Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/uhpTswU5GYpwjiCyN9okwtrUKBU.roa
File: uhpTswU5GYpwjiCyN9okwtrUKBU.roa (raw, json)
Hash identifier: 1gsToymtYfDS3jAQ5oz9W4x4yntTpHPYiC0jlqpjxJk=
Subject key identifier: BA:1A:53:B3:05:39:19:8A:70:8E:20:B2:37:DA:24:C2:DA:D4:28:15
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 01932E868C9B91250029D6593A56D591E2D5
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/uhpTswU5GYpwjiCyN9okwtrUKBU.roa
Signing time: Fri 15 Nov 2024 06:33:09 +0000
ROA not before: Fri 15 Nov 2024 06:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216139
IP address blocks: 178.217.100.0/24 maxlen: 24
178.217.101.0/24 maxlen: 24
217.144.102.0/24 maxlen: 24
2a03:80c0:abba::/48 maxlen: 48
2a03:80c0:face::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2e:86:8c:9b:91:25:00:29:d6:59:3a:56:d5:91:e2:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Nov 15 06:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba1a53b30539198a708e20b237da24c2dad42815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:f5:33:aa:72:b4:65:41:a0:c6:20:08:f5:
47:22:fa:27:83:8d:62:29:9d:b0:7a:b8:ec:a0:d5:
8e:10:6c:03:c6:a1:05:4b:64:3b:31:a6:15:ba:e0:
2e:62:c1:b4:cd:0f:7a:78:0a:22:51:0d:69:da:6d:
a4:64:ae:aa:0a:66:a2:c8:6d:38:ba:94:35:6f:16:
ea:4d:2b:69:0e:d2:ac:b5:c5:57:c9:05:e7:2c:0e:
e6:78:d2:9b:57:9c:67:d6:39:07:a4:b9:e7:10:93:
e9:0d:0c:3a:cb:59:94:e7:99:ca:a4:46:a6:b8:81:
8a:1f:91:97:06:b1:02:82:6d:af:af:e3:61:0a:bc:
61:d8:52:c5:7f:14:51:e1:36:72:5c:f9:69:35:53:
1b:57:0d:52:dc:68:b3:5c:0f:2f:6b:6b:00:4e:c8:
88:d8:0c:64:ca:7a:65:bc:af:e7:f0:a6:26:8f:40:
ea:9b:21:3d:51:7b:11:35:e6:e7:28:e8:9e:04:aa:
67:70:71:9e:b6:37:ac:03:c3:ce:fd:49:8a:0c:75:
5b:fd:fe:74:61:a4:7a:ab:f5:27:bb:59:f8:53:8a:
4b:cc:f8:c8:e6:9c:15:43:4a:ff:c6:fc:da:80:83:
34:41:28:74:aa:46:da:14:54:e1:c0:fb:e9:5a:27:
8f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1A:53:B3:05:39:19:8A:70:8E:20:B2:37:DA:24:C2:DA:D4:28:15
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/uhpTswU5GYpwjiCyN9okwtrUKBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.100.0/23
217.144.102.0/24
IPv6:
2a03:80c0:abba::/48
2a03:80c0:face::/48
Signature Algorithm: sha256WithRSAEncryption
09:71:ee:8a:dc:40:99:22:14:e4:99:a4:6f:39:aa:db:61:12:
4e:2d:f6:a3:74:6b:ad:2e:8b:fe:ea:e2:26:91:9b:b4:0e:54:
e4:37:1a:5b:6e:82:68:20:61:34:88:c2:47:f9:4f:b6:75:68:
b7:e6:43:f7:08:3a:39:6a:ab:6e:70:5e:fa:a0:fb:05:93:a9:
c1:4d:0c:98:3f:66:60:4e:fb:1c:85:2a:59:af:7e:6e:d3:42:
df:94:44:e3:1d:0b:6e:d5:51:3d:18:bb:30:32:5c:51:ba:f6:
d2:a6:45:07:79:a6:af:5d:e9:8f:82:4d:cb:e5:6c:ee:49:43:
d9:b9:80:eb:27:61:99:c6:74:23:f3:5e:9f:a9:d2:e2:b3:2e:
39:46:9e:ab:4e:d4:cf:2b:44:69:ef:49:3b:69:e4:98:94:7f:
5b:9e:b4:24:90:1b:4c:67:68:91:1d:6d:d0:87:da:82:57:39:
11:9c:1e:46:89:63:ab:cd:4b:fc:7f:56:f8:e3:43:77:dc:d0:
13:d7:30:e7:d8:ec:97:26:db:07:ff:b0:e3:7b:61:be:84:01:
61:ec:4a:c0:9e:08:05:15:a8:5e:a0:8f:a8:cb:dc:3d:27:c9:
a5:ab:1b:24:38:36:43:ad:c9:67:78:b7:4a:dc:48:79:75:1c:
82:1f:78:1b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZMuhoybkSUAKdZZOlbVkeLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjQxMTE1MDYzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTFhNTNiMzA1MzkxOThhNzA4ZTIwYjIzN2RhMjRjMmRhZDQyODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywT1M6pytGVBoMYgCPVHIvong41i
KZ2werjsoNWOEGwDxqEFS2Q7MaYVuuAuYsG0zQ96eAoiUQ1p2m2kZK6qCmaiyG04
upQ1bxbqTStpDtKstcVXyQXnLA7meNKbV5xn1jkHpLnnEJPpDQw6y1mU55nKpEam
uIGKH5GXBrECgm2vr+NhCrxh2FLFfxRR4TZyXPlpNVMbVw1S3GizXA8va2sATsiI
2AxkynplvK/n8KYmj0DqmyE9UXsRNebnKOieBKpncHGetjesA8PO/UmKDHVb/f50
YaR6q/Unu1n4U4pLzPjI5pwVQ0r/xvzagIM0QSh0qkbaFFThwPvpWiePRQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLoaU7MFORmKcI4gsjfaJMLa1CgVMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvdWhwVHN3VTVHWXB3amlDeU45b2t3dHJVS0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBstlkAwQA
2ZBmMBgEAgACMBIDBwAqA4DAq7oDBwAqA4DA+s4wDQYJKoZIhvcNAQELBQADggEB
AAlx7orcQJkiFOSZpG85qtthEk4t9qN0a60ui/7q4iaRm7QOVOQ3GltugmggYTSI
wkf5T7Z1aLfmQ/cIOjlqq25wXvqg+wWTqcFNDJg/ZmBO+xyFKlmvfm7TQt+UROMd
C27VUT0YuzAyXFG69tKmRQd5pq9d6Y+CTcvlbO5JQ9m5gOsnYZnGdCPzXp+p0uKz
LjlGnqtO1M8rRGnvSTtp5JiUf1uetCSQG0xnaJEdbdCH2oJXORGcHkaJY6vNS/x/
VvjjQ3fc0BPXMOfY7Jcm2wf/sON7Yb6EAWHsSsCeCAUVqF6gj6jL3D0nyaWrGyQ4
NkOtyWd4t0rcSHl1HIIfeBs=
-----END CERTIFICATE-----
Generated at Thu May 15 16:04:03 2025 by rpki-client