Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/u8frALpk-_Qm_SI7e0WLl1O2jFU.roa
File: u8frALpk-_Qm_SI7e0WLl1O2jFU.roa (raw, json)
Hash identifier: 6WIVL898A6V7mqW7ZSZeDlLYtw3zEJU7jVHi1syBEIU=
Subject key identifier: BB:C7:EB:00:BA:64:FB:F4:26:FD:22:3B:7B:45:8B:97:53:B6:8C:55
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 0190CD39EC9E01576DC93708A3418E08BAFF
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/u8frALpk-_Qm_SI7e0WLl1O2jFU.roa
Signing time: Fri 19 Jul 2024 23:00:43 +0000
ROA not before: Fri 19 Jul 2024 23:00:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 185.147.212.0/24 maxlen: 24
185.147.213.0/24 maxlen: 24
185.147.214.0/24 maxlen: 24
185.147.215.0/24 maxlen: 24
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:700::/40 maxlen: 40
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
2a03:efc0:3300::/40 maxlen: 40
2a03:efc0:3500::/40 maxlen: 40
2a03:efc0:3700::/40 maxlen: 40
2a03:efc0:4100::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 19 Jul 2024 23:02:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cd:39:ec:9e:01:57:6d:c9:37:08:a3:41:8e:08:ba:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jul 19 23:00:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbc7eb00ba64fbf426fd223b7b458b9753b68c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7d:a0:44:6e:aa:af:b2:4a:19:56:17:fd:8c:
d1:65:c7:0b:ab:00:d9:57:ef:fd:36:f0:67:b2:6b:
3b:fa:07:85:93:5e:47:f8:42:47:a5:ef:ef:16:5a:
8e:fb:fd:c7:43:d3:4d:7c:c1:74:9a:96:ea:d3:0a:
86:c2:5d:84:a1:43:33:01:39:77:e6:fd:27:10:98:
a2:6c:67:95:e4:0e:2e:1d:e1:f9:81:03:9c:10:8a:
33:92:22:c1:59:b1:06:fc:52:5c:ab:14:d7:78:32:
22:46:94:cd:93:31:e5:bc:a4:9e:6b:fc:87:ca:53:
8d:7a:c8:b0:da:cd:4d:75:84:9f:dc:7b:74:cc:60:
26:90:b7:06:bf:9f:94:81:51:b3:f7:3d:64:f7:42:
7f:50:0e:35:05:c0:61:45:d3:bd:db:9e:a6:3a:fa:
c8:81:31:e4:ad:c2:53:f2:98:dc:fc:42:42:a6:76:
c3:02:bf:c5:ec:a4:5e:84:04:80:85:b9:03:ba:bc:
63:ca:75:ce:ad:5a:e9:f0:68:fb:74:2e:1a:47:6f:
a9:cc:c3:16:12:27:5f:94:19:a8:50:40:bb:88:c1:
68:38:85:69:1c:db:70:ba:f7:b0:17:d3:f5:b8:60:
b2:42:be:3d:01:1f:f2:a6:33:e1:e5:fa:da:66:66:
c7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C7:EB:00:BA:64:FB:F4:26:FD:22:3B:7B:45:8B:97:53:B6:8C:55
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/u8frALpk-_Qm_SI7e0WLl1O2jFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.212.0/22
IPv6:
2a03:efc0:500::/40
2a03:efc0:700::/40
2a03:efc0:900::/40
2a03:efc0:1500::/40
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
2a03:efc0:3300::/40
2a03:efc0:3500::/40
2a03:efc0:3700::/40
2a03:efc0:4100::/40
Signature Algorithm: sha256WithRSAEncryption
73:2c:34:49:5c:20:08:16:1a:7a:a0:e6:d8:73:f3:db:a9:a2:
e7:16:27:90:21:c1:c7:d8:bd:ce:64:f6:5c:df:22:db:ad:aa:
86:fc:38:5c:3b:e3:ea:9a:63:f6:67:37:ed:1d:6f:bf:b7:14:
3a:03:ad:46:5b:6d:ba:f4:ae:92:e0:65:ad:ac:12:87:81:81:
9c:33:e1:d9:b4:46:a3:91:99:a6:dd:1f:12:4b:8c:81:a2:e4:
05:14:e9:73:c3:2f:b9:b0:55:60:da:7c:b7:0a:94:60:95:63:
a8:fc:d1:60:40:64:6a:01:16:48:9a:69:0f:f2:68:84:4e:5f:
5e:fe:6d:36:a6:ce:51:67:84:67:dc:69:6f:4e:03:61:ca:6e:
10:8f:4f:07:5c:f4:17:bb:c7:35:dd:6b:55:4a:5b:08:d3:a1:
ed:cb:0b:bd:d6:ae:f5:9c:a3:7f:eb:dd:ef:43:7f:58:7d:12:
e4:da:6c:7a:0c:ca:9e:80:60:36:74:a7:2f:68:c9:c7:9e:db:
c2:2e:ab:36:8a:07:80:f6:18:69:01:78:09:da:6c:d0:90:88:
0a:f3:1d:f3:7c:62:3e:5a:bb:05:0c:5c:ec:d7:bb:c1:66:48:
02:8f:7d:3c:e9:d8:81:92:2e:fa:53:88:6a:9c:96:c6:24:73:
cd:71:90:1a
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZDNOeyeAVdtyTcIo0GOCLr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwNzE5MjMwMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM3ZWIwMGJhNjRmYmY0MjZmZDIyM2I3YjQ1OGI5NzUzYjY4YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH2gRG6qr7JKGVYX/YzRZccLqwDZ
V+/9NvBnsms7+geFk15H+EJHpe/vFlqO+/3HQ9NNfMF0mpbq0wqGwl2EoUMzATl3
5v0nEJiibGeV5A4uHeH5gQOcEIozkiLBWbEG/FJcqxTXeDIiRpTNkzHlvKSea/yH
ylONesiw2s1NdYSf3Ht0zGAmkLcGv5+UgVGz9z1k90J/UA41BcBhRdO9256mOvrI
gTHkrcJT8pjc/EJCpnbDAr/F7KRehASAhbkDurxjynXOrVrp8Gj7dC4aR2+pzMMW
EidflBmoUEC7iMFoOIVpHNtwuvewF9P1uGCyQr49AR/ypjPh5fraZmbH3QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFLvH6wC6ZPv0Jv0iO3tFi5dTtoxVMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvdThmckFMcGstX1FtX1NJN2UwV0xsMU8yakZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjAMBAIAATAGAwQCuZPU
MHYEAgACMHADBgAqA+/ABQMGACoD78AHAwYAKgPvwAkDBgAqA+/AFQMGACoD78AX
AwYAKgPvwCMDBgAqA+/AJQMGACoD78AnAwYAKgPvwCkDBgAqA+/AMQMGACoD78Az
AwYAKgPvwDUDBgAqA+/ANwMGACoD78BBMA0GCSqGSIb3DQEBCwUAA4IBAQBzLDRJ
XCAIFhp6oObYc/PbqaLnFieQIcHH2L3OZPZc3yLbraqG/DhcO+PqmmP2ZzftHW+/
txQ6A61GW2269K6S4GWtrBKHgYGcM+HZtEajkZmm3R8SS4yBouQFFOlzwy+5sFVg
2ny3CpRglWOo/NFgQGRqARZImmkP8miETl9e/m02ps5RZ4Rn3GlvTgNhym4Qj08H
XPQXu8c13WtVSlsI06Htywu91q71nKN/693vQ39YfRLk2mx6DMqegGA2dKcvaMnH
ntvCLqs2igeA9hhpAXgJ2mzQkIgK8x3zfGI+WrsFDFzs17vBZkgCj3086diBki76
U4hqnJbGJHPNcZAa
-----END CERTIFICATE-----
Generated at Sun May 11 13:43:56 2025 by rpki-client