Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/uHIfiW16-QOVo9m2aSnpR0Y350M.roa
File: uHIfiW16-QOVo9m2aSnpR0Y350M.roa (raw, json)
Hash identifier: cMAYCAzz+ojekoUp1AzRsyPz2jYW330kwfKbYINt+sE=
Subject key identifier: B8:72:1F:89:6D:7A:F9:03:95:A3:D9:B6:69:29:E9:47:46:37:E7:43
Certificate issuer: /CN=a24cf90329c47ba343a66cd65d38833a357b5955
Certificate serial: 018CCA29E4DE65F8169F54C8DAC4ECD58E60
Authority key identifier: A2:4C:F9:03:29:C4:7B:A3:43:A6:6C:D6:5D:38:83:3A:35:7B:59:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/uHIfiW16-QOVo9m2aSnpR0Y350M.roa
Signing time: Tue 02 Jan 2024 12:33:12 +0000
ROA not before: Tue 02 Jan 2024 12:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211482
IP address blocks: 185.217.29.0/24 maxlen: 24
185.217.31.0/24 maxlen: 24
185.217.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:e4:de:65:f8:16:9f:54:c8:da:c4:ec:d5:8e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24cf90329c47ba343a66cd65d38833a357b5955
Validity
Not Before: Jan 2 12:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8721f896d7af90395a3d9b66929e9474637e743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c5:a5:c3:91:f3:c9:04:a8:6f:10:3c:12:67:
58:1c:ef:fc:d5:ec:cb:80:c0:35:04:43:43:30:6f:
dd:08:cb:3a:f5:40:65:4a:05:39:97:05:6b:af:27:
6b:ba:86:74:ec:1e:37:5a:1c:4f:c1:3f:83:a1:05:
a2:7b:9d:c6:59:0c:40:f6:82:ab:8a:a0:5b:cb:56:
2b:da:ae:e4:bd:90:a9:be:a4:04:bd:31:32:43:2f:
88:46:29:bc:05:83:5f:ea:36:25:f3:ed:7d:86:ab:
31:5e:e5:a7:6f:41:f1:c7:41:d4:36:ad:cb:2b:02:
84:39:74:46:8b:be:57:77:1e:ca:c7:07:f3:a7:d2:
f5:ad:d6:21:f3:a9:81:1c:c7:91:35:fd:c8:99:75:
8c:2d:6f:4e:25:34:67:c6:8a:8a:0f:5e:24:56:2d:
fb:69:92:57:20:bb:cf:57:b4:5b:65:fa:40:47:fd:
c3:2c:bf:31:ec:66:c5:b7:7d:19:54:f6:b9:70:a4:
24:9c:dd:03:3f:1a:cf:37:01:72:61:c1:1d:7a:41:
85:cd:50:18:3d:a2:1d:cc:0b:4f:92:52:61:98:50:
7a:fb:3f:29:90:b3:03:1e:d7:26:a2:06:55:a7:8f:
42:08:8b:ce:45:9e:cd:37:db:b3:ba:2a:52:f3:28:
41:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:72:1F:89:6D:7A:F9:03:95:A3:D9:B6:69:29:E9:47:46:37:E7:43
X509v3 Authority Key Identifier:
keyid:A2:4C:F9:03:29:C4:7B:A3:43:A6:6C:D6:5D:38:83:3A:35:7B:59:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/uHIfiW16-QOVo9m2aSnpR0Y350M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/okz5AynEe6NDpmzWXTiDOjV7WVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.28.0/23
185.217.31.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:05:db:cd:1a:10:00:e7:a7:b4:3c:f7:f6:50:37:a9:37:62:
b7:a8:db:0b:c3:06:aa:41:59:7c:a5:d4:05:16:1e:46:f4:aa:
f4:24:d5:78:d4:ff:b7:98:16:86:42:5f:fc:54:1d:25:38:c5:
9a:24:85:40:db:e5:f1:13:37:c8:2b:9a:cf:96:96:1a:ca:28:
65:50:25:59:0b:75:c2:72:c6:d2:47:ec:0f:2f:c6:44:d4:68:
44:7e:8a:6b:d0:ac:a4:ce:cb:5b:e3:ca:0c:f3:8d:bc:1e:25:
24:be:be:89:c2:f7:e8:d0:17:7a:75:4a:f9:3b:6a:99:ac:d0:
c6:90:d1:bc:6f:4e:71:22:8d:65:89:ce:5c:06:e7:f5:91:f5:
1d:03:00:9a:e9:e3:43:d3:aa:c1:f3:15:92:29:b4:30:78:1c:
24:69:2e:2d:29:c1:62:37:6b:67:da:94:e9:fc:06:ee:21:d4:
f9:dd:8b:b9:02:28:19:fb:25:8e:bf:f4:76:ab:33:aa:1f:e2:
fe:98:45:64:74:e7:c6:f7:07:2a:02:47:f6:11:57:ad:26:48:
ac:c4:f1:23:b3:05:08:57:6e:01:67:32:e3:38:65:fa:45:32:
ac:da:5b:af:a3:f5:b2:93:cb:c5:e9:a4:6f:47:81:74:95:f3:
ee:77:37:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKeTeZfgWn1TI2sTs1Y5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGNmOTAzMjljNDdiYTM0M2E2NmNkNjVkMzg4MzNhMzU3
YjU5NTUwHhcNMjQwMTAyMTIzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODcyMWY4OTZkN2FmOTAzOTVhM2Q5YjY2OTI5ZTk0NzQ2MzdlNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscWlw5HzyQSobxA8EmdYHO/81ezL
gMA1BENDMG/dCMs69UBlSgU5lwVrrydruoZ07B43WhxPwT+DoQWie53GWQxA9oKr
iqBby1Yr2q7kvZCpvqQEvTEyQy+IRim8BYNf6jYl8+19hqsxXuWnb0Hxx0HUNq3L
KwKEOXRGi75Xdx7Kxwfzp9L1rdYh86mBHMeRNf3ImXWMLW9OJTRnxoqKD14kVi37
aZJXILvPV7RbZfpAR/3DLL8x7GbFt30ZVPa5cKQknN0DPxrPNwFyYcEdekGFzVAY
PaIdzAtPklJhmFB6+z8pkLMDHtcmogZVp49CCIvORZ7NN9uzuipS8yhBcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLhyH4ltevkDlaPZtmkp6UdGN+dDMB8GA1UdIwQY
MBaAFKJM+QMpxHujQ6Zs1l04gzo1e1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t6NUF5bkVlNk5EcG16V1hUaURPalY3V1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kZWExNDktNGZiOC00OTc4LWE0NmIt
MzM5ODVkYjgwNDdhLzEvdUhJZmlXMTYtUU9WbzltMmFTbnBSMFkzNTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kZWExNDktNGZiOC00OTc4LWE0NmItMzM5ODVkYjgwNDdh
LzEvb2t6NUF5bkVlNk5EcG16V1hUaURPalY3V1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudkcAwQA
udkfMA0GCSqGSIb3DQEBCwUAA4IBAQAtBdvNGhAA56e0PPf2UDepN2K3qNsLwwaq
QVl8pdQFFh5G9Kr0JNV41P+3mBaGQl/8VB0lOMWaJIVA2+XxEzfIK5rPlpYayihl
UCVZC3XCcsbSR+wPL8ZE1GhEfopr0Kykzstb48oM8428HiUkvr6Jwvfo0Bd6dUr5
O2qZrNDGkNG8b05xIo1lic5cBuf1kfUdAwCa6eND06rB8xWSKbQweBwkaS4tKcFi
N2tn2pTp/AbuIdT53Yu5AigZ+yWOv/R2qzOqH+L+mEVkdOfG9wcqAkf2EVetJkis
xPEjswUIV24BZzLjOGX6RTKs2luvo/Wyk8vF6aRvR4F0lfPudzdh
-----END CERTIFICATE-----
Generated at Wed May 14 16:01:42 2025 by rpki-client