0a:32:17:49:2f:
35:b5:fc:f4:e0:7c:c7:6a:3a:15:25:49:68:d4:19:
7d:ad:b1:37:38:fc:26:99:db:fb:b3:67:cb:af:6d:
3c:8e:ac:19:d1:0d:38:83:ad:41:1a:93:ea:6b:b2:
a3:97:5b:0d:d9:62:6b:30:79:27:60:53:ef:fe:e0:
37:3f:bc:cb:8a:2f:1c:7e:29:da:de:59:d2:dc:26:
c5:a2:e9:a6:c9:e4:7f:b7:12:3a:b5:51:b6:47:47:
bb:49:4e:31:94:69:a4:5e:b8:0a:24:f7:98:df:cc:
47:13:6b:aa:3b:74:f0:8d:8a:b3:a9:f3:5b:33:5f:
2b:ed:72:a0:a2:52:f3:ea:78:c3:6e:d4:61:b2:47:
14:fc:94:2f:6d:8b:bb:06:82:ee:84:ee:52:0b:55:
b5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C0:4F:B6:0A:FF:66:4A:F3:5E:6C:9E:02:34:38:D8:F5:4E:20:BB
X509v3 Authority Key Identifier:
keyid:58:2E:21:70:A7:BC:BE:C3:10:15:4F:2B:CE:99:83:3F:EC:28:01:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WC4hcKe8vsMQFU8rzpmDP-woAfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/ucBPtgr_ZkrzXmyeAjQ42PVOILs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/WC4hcKe8vsMQFU8rzpmDP-woAfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
67.63.56.0/21
80.75.216.0/24
IPv6:
2a13:f800::/29
Signature Algorithm: sha256WithRSAEncryption
97:09:3e:19:af:ff:c8:d6:19:b3:aa:75:e9:12:2f:fe:5f:c5:
a3:4a:ad:4d:d8:e9:4f:65:a7:0a:eb:ff:12:aa:25:22:72:bb:
99:6a:8e:23:1d:8f:0d:57:4a:79:18:a2:a9:b4:b7:45:d9:4d:
dc:b1:cd:90:03:e4:43:d7:d8:23:f6:ef:2a:30:65:11:54:7f:
ee:b7:36:7d:41:c6:17:ac:a8:c4:b2:09:15:4e:af:35:1f:77:
98:0b:9d:93:f8:73:ae:46:65:58:0c:1a:4e:60:4d:43:a2:28:
fd:25:03:2f:48:7a:0f:9a:a6:e0:65:86:ab:4b:9e:00:c2:5d:
52:7d:ea:91:20:c4:d2:c0:39:57:26:94:23:93:c2:06:ae:e5:
ee:98:d5:70:41:59:d1:8e:d9:55:e8:b2:4d:34:db:92:76:65:
9c:05:02:29:dc:8c:13:e9:82:37:9f:48:25:b8:df:97:08:ec:
ea:13:0c:52:ed:d2:14:38:bc:46:0b:42:c8:52:da:96:fb:88:
25:b5:d7:18:03:e9:ac:08:71:d2:2a:a6:ec:4e:9c:d2:b8:b9:
44:c0:e6:eb:4b:bb:fd:55:98:e5:6e:93:b7:7b:44:ef:2a:e7:
82:8f:99:94:a9:80:19:e7:1f:19:d0:d0:cd:73:dc:63:51:00:
68:56:ca:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY3m6Lr1Sg1WYC26RZPgbjrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MmUyMTcwYTdiY2JlYzMxMDE1NGYyYmNlOTk4MzNmZWMy
ODAxZmIwHhcNMjQwMjI2MTkzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWMwNGZiNjBhZmY2NjRhZjM1ZTZjOWUwMjM0MzhkOGY1NGUyMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3LW2Ff0nsFH4nEE7Xm/2/X3aqpl
iAC3+VIdnB6Q+Pf4ZwGdvS5cQLA+JiE8bYJLsn5pK+KD4L8xhkBg86M2REBT6JJd
PPjLKTmliQYR2HFNca9MVPrG9OIhYqHX5qbz4iYWCjIXSS81tfz04HzHajoVJUlo
1Bl9rbE3OPwmmdv7s2fLr208jqwZ0Q04g61BGpPqa7Kjl1sN2WJrMHknYFPv/uA3
P7zLii8cfina3lnS3CbFoummyeR/txI6tVG2R0e7SU4xlGmkXrgKJPeY38xHE2uq
O3TwjYqzqfNbM18r7XKgolLz6njDbtRhskcU/JQvbYu7BoLuhO5SC1W1mwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLnAT7YK/2ZK815sngI0ONj1TiC7MB8GA1UdIwQY
MBaAFFguIXCnvL7DEBVPK86Zgz/sKAH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0M0aGNLZTh2c01RRlU4cnpwbURQLXdvQWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi84MWVkNDEtZTM2Yi00NWY3LTkwZTct
YjJmZDliZjA5N2Y4LzEvdWNCUHRncl9aa3J6WG15ZUFqUTQyUFZPSUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi84MWVkNDEtZTM2Yi00NWY3LTkwZTctYjJmZDliZjA5N2Y4
LzEvV0M0aGNLZTh2c01RRlU4cnpwbURQLXdvQWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDQz84AwQA
UEvYMA0EAgACMAcDBQMqE/gAMA0GCSqGSIb3DQEBCwUAA4IBAQCXCT4Zr//I1hmz
qnXpEi/+X8WjSq1N2OlPZacK6/8SqiUicruZao4jHY8NV0p5GKKptLdF2U3csc2Q
A+RD19gj9u8qMGURVH/utzZ9QcYXrKjEsgkVTq81H3eYC52T+HOuRmVYDBpOYE1D
oij9JQMvSHoPmqbgZYarS54Awl1SfeqRIMTSwDlXJpQjk8IGruXumNVwQVnRjtlV
6LJNNNuSdmWcBQIp3IwT6YI3n0gluN+XCOzqEwxS7dIUOLxGC0LIUtqW+4gltdcY
A+msCHHSKqbsTpzSuLlEwObrS7v9VZjlbpO3e0TvKueCj5mUqYAZ5x8Z0NDNc9xj
UQBoVsoJ
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:12:38 2025 by rpki-client