
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/uGSWBfvRLlDUHk_zmYb2uNqj6OM.roa
File: uGSWBfvRLlDUHk_zmYb2uNqj6OM.roa (raw, json)
Hash identifier: pqyF1UpFv3VUMKdw5RDMpCjjXtTRGRdSjz6UBZFJTc4=
Subject key identifier: B8:64:96:05:FB:D1:2E:50:D4:1E:4F:F3:99:86:F6:B8:DA:A3:E8:E3
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 019784A1AE53ABB1392BC57ED0293E8C171B
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/uGSWBfvRLlDUHk_zmYb2uNqj6OM.roa
Signing time: Wed 18 Jun 2025 20:01:17 +0000
ROA not before: Wed 18 Jun 2025 20:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6205
IP address blocks: 31.7.32.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.36.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Jun 2025 12:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:84:a1:ae:53:ab:b1:39:2b:c5:7e:d0:29:3e:8c:17:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Jun 18 20:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8649605fbd12e50d41e4ff39986f6b8daa3e8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b9:7b:fd:38:58:ac:7c:75:50:ff:43:40:c6:
72:c3:49:35:27:38:9f:3a:b5:45:3a:38:b8:bd:6d:
78:35:44:6e:7d:a4:50:3f:5c:33:83:cf:56:ea:74:
20:ea:48:5d:e7:a0:47:d7:af:f2:26:83:ef:3c:0f:
89:21:d9:dc:69:5d:2b:73:c2:72:3c:52:d6:d2:73:
95:96:4f:2a:64:52:f5:d2:ab:e1:a9:7a:03:85:cc:
2a:84:ab:3b:04:59:47:a9:8e:76:b5:c6:80:d8:80:
5e:56:81:43:e4:92:40:c0:85:41:d7:8a:d4:a4:fb:
49:98:72:71:71:20:83:bb:1c:5f:62:e9:6f:ca:cf:
f2:0c:65:cb:a8:15:cc:71:e7:d4:b8:50:d5:59:c9:
96:4c:cf:35:27:f2:df:ad:6c:e4:b1:57:27:09:68:
7f:53:aa:21:b6:53:ed:2d:dc:e9:7f:54:ad:3b:31:
6e:1c:c1:d3:45:a5:3d:8f:ba:54:24:23:dc:65:fc:
a8:20:3e:a9:c1:9c:8b:fa:8d:a1:2a:bd:c6:0c:fa:
88:89:f6:d0:45:a6:86:07:5b:03:60:0a:8c:74:09:
78:7e:2e:74:78:58:74:69:6f:db:c7:1b:aa:7a:05:
21:29:f0:39:5e:71:54:7f:14:c9:d5:6d:5c:ce:10:
4e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:64:96:05:FB:D1:2E:50:D4:1E:4F:F3:99:86:F6:B8:DA:A3:E8:E3
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/uGSWBfvRLlDUHk_zmYb2uNqj6OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0-31.7.34.255
31.7.36.0/24
31.7.38.0/24
Signature Algorithm: sha256WithRSAEncryption
64:9a:64:12:3b:56:3c:d9:6f:a8:cf:5a:3c:5c:62:00:8d:89:
5d:14:8d:19:23:44:ea:ab:f6:44:6a:52:b0:84:a1:06:26:44:
c6:8f:e2:0b:62:ef:4a:5c:4c:61:3a:f2:55:2a:28:bf:d9:f6:
e0:a5:30:ac:1f:db:b0:db:44:57:b2:cb:8c:76:16:b8:1f:4d:
f3:ca:eb:a8:e9:83:de:4f:a7:06:d5:67:12:6e:52:a1:19:14:
09:13:6e:10:e0:ec:a1:2e:71:33:5f:ba:b7:bc:a9:4b:b0:ea:
c2:dd:05:77:ea:03:4d:ab:0b:fa:a8:2c:2d:83:8e:6e:95:f0:
cf:cc:98:a3:73:d9:17:69:21:5e:0c:c9:58:1d:0e:86:9e:35:
1d:04:cc:4c:ad:2e:47:f5:bf:dc:ea:33:82:34:23:d9:0c:e7:
96:6e:00:3a:05:73:f8:f0:4a:b5:32:5a:59:16:69:cf:35:72:
5b:6a:3f:5a:86:57:9c:39:92:d2:fb:84:fd:ed:dd:96:14:ef:
38:b0:de:a0:f7:c5:21:f6:68:bb:b9:53:03:59:62:41:91:6a:
ab:44:7d:47:5b:e5:a6:17:2d:c9:be:c6:60:6e:ef:ea:3b:ee:
a8:b4:53:b8:c4:9e:b2:c6:61:e5:7c:a9:a6:f3:46:a3:9b:b5:
f6:f6:88:e1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZeEoa5Tq7E5K8V+0Ck+jBcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjUwNjE4MjAwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODY0OTYwNWZiZDEyZTUwZDQxZTRmZjM5OTg2ZjZiOGRhYTNlOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbl7/ThYrHx1UP9DQMZyw0k1Jzif
OrVFOji4vW14NURufaRQP1wzg89W6nQg6khd56BH16/yJoPvPA+JIdncaV0rc8Jy
PFLW0nOVlk8qZFL10qvhqXoDhcwqhKs7BFlHqY52tcaA2IBeVoFD5JJAwIVB14rU
pPtJmHJxcSCDuxxfYulvys/yDGXLqBXMcefUuFDVWcmWTM81J/LfrWzksVcnCWh/
U6ohtlPtLdzpf1StOzFuHMHTRaU9j7pUJCPcZfyoID6pwZyL+o2hKr3GDPqIifbQ
RaaGB1sDYAqMdAl4fi50eFh0aW/bxxuqegUhKfA5XnFUfxTJ1W1czhBOBQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLhklgX70S5Q1B5P85mG9rjao+jjMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvdUdTV0JmdlJMbERVSGtfem1ZYjJ1TnFqNk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUfByAD
BAAfByIDBAAfByQDBAAfByYwDQYJKoZIhvcNAQELBQADggEBAGSaZBI7VjzZb6jP
WjxcYgCNiV0UjRkjROqr9kRqUrCEoQYmRMaP4gti70pcTGE68lUqKL/Z9uClMKwf
27DbRFeyy4x2FrgfTfPK66jpg95PpwbVZxJuUqEZFAkTbhDg7KEucTNfure8qUuw
6sLdBXfqA02rC/qoLC2Djm6V8M/MmKNz2RdpIV4MyVgdDoaeNR0EzEytLkf1v9zq
M4I0I9kM55ZuADoFc/jwSrUyWlkWac81cltqP1qGV5w5ktL7hP3t3ZYU7ziw3qD3
xSH2aLu5UwNZYkGRaqtEfUdb5aYXLcm+xmBu7+o77qi0U7jEnrLGYeV8qabzRqOb
tfb2iOE=
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:43:55 2025 by rpki-client