Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/UdUGDezB3y4MqVuNrCbU4rsVXjA.roa
File: UdUGDezB3y4MqVuNrCbU4rsVXjA.roa (raw, json)
Hash identifier: 609gDvAr69EaKczEZBQ6dxnpMGvevtgMu3dfNPJtg/w=
Subject key identifier: 51:D5:06:0D:EC:C1:DF:2E:0C:A9:5B:8D:AC:26:D4:E2:BB:15:5E:30
Certificate issuer: /CN=234cd34911cfce946a22ea84663738cdcc076d45
Certificate serial: 018CC726DA6BDC36B381C79722A855375156
Authority key identifier: 23:4C:D3:49:11:CF:CE:94:6A:22:EA:84:66:37:38:CD:CC:07:6D:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0zTSRHPzpRqIuqEZjc4zcwHbUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/UdUGDezB3y4MqVuNrCbU4rsVXjA.roa
Signing time: Mon 01 Jan 2024 22:31:01 +0000
ROA not before: Mon 01 Jan 2024 22:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59699
IP address blocks: 185.4.152.0/22 maxlen: 24
185.30.188.0/22 maxlen: 24
185.63.161.0/24 maxlen: 24
185.63.162.0/24 maxlen: 24
185.63.163.0/24 maxlen: 24
85.208.242.0/24 maxlen: 24
85.208.243.0/24 maxlen: 24
85.208.241.0/24 maxlen: 24
2a04:4bc0::/29 maxlen: 48
2a02:c7c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Dec 2024 00:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:da:6b:dc:36:b3:81:c7:97:22:a8:55:37:51:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234cd34911cfce946a22ea84663738cdcc076d45
Validity
Not Before: Jan 1 22:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51d5060decc1df2e0ca95b8dac26d4e2bb155e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0d:e8:d6:10:7e:a9:15:bf:79:b2:d6:c1:4c:
4e:22:d5:80:80:30:39:72:c7:29:79:b9:82:04:cc:
c1:17:0f:1e:11:c7:bb:82:a7:11:4f:62:bc:0e:79:
40:98:39:44:80:51:ff:fc:b4:5f:31:3d:99:b3:e0:
95:1f:f7:b6:fa:f5:68:64:92:ba:07:23:c4:84:d2:
ba:7f:7c:f2:da:63:fa:72:67:50:df:16:c2:66:60:
c6:10:bb:b9:5c:d2:63:23:00:0e:fb:4e:20:db:ec:
c4:9c:a0:5b:cc:dc:b8:26:76:8a:fe:3a:bb:a3:22:
81:d9:c2:70:38:d2:9f:1a:1e:8c:2d:f7:da:59:96:
80:cc:04:a3:f9:a6:7b:08:de:4c:3c:d5:49:1d:0f:
6c:80:f2:96:19:e1:43:3c:2e:7b:86:cb:71:85:4b:
3b:93:62:5d:e7:81:52:41:9e:df:aa:af:63:9f:46:
dd:9f:e1:be:57:6f:da:8a:2e:28:5b:df:e7:98:7d:
38:c6:7e:4a:ac:27:ab:3e:75:bf:cb:45:dc:c4:7a:
c2:05:3c:1c:bd:40:0d:a1:9e:4b:90:4d:3f:9a:b9:
fb:89:d6:d1:06:34:fd:d0:f4:e0:cc:f6:3d:79:30:
02:cc:c4:43:22:50:a1:a4:d1:1c:79:e6:54:3f:75:
5c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D5:06:0D:EC:C1:DF:2E:0C:A9:5B:8D:AC:26:D4:E2:BB:15:5E:30
X509v3 Authority Key Identifier:
keyid:23:4C:D3:49:11:CF:CE:94:6A:22:EA:84:66:37:38:CD:CC:07:6D:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0zTSRHPzpRqIuqEZjc4zcwHbUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/UdUGDezB3y4MqVuNrCbU4rsVXjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/I0zTSRHPzpRqIuqEZjc4zcwHbUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.241.0-85.208.243.255
185.4.152.0/22
185.30.188.0/22
185.63.161.0-185.63.163.255
IPv6:
2a02:c7c0::/29
2a04:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:a1:a2:d8:2c:1b:08:97:bd:25:a6:98:22:45:9a:bd:ca:8c:
c7:07:c8:67:e6:68:69:b8:1b:64:0a:b7:32:99:73:2d:66:e8:
32:2d:56:86:f6:01:cb:02:5f:f3:8a:4f:fc:06:f6:53:55:70:
94:89:b4:49:eb:14:dc:3a:85:79:5e:dd:d0:12:a5:3f:a6:a7:
e8:80:51:cf:0d:2d:10:0a:20:41:51:d6:83:dc:38:8b:90:be:
8e:1b:02:b2:a4:dd:04:5a:d7:63:7d:c6:02:fc:0f:0f:14:50:
84:f3:00:56:c7:17:e1:09:cd:5d:c3:74:1c:0f:32:83:ad:58:
24:e6:4f:1a:bb:25:48:f4:96:5f:bf:cc:a5:5c:d5:d5:bf:70:
35:33:49:5e:41:19:9c:4a:26:d3:dd:18:19:55:88:d4:e7:d6:
03:a5:c4:db:2d:08:04:33:74:75:dc:30:49:99:8f:2b:3a:23:
4e:0c:37:18:2e:19:28:ad:64:a1:32:c6:7d:2d:78:53:8f:cb:
eb:49:5f:b8:c7:cf:a6:bf:53:c6:f0:5c:c0:7e:8a:8b:e7:c0:
69:da:bb:11:f6:61:81:ef:f7:4c:30:15:d3:f6:1d:f6:eb:74:
78:d6:e2:8f:93:e0:c8:13:05:0e:9f:6c:1c:b7:6e:15:2c:e7:
af:25:6f:6f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzHJtpr3DazgceXIqhVN1FWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGNkMzQ5MTFjZmNlOTQ2YTIyZWE4NDY2MzczOGNkY2Mw
NzZkNDUwHhcNMjQwMTAxMjIzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQ1MDYwZGVjYzFkZjJlMGNhOTViOGRhYzI2ZDRlMmJiMTU1ZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw3o1hB+qRW/ebLWwUxOItWAgDA5
cscpebmCBMzBFw8eEce7gqcRT2K8DnlAmDlEgFH//LRfMT2Zs+CVH/e2+vVoZJK6
ByPEhNK6f3zy2mP6cmdQ3xbCZmDGELu5XNJjIwAO+04g2+zEnKBbzNy4JnaK/jq7
oyKB2cJwONKfGh6MLffaWZaAzASj+aZ7CN5MPNVJHQ9sgPKWGeFDPC57hstxhUs7
k2Jd54FSQZ7fqq9jn0bdn+G+V2/aii4oW9/nmH04xn5KrCerPnW/y0XcxHrCBTwc
vUANoZ5LkE0/mrn7idbRBjT90PTgzPY9eTACzMRDIlChpNEceeZUP3VcDwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFFHVBg3swd8uDKlbjawm1OK7FV4wMB8GA1UdIwQY
MBaAFCNM00kRz86UaiLqhGY3OM3MB21FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB6VFNSSFB6cFJxSXVxRVpqYzR6Y3dIYlVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81ZjUzNmYtMzhmZS00NWJlLWI4Zjkt
MTI1NTAwZDJiZTk0LzEvVWRVR0RlekIzeTRNcVZ1TnJDYlU0cnNWWGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81ZjUzNmYtMzhmZS00NWJlLWI4ZjktMTI1NTAwZDJiZTk0
LzEvSTB6VFNSSFB6cFJxSXVxRVpqYzR6Y3dIYlVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAuBAIAATAoMAwDBABV0PED
BAJV0PADBAK5BJgDBAK5HrwwDAMEALk/oQMEArk/oDAUBAIAAjAOAwUDKgLHwAMF
AyoES8AwDQYJKoZIhvcNAQELBQADggEBACqhotgsGwiXvSWmmCJFmr3KjMcHyGfm
aGm4G2QKtzKZcy1m6DItVob2AcsCX/OKT/wG9lNVcJSJtEnrFNw6hXle3dASpT+m
p+iAUc8NLRAKIEFR1oPcOIuQvo4bArKk3QRa12N9xgL8Dw8UUITzAFbHF+EJzV3D
dBwPMoOtWCTmTxq7JUj0ll+/zKVc1dW/cDUzSV5BGZxKJtPdGBlViNTn1gOlxNst
CAQzdHXcMEmZjys6I04MNxguGSitZKEyxn0teFOPy+tJX7jHz6a/U8bwXMB+iovn
wGnauxH2YYHv90wwFdP2HfbrdHjW4o+T4MgTBQ6fbBy3bhUs568lb28=
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:16:18 2025 by rpki-client