Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UvKsbEIVOnwV_Wio4MRXyIQ8EBg.roa
File: UvKsbEIVOnwV_Wio4MRXyIQ8EBg.roa (raw, json)
Hash identifier: +UJPxx6U1DlBgCX5OE1baGBZjr2gYFiok9KalQduuEk=
Subject key identifier: 52:F2:AC:6C:42:15:3A:7C:15:FD:68:A8:E0:C4:57:C8:84:3C:10:18
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018DBDC33083A15163AB56D497E63CF648DC
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UvKsbEIVOnwV_Wio4MRXyIQ8EBg.roa
Signing time: Sun 18 Feb 2024 19:48:22 +0000
ROA not before: Sun 18 Feb 2024 19:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.247.20.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 18:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bd:c3:30:83:a1:51:63:ab:56:d4:97:e6:3c:f6:48:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 18 19:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52f2ac6c42153a7c15fd68a8e0c457c8843c1018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:e4:d4:28:0b:c3:b4:bd:de:a1:87:d8:3d:
45:64:73:5f:dd:65:f6:a7:d9:e6:73:f3:ed:29:d9:
da:31:cc:34:cb:83:d4:19:7a:77:4c:31:d1:51:59:
fd:85:87:de:a4:4e:d3:3d:82:55:05:f8:8e:e6:57:
d7:c7:f4:e7:6a:6c:2b:67:a7:d5:82:26:07:0a:e3:
52:4a:b3:22:b3:b4:a0:1e:0b:b5:0c:1e:fb:48:af:
9b:be:a2:c5:d3:2b:ab:dc:79:db:59:c4:c3:08:43:
ff:31:58:f8:43:ac:b5:ec:36:fa:2a:50:a9:bf:45:
d6:a5:f6:3a:62:e0:20:cb:a3:45:66:97:d1:0a:8b:
e2:dd:f7:16:15:e2:6a:14:6b:1c:2c:bf:9a:d6:99:
e0:24:55:ec:99:6b:2f:f3:7f:9f:20:1a:53:a7:73:
ba:73:1e:69:67:07:06:c7:35:42:b6:bb:14:1e:ca:
00:11:13:12:23:f8:7c:be:29:36:b2:e0:20:29:6b:
9e:61:3f:e2:f6:ae:c0:83:a6:27:0b:5d:57:59:ee:
95:0c:64:94:4b:a1:21:bf:6b:74:6b:f2:35:83:68:
66:81:94:8a:e0:b6:c6:b6:a4:cf:c9:8b:e7:f3:d3:
b3:bd:3d:b8:bc:55:17:f1:f2:45:57:ea:5c:9d:d9:
ba:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F2:AC:6C:42:15:3A:7C:15:FD:68:A8:E0:C4:57:C8:84:3C:10:18
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UvKsbEIVOnwV_Wio4MRXyIQ8EBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.20.0/24
89.34.171.0/24
89.37.106.0/24
89.42.213.0/24
94.177.113.0/24
94.177.118.0/24
Signature Algorithm: sha256WithRSAEncryption
60:53:cc:ca:53:61:de:6f:6c:15:c2:e1:9b:02:a1:fe:bb:4e:
f1:4c:9f:f5:72:11:b5:a2:5c:18:c3:5c:01:74:d6:80:69:a8:
ec:ba:cd:b2:82:25:4f:16:cf:eb:d6:a4:14:f8:36:75:49:79:
33:0f:32:bc:09:53:77:ad:00:55:88:b8:e6:b7:cc:75:06:3c:
a0:2b:ee:da:e3:57:52:e7:5b:19:df:98:a5:b7:95:50:c6:25:
4b:eb:cb:bb:c2:cd:dc:10:e5:0a:f4:64:27:51:95:30:16:39:
9d:27:34:95:72:97:1b:0d:3b:51:f8:33:ee:42:18:2c:9a:8e:
4c:59:99:f3:8e:11:15:12:9b:62:29:99:7f:e1:1b:2b:94:9f:
09:26:43:cc:fe:bb:4d:a8:b5:67:ad:fc:f6:39:b6:e9:f7:f5:
65:07:19:7e:5b:a2:42:ae:de:a5:10:ec:13:1e:e7:d9:c3:67:
66:14:45:66:fe:98:4e:fb:2c:40:28:12:57:af:fe:86:c8:c8:
7a:cf:ca:19:d0:8f:a6:59:c7:21:ba:26:9a:b5:a0:d3:af:ba:
2c:54:6f:c0:73:bc:5f:bf:46:c8:ef:a3:f5:46:1f:10:b9:34:
d9:21:42:52:a1:a7:ef:c7:65:bf:ad:1b:1d:e9:4b:8c:56:ef:
b0:3e:3e:26
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY29wzCDoVFjq1bUl+Y89kjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMjE4MTk0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmYyYWM2YzQyMTUzYTdjMTVmZDY4YThlMGM0NTdjODg0M2MxMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO3k1CgLw7S93qGH2D1FZHNf3WX2
p9nmc/PtKdnaMcw0y4PUGXp3TDHRUVn9hYfepE7TPYJVBfiO5lfXx/TnamwrZ6fV
giYHCuNSSrMis7SgHgu1DB77SK+bvqLF0yur3HnbWcTDCEP/MVj4Q6y17Db6KlCp
v0XWpfY6YuAgy6NFZpfRCovi3fcWFeJqFGscLL+a1pngJFXsmWsv83+fIBpTp3O6
cx5pZwcGxzVCtrsUHsoAERMSI/h8vik2suAgKWueYT/i9q7Ag6YnC11XWe6VDGSU
S6Ehv2t0a/I1g2hmgZSK4LbGtqTPyYvn89OzvT24vFUX8fJFV+pcndm6NQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFLyrGxCFTp8Ff1oqODEV8iEPBAYMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvVXZLc2JFSVZPbndWX1dpbzRNUlh5SVE4RUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVPcUAwQA
WSKrAwQAWSVqAwQAWSrVAwQAXrFxAwQAXrF2MA0GCSqGSIb3DQEBCwUAA4IBAQBg
U8zKU2Heb2wVwuGbAqH+u07xTJ/1chG1olwYw1wBdNaAaajsus2ygiVPFs/r1qQU
+DZ1SXkzDzK8CVN3rQBViLjmt8x1BjygK+7a41dS51sZ35ilt5VQxiVL68u7ws3c
EOUK9GQnUZUwFjmdJzSVcpcbDTtR+DPuQhgsmo5MWZnzjhEVEptiKZl/4RsrlJ8J
JkPM/rtNqLVnrfz2Obbp9/VlBxl+W6JCrt6lEOwTHufZw2dmFEVm/phO+yxAKBJX
r/6GyMh6z8oZ0I+mWcchuiaataDTr7osVG/Ac7xfv0bI76P1Rh8QuTTZIUJSoafv
x2W/rRsd6UuMVu+wPj4m
-----END CERTIFICATE-----
Generated at Mon Feb 19 22:04:45 2024 by rpki-client on console-ams.rpki-client.org