Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/uglCPpV19UPpvUHDienvKF-ZudA.roa
File: uglCPpV19UPpvUHDienvKF-ZudA.roa (raw, json)
Hash identifier: LGZsDZ+kwcXia1ebkbmOt6cDf4iCXPY7Qmmq5fhNWEk=
Subject key identifier: BA:09:42:3E:95:75:F5:43:E9:BD:41:C3:89:E9:EF:28:5F:99:B9:D0
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019590634D10A38E1ADC71AB23D672E1F3BC
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/uglCPpV19UPpvUHDienvKF-ZudA.roa
Signing time: Thu 13 Mar 2025 16:43:01 +0000
ROA not before: Thu 13 Mar 2025 16:43:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199760
IP address blocks: 85.239.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 07:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:63:4d:10:a3:8e:1a:dc:71:ab:23:d6:72:e1:f3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 13 16:43:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba09423e9575f543e9bd41c389e9ef285f99b9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5d:92:55:66:ad:b6:dc:6c:4a:df:17:83:88:
6b:24:51:ef:6f:96:07:1d:82:bb:d4:3d:05:55:fa:
07:58:64:b5:aa:50:71:42:b4:91:ef:8a:7b:4c:d2:
87:2b:20:93:e2:43:85:44:b7:a8:83:23:1f:e2:90:
8f:60:bf:f3:30:cd:97:3b:12:25:13:ff:7b:3f:fb:
cd:ea:2c:c1:e4:3b:6b:79:bd:7e:52:d7:0b:e2:2e:
82:b1:08:60:51:cc:c5:60:61:4f:8c:a5:f5:c7:5f:
9d:ee:a3:e3:c5:34:3e:d9:b8:88:bd:93:e6:e2:46:
1a:36:4f:eb:db:7e:71:cb:30:68:53:b7:e1:ec:0c:
b3:a9:66:62:3e:c4:27:f8:f0:2a:4f:b8:ac:75:62:
3d:ef:1e:c9:a4:2b:22:d4:99:e3:f0:8d:e2:53:01:
30:90:d0:f7:7a:55:7f:ff:3f:f7:9d:e2:fd:d7:32:
4a:c3:4e:56:85:5e:4c:7e:2c:e0:e4:8d:38:2c:bc:
4b:14:35:2b:3e:8e:7f:2e:95:8c:73:55:da:9d:0d:
e7:d7:9a:7d:b3:40:ac:fa:fc:73:f7:02:10:6b:54:
99:a9:0c:7f:92:c0:c5:63:a6:8d:6b:e4:95:88:82:
33:a2:5f:69:4f:4b:24:d7:0d:5a:c0:90:58:59:44:
88:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:09:42:3E:95:75:F5:43:E9:BD:41:C3:89:E9:EF:28:5F:99:B9:D0
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/uglCPpV19UPpvUHDienvKF-ZudA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.158.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d4:22:0e:32:5e:23:fb:b5:da:05:98:be:66:17:ab:f8:10:
3a:2a:20:f2:ff:32:04:52:e1:a6:6f:a2:3e:6c:f4:70:37:ad:
7f:3c:d9:94:63:28:b6:4d:de:a0:28:e8:8e:de:61:c3:53:b2:
cb:dc:85:53:f7:00:1b:9a:e2:80:49:3d:2b:a0:ea:09:d6:05:
9d:b4:83:01:54:2a:a0:e7:07:2f:ea:fc:f9:98:5f:4b:04:aa:
f0:1d:97:bc:c0:76:88:fd:f8:4a:4b:98:87:76:8b:bc:20:49:
e0:e1:64:05:a9:17:9d:c5:f3:53:b9:8b:51:4e:9a:a2:4c:09:
2f:f0:fb:b0:b0:ee:fd:ca:7b:67:90:08:8a:44:24:03:94:13:
27:86:0e:f7:cb:24:e6:af:29:62:6d:ea:1e:98:d9:d8:f9:57:
90:50:2f:e2:26:19:93:c3:30:80:07:6d:ee:df:ac:b8:db:73:
e6:9b:e5:68:f1:8f:34:03:a3:bb:0e:ce:bb:56:e6:63:2d:9b:
63:ba:aa:31:4e:ac:d0:41:24:39:d8:15:da:ca:6e:70:24:e5:
38:eb:6e:c8:af:67:19:27:b1:f6:f0:e2:7d:29:cc:b6:6d:57:
d8:12:be:b4:cc:40:8d:ab:b5:69:57:dc:5d:56:77:c3:0b:1f:
21:ac:45:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWQY00Qo44a3HGrI9Zy4fO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzEzMTY0MzAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTA5NDIzZTk1NzVmNTQzZTliZDQxYzM4OWU5ZWYyODVmOTliOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul2SVWatttxsSt8Xg4hrJFHvb5YH
HYK71D0FVfoHWGS1qlBxQrSR74p7TNKHKyCT4kOFRLeogyMf4pCPYL/zMM2XOxIl
E/97P/vN6izB5Dtreb1+UtcL4i6CsQhgUczFYGFPjKX1x1+d7qPjxTQ+2biIvZPm
4kYaNk/r235xyzBoU7fh7AyzqWZiPsQn+PAqT7isdWI97x7JpCsi1Jnj8I3iUwEw
kND3elV//z/3neL91zJKw05WhV5Mfizg5I04LLxLFDUrPo5/LpWMc1XanQ3n15p9
s0Cs+vxz9wIQa1SZqQx/ksDFY6aNa+SViIIzol9pT0sk1w1awJBYWUSIYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoJQj6VdfVD6b1Bw4np7yhfmbnQMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvdWdsQ1BwVjE5VVBwdlVIRGllbnZLRi1adWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe+eMA0G
CSqGSIb3DQEBCwUAA4IBAQAw1CIOMl4j+7XaBZi+Zher+BA6KiDy/zIEUuGmb6I+
bPRwN61/PNmUYyi2Td6gKOiO3mHDU7LL3IVT9wAbmuKAST0roOoJ1gWdtIMBVCqg
5wcv6vz5mF9LBKrwHZe8wHaI/fhKS5iHdou8IEng4WQFqRedxfNTuYtRTpqiTAkv
8PuwsO79yntnkAiKRCQDlBMnhg73yyTmrylibeoemNnY+VeQUC/iJhmTwzCAB23u
36y423Pmm+Vo8Y80A6O7Ds67VuZjLZtjuqoxTqzQQSQ52BXaym5wJOU4627Ir2cZ
J7H28OJ9Kcy2bVfYEr60zECNq7VpV9xdVnfDCx8hrEUF
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:17:00 2025 by rpki-client