Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/08UMKNSTh5dG7mNTn4pbSfU_PwI.roa
File: 08UMKNSTh5dG7mNTn4pbSfU_PwI.roa (raw, json)
Hash identifier: kBwUmVStK7JpUFVO6eKqx7Aub3XiCrR1mqwO+qxcXJ0=
Subject key identifier: D3:C5:0C:28:D4:93:87:97:46:EE:63:53:9F:8A:5B:49:F5:3F:3F:02
Certificate issuer: /CN=167782bea46fd271768ff46d9b45c057a9df5481
Certificate serial: 019421446B3C975418EBB98591509753E768
Authority key identifier: 16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/08UMKNSTh5dG7mNTn4pbSfU_PwI.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 185.229.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 16:16:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6b:3c:97:54:18:eb:b9:85:91:50:97:53:e7:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167782bea46fd271768ff46d9b45c057a9df5481
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3c50c28d493879746ee63539f8a5b49f53f3f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:ad:05:01:35:d3:30:b6:2f:80:29:25:b8:
bc:88:15:98:d1:43:0b:c1:85:89:bc:70:27:02:77:
9e:35:27:04:39:7b:ee:82:a7:63:9f:82:6d:dd:92:
92:5b:69:59:ee:33:59:a4:dd:03:f5:4b:32:79:55:
9f:f1:bc:c5:36:e8:8f:23:34:a2:87:5c:fe:16:f7:
01:ae:58:c4:55:a7:6c:b1:0e:27:a8:90:8b:c4:df:
8c:b7:cf:20:9a:90:07:89:d5:6a:2c:98:4a:c0:b5:
73:0c:f1:d5:26:fb:78:47:06:65:5d:08:a5:35:b3:
75:28:d5:2d:c4:01:51:b4:c1:16:e1:2f:fb:ea:6a:
37:58:21:50:41:78:13:f0:db:cc:bb:a8:74:2c:5c:
1d:6e:b6:50:2f:39:67:f8:8b:f6:5f:47:33:45:e0:
67:17:a0:02:b2:b3:15:82:c9:ac:89:dd:9f:9c:ad:
f4:97:0c:4c:b1:51:d3:50:64:56:66:cb:38:f0:6f:
92:3c:07:03:0d:0a:4d:53:52:14:82:95:60:f1:a2:
f7:47:6f:c7:5f:df:fd:78:d9:4d:b4:55:90:78:da:
5c:9f:5f:e7:d1:78:14:27:43:93:bc:64:cc:33:dc:
4a:81:89:9c:8a:af:3d:34:ae:9e:32:9c:75:b5:13:
f4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C5:0C:28:D4:93:87:97:46:EE:63:53:9F:8A:5B:49:F5:3F:3F:02
X509v3 Authority Key Identifier:
keyid:16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/08UMKNSTh5dG7mNTn4pbSfU_PwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.14.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:f7:fc:86:6a:61:f9:1c:9a:e1:25:f0:c4:c9:96:12:d2:f4:
51:45:ca:cc:90:d1:95:e1:5b:5b:65:a6:56:c6:8c:db:9c:b9:
26:b5:38:ae:e7:6e:df:16:00:36:c5:9a:94:78:2f:d5:bc:14:
35:53:bf:d6:f7:db:56:3f:49:5f:aa:c1:22:53:c2:af:dd:1e:
dc:38:00:a8:1d:3c:93:95:04:47:74:a5:22:3c:30:9c:21:02:
cd:0d:81:82:98:eb:ea:9e:d1:00:44:bc:f0:8e:b5:e0:7c:44:
97:cf:6d:c3:70:d6:92:e2:8c:ac:2f:cc:c3:56:c0:7e:e2:d1:
56:70:24:e7:a3:7a:79:ce:4a:51:27:35:66:e0:0f:f2:35:de:
ee:0e:4b:a8:0f:dd:57:cd:dd:d4:4d:dc:4c:7d:ce:fc:79:8f:
b4:30:5e:b9:ce:03:c8:92:84:ba:f6:40:1b:e7:3b:af:19:aa:
a1:aa:45:02:5e:d8:8d:ed:8d:c5:2e:41:87:d6:72:89:ca:8b:
91:14:a0:f5:0d:95:24:53:ac:5e:cc:26:46:85:91:96:5a:eb:
cb:f7:1e:76:a5:a5:4f:35:41:db:a0:51:4d:32:98:b7:de:6f:
e5:33:82:ae:bd:e8:b2:b8:a7:94:95:ba:ce:55:00:29:2e:4b:
87:a7:b5:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGs8l1QY67mFkVCXU+doMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Nzc4MmJlYTQ2ZmQyNzE3NjhmZjQ2ZDliNDVjMDU3YTlk
ZjU0ODEwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2M1MGMyOGQ0OTM4Nzk3NDZlZTYzNTM5ZjhhNWI0OWY1M2YzZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjqtBQE10zC2L4ApJbi8iBWY0UML
wYWJvHAnAneeNScEOXvugqdjn4Jt3ZKSW2lZ7jNZpN0D9UsyeVWf8bzFNuiPIzSi
h1z+FvcBrljEVadssQ4nqJCLxN+Mt88gmpAHidVqLJhKwLVzDPHVJvt4RwZlXQil
NbN1KNUtxAFRtMEW4S/76mo3WCFQQXgT8NvMu6h0LFwdbrZQLzln+Iv2X0czReBn
F6ACsrMVgsmsid2fnK30lwxMsVHTUGRWZss48G+SPAcDDQpNU1IUgpVg8aL3R2/H
X9/9eNlNtFWQeNpcn1/n0XgUJ0OTvGTMM9xKgYmciq89NK6eMpx1tRP0cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPFDCjUk4eXRu5jU5+KW0n1Pz8CMB8GA1UdIwQY
MBaAFBZ3gr6kb9Jxdo/0bZtFwFep31SBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEt
OWEzNTgzNjI4MjljLzEvMDhVTUtOU1RoNWRHN21OVG40cGJTZlVfUHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEtOWEzNTgzNjI4Mjlj
LzEvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueUOMA0G
CSqGSIb3DQEBCwUAA4IBAQAL9/yGamH5HJrhJfDEyZYS0vRRRcrMkNGV4VtbZaZW
xozbnLkmtTiu527fFgA2xZqUeC/VvBQ1U7/W99tWP0lfqsEiU8Kv3R7cOACoHTyT
lQRHdKUiPDCcIQLNDYGCmOvqntEARLzwjrXgfESXz23DcNaS4oysL8zDVsB+4tFW
cCTno3p5zkpRJzVm4A/yNd7uDkuoD91Xzd3UTdxMfc78eY+0MF65zgPIkoS69kAb
5zuvGaqhqkUCXtiN7Y3FLkGH1nKJyouRFKD1DZUkU6xezCZGhZGWWuvL9x52paVP
NUHboFFNMpi33m/lM4KuveiyuKeUlbrOVQApLkuHp7VD
-----END CERTIFICATE-----
Generated at Mon May 12 08:19:52 2025 by rpki-client