Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/uKDziCmYElaykB4W-VucqgTOm5c.roa
File: uKDziCmYElaykB4W-VucqgTOm5c.roa (raw, json)
Hash identifier: +PLTn4mnFUAjlO0OKRPcAahPAsHMPRtAItwpvz34i3I=
Subject key identifier: B8:A0:F3:88:29:98:12:56:B2:90:1E:16:F9:5B:9C:AA:04:CE:9B:97
Certificate issuer: /CN=4aefb99d2a06ee99dea9566f16bf226db3e56c92
Certificate serial: 018CC5DC9ACEFE89519DE0109E79A27224EA
Authority key identifier: 4A:EF:B9:9D:2A:06:EE:99:DE:A9:56:6F:16:BF:22:6D:B3:E5:6C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Su-5nSoG7pneqVZvFr8ibbPlbJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/uKDziCmYElaykB4W-VucqgTOm5c.roa
Signing time: Mon 01 Jan 2024 16:30:18 +0000
ROA not before: Mon 01 Jan 2024 16:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20953
IP address blocks: 195.246.219.0/24 maxlen: 24
80.79.192.0/20 maxlen: 20
2a02:1d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:9a:ce:fe:89:51:9d:e0:10:9e:79:a2:72:24:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aefb99d2a06ee99dea9566f16bf226db3e56c92
Validity
Not Before: Jan 1 16:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8a0f38829981256b2901e16f95b9caa04ce9b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:43:f5:f8:51:52:2f:a3:4b:2d:8a:39:1d:ea:
ff:5f:66:f4:0b:d4:02:bb:af:bd:fd:e6:09:c2:9c:
e2:80:38:fc:f9:d7:28:cc:21:36:2d:9f:72:44:40:
c7:83:e7:c1:27:93:68:5f:80:41:10:ed:01:f2:7c:
d1:2d:b9:73:02:ab:5f:ed:08:03:8a:e7:ed:c4:b5:
da:b7:0e:8b:2c:64:78:04:ae:ac:cf:37:52:f4:05:
b0:15:42:6b:86:07:91:56:bb:04:43:14:30:0b:8d:
f5:07:61:36:96:51:3f:d6:01:2a:32:55:a9:b8:3f:
69:5a:33:fc:69:8b:0f:58:db:31:6e:ee:37:d1:e8:
6d:38:86:57:44:74:a6:d1:a1:f1:f3:1a:b4:aa:72:
27:b8:35:32:c7:04:e6:6d:60:2a:86:d2:fd:08:02:
02:4c:3c:c5:5d:a5:8f:5a:a7:36:54:11:10:b0:1a:
10:cd:37:ba:7d:f7:e1:a7:68:c4:36:79:14:ab:cc:
b6:18:29:e9:94:78:a4:25:ec:71:c4:d1:73:c5:1e:
1f:90:eb:14:be:d9:a1:8b:cf:0c:71:f9:08:ef:4d:
96:2a:df:9f:99:d2:30:ea:6d:e6:65:e3:44:e5:8a:
d3:8c:14:25:a4:02:b1:89:49:6e:d6:14:2f:a5:7d:
33:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A0:F3:88:29:98:12:56:B2:90:1E:16:F9:5B:9C:AA:04:CE:9B:97
X509v3 Authority Key Identifier:
keyid:4A:EF:B9:9D:2A:06:EE:99:DE:A9:56:6F:16:BF:22:6D:B3:E5:6C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Su-5nSoG7pneqVZvFr8ibbPlbJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/uKDziCmYElaykB4W-VucqgTOm5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/Su-5nSoG7pneqVZvFr8ibbPlbJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.192.0/20
195.246.219.0/24
IPv6:
2a02:1d8::/32
Signature Algorithm: sha256WithRSAEncryption
19:be:9c:a1:ed:90:40:3e:bf:07:f3:00:ba:29:3a:58:1b:04:
aa:1e:3d:ef:ac:46:f9:83:74:91:55:c4:6f:c6:c3:15:6c:cc:
b0:21:17:e9:1e:f8:28:ad:18:88:b5:08:06:75:2c:45:e3:23:
8b:e1:2d:88:32:fb:e8:b6:f7:b2:fb:f8:0c:c4:e9:f5:d3:e6:
54:2d:fd:47:5d:fa:3f:a6:a4:50:c3:99:ef:ec:54:18:bf:94:
a9:b5:07:38:a8:0e:21:23:61:21:3f:8c:4a:35:c4:b5:15:ae:
a0:6a:59:fd:a1:91:3b:a1:74:c4:7b:6f:5b:ab:98:ba:ce:ed:
3f:5c:26:12:55:91:d8:d8:86:37:1a:46:76:34:8a:e8:f8:26:
e3:40:4a:53:2a:ba:c9:a8:e1:33:60:67:1f:55:53:b6:81:a4:
75:1e:13:33:4f:57:76:02:e2:46:12:32:e7:31:b6:6a:cc:03:
9c:9f:e2:ed:27:fb:de:b7:86:aa:eb:2b:11:a5:8b:de:42:84:
fd:9f:e3:b1:d2:48:1c:9c:cc:aa:41:50:47:31:c0:a1:a3:aa:
e2:f4:c1:a4:67:4e:f3:d1:b1:a4:31:00:a5:92:5b:8e:27:7d:
ff:6f:9b:1d:e3:13:29:8d:86:6b:34:2b:89:cb:cc:d5:34:db:
1e:4d:01:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3JrO/olRneAQnnmiciTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZWZiOTlkMmEwNmVlOTlkZWE5NTY2ZjE2YmYyMjZkYjNl
NTZjOTIwHhcNMjQwMTAxMTYzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGEwZjM4ODI5OTgxMjU2YjI5MDFlMTZmOTViOWNhYTA0Y2U5Yjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEP1+FFSL6NLLYo5Her/X2b0C9QC
u6+9/eYJwpzigDj8+dcozCE2LZ9yREDHg+fBJ5NoX4BBEO0B8nzRLblzAqtf7QgD
iuftxLXatw6LLGR4BK6szzdS9AWwFUJrhgeRVrsEQxQwC431B2E2llE/1gEqMlWp
uD9pWjP8aYsPWNsxbu430ehtOIZXRHSm0aHx8xq0qnInuDUyxwTmbWAqhtL9CAIC
TDzFXaWPWqc2VBEQsBoQzTe6fffhp2jENnkUq8y2GCnplHikJexxxNFzxR4fkOsU
vtmhi88McfkI702WKt+fmdIw6m3mZeNE5YrTjBQlpAKxiUlu1hQvpX0zpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLig84gpmBJWspAeFvlbnKoEzpuXMB8GA1UdIwQY
MBaAFErvuZ0qBu6Z3qlWbxa/Im2z5WySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3UtNW5Tb0c3cG5lcVZadkZyOGliYlBsYkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xNjlhM2ItNmE3My00OWVjLWFmZmEt
ZWQwYTdhYmE4Y2IyLzEvdUtEemlDbVlFbGF5a0I0Vy1WdWNxZ1RPbTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xNjlhM2ItNmE3My00OWVjLWFmZmEtZWQwYTdhYmE4Y2Iy
LzEvU3UtNW5Tb0c3cG5lcVZadkZyOGliYlBsYkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUE/AAwQA
w/bbMA0EAgACMAcDBQAqAgHYMA0GCSqGSIb3DQEBCwUAA4IBAQAZvpyh7ZBAPr8H
8wC6KTpYGwSqHj3vrEb5g3SRVcRvxsMVbMywIRfpHvgorRiItQgGdSxF4yOL4S2I
Mvvotvey+/gMxOn10+ZULf1HXfo/pqRQw5nv7FQYv5SptQc4qA4hI2EhP4xKNcS1
Fa6galn9oZE7oXTEe29bq5i6zu0/XCYSVZHY2IY3GkZ2NIro+CbjQEpTKrrJqOEz
YGcfVVO2gaR1HhMzT1d2AuJGEjLnMbZqzAOcn+LtJ/vet4aq6ysRpYveQoT9n+Ox
0kgcnMyqQVBHMcCho6ri9MGkZ07z0bGkMQClkluOJ33/b5sd4xMpjYZrNCuJy8zV
NNseTQFa
-----END CERTIFICATE-----
Generated at Thu May 1 19:05:07 2025 by rpki-client