Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/UUcVBZghrNo9apyGZ03R_DtLDfQ.roa
File: UUcVBZghrNo9apyGZ03R_DtLDfQ.roa (raw, json)
Hash identifier: 5sUx98btRQcYQz0jl8P9fiM5PGNpSYspTHcUZXcvFyc=
Subject key identifier: 51:47:15:05:98:21:AC:DA:3D:6A:9C:86:67:4D:D1:FC:3B:4B:0D:F4
Certificate issuer: /CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Certificate serial: 018CC2DB40BBD27DA384F6ED79BFEEB0AD32
Authority key identifier: DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/UUcVBZghrNo9apyGZ03R_DtLDfQ.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25176
IP address blocks: 81.8.204.0/24 maxlen: 24
80.88.96.0/19 maxlen: 19
85.194.128.0/18 maxlen: 18
81.8.226.0/24 maxlen: 24
81.8.128.0/17 maxlen: 17
2a01:4040::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 May 2024 07:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:40:bb:d2:7d:a3:84:f6:ed:79:bf:ee:b0:ad:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=514715059821acda3d6a9c86674dd1fc3b4b0df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e6:b3:6f:ee:eb:70:c0:c4:83:7d:ae:58:25:
4d:4f:c8:a9:85:0b:02:f8:69:94:90:af:9b:60:67:
5f:bc:ec:2e:88:ca:96:c7:95:26:b8:ca:44:ca:89:
d1:72:41:2b:e0:ac:52:93:6b:77:2c:21:ed:05:58:
d3:f0:e8:7b:9f:2b:ea:68:82:c7:2d:19:43:b6:28:
e4:88:95:91:bf:f4:72:3b:39:0d:a7:c7:70:10:b6:
07:80:42:5e:d9:ab:5a:92:6f:79:36:5d:f5:7b:d7:
45:af:b5:16:89:ef:23:09:13:2d:7a:de:28:24:a3:
ea:e9:bd:a2:f1:27:52:08:ab:1f:9a:77:be:bf:8e:
3e:f0:e4:5f:20:08:1c:2c:08:2e:0b:57:b9:07:8d:
57:12:0d:4c:da:93:32:d8:a4:e3:3f:c4:99:6f:2a:
85:b6:8c:4a:27:00:e7:7a:06:31:cd:05:61:c3:f9:
48:d1:14:32:0f:43:4f:5d:31:fb:28:37:1d:83:29:
fb:0f:35:9e:c9:1c:2b:b4:d2:eb:87:7d:39:38:a4:
25:e9:b4:36:ea:d4:9a:8c:15:88:50:1a:c7:5e:c9:
17:a6:3a:45:e9:a6:4d:0c:db:b7:38:48:fa:59:d2:
fd:6f:33:07:98:c5:aa:a8:9b:68:75:36:3f:b5:5f:
4e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:47:15:05:98:21:AC:DA:3D:6A:9C:86:67:4D:D1:FC:3B:4B:0D:F4
X509v3 Authority Key Identifier:
keyid:DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/UUcVBZghrNo9apyGZ03R_DtLDfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.88.96.0/19
81.8.128.0/17
85.194.128.0/18
IPv6:
2a01:4040::/32
Signature Algorithm: sha256WithRSAEncryption
01:62:24:be:dd:86:b0:1e:45:7e:cc:0c:dc:f2:b7:53:7f:52:
64:4e:08:f6:eb:31:f5:73:f6:3b:38:44:b1:51:be:83:77:d8:
30:a4:4b:04:57:bc:4f:64:82:36:f6:31:37:fa:00:8b:e9:07:
e3:67:75:18:11:8a:af:bb:80:ef:89:90:d7:1c:b4:7f:2c:9e:
6c:8d:b4:f0:5e:3c:2f:c8:05:e2:e1:cc:2d:0a:43:58:74:74:
d0:73:63:d2:59:8d:ee:42:97:0d:57:9f:4d:49:92:fa:53:6b:
06:b3:65:94:35:b4:80:4a:1a:3b:7f:73:ea:0a:55:34:e6:9a:
b8:aa:04:4f:2e:f0:b5:0d:c4:cc:27:a0:35:f9:0f:70:3f:b6:
ec:61:98:7d:6b:cf:88:da:0b:40:41:55:65:6e:f4:d8:d7:db:
5f:77:74:2b:53:db:88:75:fe:0c:16:c3:0d:bd:99:66:18:0c:
6b:a7:71:ba:a8:05:af:3e:11:90:76:c7:c0:4b:1c:56:c9:39:
aa:8c:d8:d6:d7:4f:cf:e3:67:5b:3e:ea:bc:ed:73:de:e6:de:
56:92:5c:6a:01:41:79:f1:74:29:f0:87:98:b0:27:0f:fd:f6:
59:44:cc:17:6e:65:27:22:ac:8d:8d:25:c0:cf:86:b8:06:5f:
93:5c:67:2b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC20C70n2jhPbteb/usK0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMGIzM2NkZGI3OTliN2JjZjVkM2RjZTAwNGZkYmE4YzNl
ODY0ZmYwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTQ3MTUwNTk4MjFhY2RhM2Q2YTljODY2NzRkZDFmYzNiNGIwZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuazb+7rcMDEg32uWCVNT8iphQsC
+GmUkK+bYGdfvOwuiMqWx5UmuMpEyonRckEr4KxSk2t3LCHtBVjT8Oh7nyvqaILH
LRlDtijkiJWRv/RyOzkNp8dwELYHgEJe2atakm95Nl31e9dFr7UWie8jCRMtet4o
JKPq6b2i8SdSCKsfmne+v44+8ORfIAgcLAguC1e5B41XEg1M2pMy2KTjP8SZbyqF
toxKJwDnegYxzQVhw/lI0RQyD0NPXTH7KDcdgyn7DzWeyRwrtNLrh305OKQl6bQ2
6tSajBWIUBrHXskXpjpF6aZNDNu3OEj6WdL9bzMHmMWqqJtodTY/tV9OcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFFHFQWYIazaPWqchmdN0fw7Sw30MB8GA1UdIwQY
MBaAFNoLM83beZt7z109zgBP26jD6GT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQt
NzczM2JkODg4ZTI4LzEvVVVjVkJaZ2hyTm85YXB5R1owM1JfRHRMRGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQtNzczM2JkODg4ZTI4
LzEvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUFhgAwQH
UQiAAwQGVcKAMA0EAgACMAcDBQAqAUBAMA0GCSqGSIb3DQEBCwUAA4IBAQABYiS+
3YawHkV+zAzc8rdTf1JkTgj26zH1c/Y7OESxUb6Dd9gwpEsEV7xPZII29jE3+gCL
6QfjZ3UYEYqvu4DviZDXHLR/LJ5sjbTwXjwvyAXi4cwtCkNYdHTQc2PSWY3uQpcN
V59NSZL6U2sGs2WUNbSASho7f3PqClU05pq4qgRPLvC1DcTMJ6A1+Q9wP7bsYZh9
a8+I2gtAQVVlbvTY19tfd3QrU9uIdf4MFsMNvZlmGAxrp3G6qAWvPhGQdsfASxxW
yTmqjNjW10/P42dbPuq87XPe5t5WklxqAUF58XQp8IeYsCcP/fZZRMwXbmUnIqyN
jSXAz4a4Bl+TXGcr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org