Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/uSs67HZCh1kON1wHqfmAGZo0WlQ.roa
File: uSs67HZCh1kON1wHqfmAGZo0WlQ.roa (raw, json)
Hash identifier: 5qjap3EeelDtlyeiEHFkBBDwm5wBgktgOysiC64vSso=
Subject key identifier: B9:2B:3A:EC:76:42:87:59:0E:37:5C:07:A9:F9:80:19:9A:34:5A:54
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422201A31317E9C660EF37DE4EFDF20C4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/uSs67HZCh1kON1wHqfmAGZo0WlQ.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 185.194.177.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 11:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1a:31:31:7e:9c:66:0e:f3:7d:e4:ef:df:20:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b92b3aec764287590e375c07a9f980199a345a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5f:25:2b:43:33:0b:92:47:49:7f:75:de:ec:
c5:a0:21:4e:ca:fc:9a:bf:ea:a3:f3:d0:b6:d2:ed:
a7:d7:1c:28:cd:f4:2e:14:30:b9:c2:2a:8d:04:28:
60:fd:ab:f1:a2:51:6b:43:4a:7c:2a:23:c4:c4:7b:
fc:83:8e:49:36:e4:fd:29:f1:ee:0c:da:83:d2:0e:
44:09:18:2c:3d:9f:fd:41:4d:42:29:b3:cb:c6:12:
ae:f7:74:f4:26:7e:de:ea:78:f2:06:fe:21:93:02:
3b:3b:d3:f0:e1:5a:2f:bb:77:8d:6a:5b:69:9f:73:
67:98:ba:8f:cc:17:92:94:ac:5a:30:99:48:2d:2e:
e8:95:d4:9a:1b:06:d0:f5:28:08:73:ed:2f:d6:07:
0e:9d:a8:05:53:13:c8:df:b8:8c:bf:26:fb:6f:ac:
4a:0f:4f:ab:c4:8c:eb:6b:4e:5f:de:1e:16:0d:d6:
ee:8b:05:5c:0a:b4:97:1c:6a:33:9b:4e:74:f6:3e:
7d:31:e0:11:6a:6a:7b:30:27:4b:51:55:7b:a2:6b:
10:53:97:bf:4e:c0:73:f1:4a:93:b5:29:86:47:f7:
ba:45:79:f8:d3:68:7f:dc:1c:e4:c3:10:c0:0e:1e:
8f:6b:f8:ca:fa:5e:36:a5:54:b8:36:80:4a:52:0b:
54:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2B:3A:EC:76:42:87:59:0E:37:5C:07:A9:F9:80:19:9A:34:5A:54
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/uSs67HZCh1kON1wHqfmAGZo0WlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.38.0/24
185.209.73.0/24
185.210.235.0/24
185.218.20.0/24
185.222.29.0-185.222.30.255
185.227.144.0/24
185.246.112.0/24
193.58.146.0/24
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:4a:25:35:e4:3d:0d:31:ef:21:c7:8e:d1:80:3c:af:8a:dd:
af:7f:e3:e7:27:be:95:36:7d:6d:46:1d:98:7c:23:3e:b0:90:
d7:b9:dd:3b:d3:e3:9e:4d:cf:90:ae:5c:c3:78:77:5e:84:f7:
e4:1f:4b:70:7c:e3:a5:57:bb:da:e5:18:49:e9:84:76:f9:52:
d6:17:7c:9b:d7:38:7c:97:5a:c0:27:6f:c3:4b:a5:0c:51:45:
4b:c9:c4:31:6f:a0:5c:c5:98:4b:9c:0a:51:fd:e5:4d:0e:0e:
2e:03:a4:c4:b5:81:ab:e9:91:ff:f9:f2:30:d8:11:bd:f7:5c:
04:ff:3e:b2:b0:7d:6b:01:dd:91:40:96:46:a2:34:30:24:f7:
8e:3c:c6:49:6a:8b:00:d2:50:01:2c:09:32:47:cf:25:df:44:
7c:31:40:93:6a:87:55:17:a6:f4:f6:73:21:6d:00:8a:57:d6:
ae:11:ab:69:c6:86:2b:77:04:cc:93:63:95:5a:dd:90:39:a3:
9c:f4:51:d8:64:b6:04:ac:89:2e:b1:d3:74:f4:f9:37:e7:78:
a2:6a:e2:cd:81:18:d4:28:dc:99:85:73:81:63:bd:2c:a9:c0:
18:3f:c7:83:a8:1a:5d:52:4d:70:c3:2b:74:75:67:4e:46:d2:
8e:4e:85:d4
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQiIBoxMX6cZg7zfeTv3yDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTJiM2FlYzc2NDI4NzU5MGUzNzVjMDdhOWY5ODAxOTlhMzQ1YTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml8lK0MzC5JHSX913uzFoCFOyvya
v+qj89C20u2n1xwozfQuFDC5wiqNBChg/avxolFrQ0p8KiPExHv8g45JNuT9KfHu
DNqD0g5ECRgsPZ/9QU1CKbPLxhKu93T0Jn7e6njyBv4hkwI7O9Pw4Vovu3eNaltp
n3NnmLqPzBeSlKxaMJlILS7oldSaGwbQ9SgIc+0v1gcOnagFUxPI37iMvyb7b6xK
D0+rxIzra05f3h4WDdbuiwVcCrSXHGozm0509j59MeARamp7MCdLUVV7omsQU5e/
TsBz8UqTtSmGR/e6RXn402h/3BzkwxDADh6Pa/jK+l42pVS4NoBKUgtU0QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLkrOux2QodZDjdcB6n5gBmaNFpUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdVNzNjdIWkNoMWtPTjF3SHFmbUFHWm8wV2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAucKxAwQA
udEmAwQAudFJAwQAudLrAwQAudoUMAwDBAC53h0DBAC53h4DBAC545ADBAC59nAD
BADBOpIDBADCTKwwDQYJKoZIhvcNAQELBQADggEBAKZKJTXkPQ0x7yHHjtGAPK+K
3a9/4+cnvpU2fW1GHZh8Iz6wkNe53TvT455Nz5CuXMN4d16E9+QfS3B846VXu9rl
GEnphHb5UtYXfJvXOHyXWsAnb8NLpQxRRUvJxDFvoFzFmEucClH95U0ODi4DpMS1
gavpkf/58jDYEb33XAT/PrKwfWsB3ZFAlkaiNDAk9448xklqiwDSUAEsCTJHzyXf
RHwxQJNqh1UXpvT2cyFtAIpX1q4Rq2nGhit3BMyTY5Va3ZA5o5z0UdhktgSsiS6x
03T0+TfneKJq4s2BGNQo3JmFc4FjvSypwBg/x4OoGl1STXDDK3R1Z05G0o5OhdQ=
-----END CERTIFICATE-----
Generated at Mon May 12 07:21:42 2025 by rpki-client