Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ucXzEvxx9xcINDlpnkHNw-3UTDM.roa
File: ucXzEvxx9xcINDlpnkHNw-3UTDM.roa (raw, json)
Hash identifier: j7FcGv7JyW6iFYg0IYLlrRtaDJMLaCCCoC/1NO/yS3o=
Subject key identifier: B9:C5:F3:12:FC:71:F7:17:08:34:39:69:9E:41:CD:C3:ED:D4:4C:33
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428240AF51D68FA70F78AFED9F9486E8A
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ucXzEvxx9xcINDlpnkHNw-3UTDM.roa
Signing time: Thu 02 Jan 2025 17:50:38 +0000
ROA not before: Thu 02 Jan 2025 17:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 5.102.124.0/22 maxlen: 24
37.34.88.0/21 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 13:04:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:0a:f5:1d:68:fa:70:f7:8a:fe:d9:f9:48:6e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9c5f312fc71f717083439699e41cdc3edd44c33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c2:56:62:58:1a:dc:05:72:29:3d:cf:12:3b:
b6:62:34:a7:3f:8c:2e:c5:62:63:7e:e8:30:30:30:
f3:f0:2e:bd:e5:79:2f:a2:fa:9c:04:f1:99:87:a2:
61:4b:9f:c6:0b:6b:30:e2:d6:b3:84:b1:3c:c4:93:
5c:3e:ca:94:59:e0:78:92:40:2c:85:a4:54:47:e1:
86:48:b9:2e:95:0e:4d:4e:49:95:3b:ab:73:c9:15:
89:8f:fb:a9:bc:68:6b:6c:42:0e:ea:f0:bb:7d:42:
e4:02:37:af:1a:c1:29:06:a0:6d:7e:e0:29:3c:fd:
61:ea:e5:0e:33:cf:f1:ef:79:71:d3:55:6d:c5:3d:
ea:64:d9:1f:c2:0e:9e:8b:9d:84:81:b2:c5:b5:0c:
b5:8b:19:ea:b4:aa:70:89:ff:b6:e7:37:9d:93:f6:
63:58:4f:63:d4:a3:df:b3:84:bb:0d:19:31:06:28:
83:2e:88:59:1a:2a:9c:92:47:04:62:c7:3b:74:a1:
e9:84:cb:e6:83:b1:c2:50:1e:6b:de:af:a0:d4:5e:
5f:ab:02:22:79:5f:2b:d1:46:ed:2e:dc:66:b4:ce:
97:6f:4d:05:7c:41:40:04:b2:5b:fc:7e:07:42:72:
d1:97:45:0d:84:48:4c:cd:b5:c3:97:3c:91:a6:40:
ae:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C5:F3:12:FC:71:F7:17:08:34:39:69:9E:41:CD:C3:ED:D4:4C:33
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ucXzEvxx9xcINDlpnkHNw-3UTDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.124.0/22
37.34.88.0/21
46.20.210.0/23
Signature Algorithm: sha256WithRSAEncryption
50:1b:24:f1:10:12:80:2b:2c:73:33:8c:30:9c:9c:82:ec:39:
0c:76:21:74:86:de:7c:3c:91:a0:4a:3c:f8:a6:e7:4d:4d:ee:
b8:91:c2:bc:20:da:60:9b:0f:03:7d:f1:95:00:f5:6a:5b:bc:
ba:b9:14:38:cd:04:c9:92:f9:69:e1:fc:73:01:c2:38:34:55:
e2:8f:74:15:08:15:19:38:16:bc:17:c9:59:a0:b6:03:f0:6e:
ab:d8:8e:82:2d:d8:98:78:10:c2:a4:3e:bb:09:fc:f8:0e:ff:
76:29:41:4e:76:1b:93:83:95:01:0e:c4:27:15:60:7b:e6:dd:
2b:85:0a:4d:21:02:38:a8:fa:1f:99:24:27:93:d1:84:ef:ce:
38:42:16:41:e1:e7:5c:e1:45:2d:71:97:70:54:9b:b4:3d:c7:
04:dc:60:0b:2b:2c:f9:4b:24:53:a3:4c:55:30:37:3a:6b:07:
02:9b:79:8f:e1:c3:49:89:cb:31:9f:74:f9:74:dd:8f:a5:c3:
57:4f:b7:a6:58:ad:35:01:74:18:63:78:94:25:62:9c:8c:af:
c0:2d:dc:2c:0b:81:c3:aa:3f:e4:4b:6e:07:0a:4c:fb:be:ef:
6c:60:0d:0b:8e:14:54:f6:45:22:94:4a:6b:33:1e:e5:f6:84:
2b:62:58:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJAr1HWj6cPeK/tn5SG6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWM1ZjMxMmZjNzFmNzE3MDgzNDM5Njk5ZTQxY2RjM2VkZDQ0YzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssJWYlga3AVyKT3PEju2YjSnP4wu
xWJjfugwMDDz8C695XkvovqcBPGZh6JhS5/GC2sw4tazhLE8xJNcPsqUWeB4kkAs
haRUR+GGSLkulQ5NTkmVO6tzyRWJj/upvGhrbEIO6vC7fULkAjevGsEpBqBtfuAp
PP1h6uUOM8/x73lx01VtxT3qZNkfwg6ei52EgbLFtQy1ixnqtKpwif+25zedk/Zj
WE9j1KPfs4S7DRkxBiiDLohZGiqckkcEYsc7dKHphMvmg7HCUB5r3q+g1F5fqwIi
eV8r0UbtLtxmtM6Xb00FfEFABLJb/H4HQnLRl0UNhEhMzbXDlzyRpkCuSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLnF8xL8cfcXCDQ5aZ5BzcPt1EwzMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdWNYekV2eHg5eGNJTkRscG5rSE53LTNVVERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBWZ8AwQD
JSJYAwQBLhTSMA0GCSqGSIb3DQEBCwUAA4IBAQBQGyTxEBKAKyxzM4wwnJyC7DkM
diF0ht58PJGgSjz4pudNTe64kcK8INpgmw8DffGVAPVqW7y6uRQ4zQTJkvlp4fxz
AcI4NFXij3QVCBUZOBa8F8lZoLYD8G6r2I6CLdiYeBDCpD67Cfz4Dv92KUFOdhuT
g5UBDsQnFWB75t0rhQpNIQI4qPofmSQnk9GE7844QhZB4edc4UUtcZdwVJu0PccE
3GALKyz5SyRTo0xVMDc6awcCm3mP4cNJicsxn3T5dN2PpcNXT7emWK01AXQYY3iU
JWKcjK/ALdwsC4HDqj/kS24HCkz7vu9sYA0LjhRU9kUilEprMx7l9oQrYli3
-----END CERTIFICATE-----
Generated at Sun May 11 20:43:05 2025 by rpki-client