Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/4_Uv0GY1xluVW2gDdTDbO7iLWl8.roa
File: 4_Uv0GY1xluVW2gDdTDbO7iLWl8.roa (raw, json)
Hash identifier: u6eNswjAv6AGShRlESHRIbsJ7y7YQ8VViSp+A3TiFXY=
Subject key identifier: E3:F5:2F:D0:66:35:C6:5B:95:5B:68:03:75:30:DB:3B:B8:8B:5A:5F
Certificate issuer: /CN=234cd34911cfce946a22ea84663738cdcc076d45
Certificate serial: 019384CF7AE857ED9277413EB6F00409F949
Authority key identifier: 23:4C:D3:49:11:CF:CE:94:6A:22:EA:84:66:37:38:CD:CC:07:6D:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0zTSRHPzpRqIuqEZjc4zcwHbUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/4_Uv0GY1xluVW2gDdTDbO7iLWl8.roa
Signing time: Mon 02 Dec 2024 00:40:10 +0000
ROA not before: Mon 02 Dec 2024 00:40:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59699
IP address blocks: 85.208.241.0/24 maxlen: 24
85.208.242.0/24 maxlen: 24
185.4.152.0/22 maxlen: 24
185.30.188.0/22 maxlen: 24
185.63.161.0/24 maxlen: 24
185.63.162.0/24 maxlen: 24
185.63.163.0/24 maxlen: 24
2a02:c7c0::/29 maxlen: 48
2a04:4bc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:cf:7a:e8:57:ed:92:77:41:3e:b6:f0:04:09:f9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234cd34911cfce946a22ea84663738cdcc076d45
Validity
Not Before: Dec 2 00:40:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3f52fd06635c65b955b68037530db3bb88b5a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b4:cf:da:95:43:25:eb:6c:ae:ca:a2:63:25:
18:f3:32:04:dd:22:17:da:8c:77:5f:8f:ca:7d:18:
32:a7:67:3e:37:eb:0d:5c:c0:cf:6c:fc:6e:fc:0e:
8a:33:68:0e:bc:20:dc:10:0a:4d:da:b8:e5:24:96:
64:01:4e:43:e4:0d:26:e8:81:b2:b9:43:d1:df:d4:
a2:52:b5:41:72:ac:85:5b:4b:09:d4:ab:cd:bf:20:
7b:3a:d3:90:1c:22:07:cd:79:2b:8b:97:7d:eb:34:
c6:68:ef:2b:25:f1:8a:62:37:e5:15:cd:d3:89:07:
63:9b:75:cd:4a:b4:bc:db:0f:49:58:37:b3:a1:88:
11:de:15:60:2a:5e:2c:cf:16:d6:9e:fa:bb:db:3d:
99:93:59:58:cf:d4:2d:b6:9f:b5:40:6f:fe:a1:e9:
20:51:1b:cf:38:72:46:29:5c:45:f6:0f:0a:6d:ae:
83:cc:de:0b:fa:65:e4:bf:8e:86:10:21:3f:35:02:
ab:ec:8b:18:56:f1:62:3e:2c:2e:0d:f1:c8:ed:7f:
fb:9d:87:5f:04:c8:f6:bf:de:87:81:85:9d:ff:3d:
8d:eb:36:10:10:f4:bf:1a:1e:05:8a:71:88:88:e2:
7e:0a:8b:35:49:e0:9f:40:7b:89:52:8b:2d:5e:00:
12:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F5:2F:D0:66:35:C6:5B:95:5B:68:03:75:30:DB:3B:B8:8B:5A:5F
X509v3 Authority Key Identifier:
keyid:23:4C:D3:49:11:CF:CE:94:6A:22:EA:84:66:37:38:CD:CC:07:6D:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0zTSRHPzpRqIuqEZjc4zcwHbUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/4_Uv0GY1xluVW2gDdTDbO7iLWl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/I0zTSRHPzpRqIuqEZjc4zcwHbUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.241.0-85.208.242.255
185.4.152.0/22
185.30.188.0/22
185.63.161.0-185.63.163.255
IPv6:
2a02:c7c0::/29
2a04:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:39:43:4f:fa:15:d1:38:3f:18:13:88:ba:25:df:94:48:54:
d0:a0:ad:c5:36:a4:e7:f6:07:08:3c:59:15:4c:29:99:83:6b:
a0:cf:41:f6:d1:15:b0:8f:e8:98:6a:ec:35:57:d9:10:23:61:
89:dd:58:78:69:45:5b:48:85:6d:81:28:58:e3:fc:a9:4b:85:
08:ff:f0:aa:c4:4f:ff:b2:11:89:18:a3:6f:68:38:18:dd:f6:
c1:13:60:34:11:b6:37:2a:de:ac:5d:27:b3:79:ac:d6:b2:fb:
99:d3:93:8a:1f:ef:95:50:e5:1a:1a:b5:69:63:04:54:66:d8:
45:70:2c:8d:d0:1f:5f:46:1f:3a:28:fa:e6:50:12:82:21:4e:
a4:e1:b8:30:3d:eb:dc:43:ee:1e:1f:99:3e:37:2c:b2:8b:c3:
97:11:18:82:0e:c2:d8:21:c1:79:6d:85:30:62:65:bd:69:43:
52:7a:fa:a7:d7:b9:b1:78:b2:c3:92:ed:17:ec:c4:b9:a5:c6:
21:cf:05:27:f8:00:6a:5a:6c:47:e5:f6:c4:af:e5:e2:0e:4a:
d7:e5:91:64:52:ce:6a:5a:0f:af:c4:81:37:3f:2f:4a:ab:8d:
76:f2:c7:38:31:af:71:c8:9a:12:86:a1:0d:f3:bd:fd:8f:57:
9a:3d:75:4d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZOEz3roV+2Sd0E+tvAECflJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGNkMzQ5MTFjZmNlOTQ2YTIyZWE4NDY2MzczOGNkY2Mw
NzZkNDUwHhcNMjQxMjAyMDA0MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Y1MmZkMDY2MzVjNjViOTU1YjY4MDM3NTMwZGIzYmI4OGI1YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubTP2pVDJetsrsqiYyUY8zIE3SIX
2ox3X4/KfRgyp2c+N+sNXMDPbPxu/A6KM2gOvCDcEApN2rjlJJZkAU5D5A0m6IGy
uUPR39SiUrVBcqyFW0sJ1KvNvyB7OtOQHCIHzXkri5d96zTGaO8rJfGKYjflFc3T
iQdjm3XNSrS82w9JWDezoYgR3hVgKl4szxbWnvq72z2Zk1lYz9Qttp+1QG/+oekg
URvPOHJGKVxF9g8Kba6DzN4L+mXkv46GECE/NQKr7IsYVvFiPiwuDfHI7X/7nYdf
BMj2v96HgYWd/z2N6zYQEPS/Gh4FinGIiOJ+Cos1SeCfQHuJUostXgAS1QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFOP1L9BmNcZblVtoA3Uw2zu4i1pfMB8GA1UdIwQY
MBaAFCNM00kRz86UaiLqhGY3OM3MB21FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB6VFNSSFB6cFJxSXVxRVpqYzR6Y3dIYlVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81ZjUzNmYtMzhmZS00NWJlLWI4Zjkt
MTI1NTAwZDJiZTk0LzEvNF9VdjBHWTF4bHVWVzJnRGRURGJPN2lMV2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81ZjUzNmYtMzhmZS00NWJlLWI4ZjktMTI1NTAwZDJiZTk0
LzEvSTB6VFNSSFB6cFJxSXVxRVpqYzR6Y3dIYlVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAuBAIAATAoMAwDBABV0PED
BABV0PIDBAK5BJgDBAK5HrwwDAMEALk/oQMEArk/oDAUBAIAAjAOAwUDKgLHwAMF
AyoES8AwDQYJKoZIhvcNAQELBQADggEBAKI5Q0/6FdE4PxgTiLol35RIVNCgrcU2
pOf2Bwg8WRVMKZmDa6DPQfbRFbCP6Jhq7DVX2RAjYYndWHhpRVtIhW2BKFjj/KlL
hQj/8KrET/+yEYkYo29oOBjd9sETYDQRtjcq3qxdJ7N5rNay+5nTk4of75VQ5Roa
tWljBFRm2EVwLI3QH19GHzoo+uZQEoIhTqThuDA969xD7h4fmT43LLKLw5cRGIIO
wtghwXlthTBiZb1pQ1J6+qfXubF4ssOS7RfsxLmlxiHPBSf4AGpabEfl9sSv5eIO
StflkWRSzmpaD6/EgTc/L0qrjXbyxzgxr3HImhKGoQ3zvf2PV5o9dU0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:34:25 2025 by rpki-client