Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/7e51b4-0ab4-4719-b330-bdc5ae8abdb1/1/uXSKsKR2Y7rbUkP8jYZkGfymgSE.roa
File: uXSKsKR2Y7rbUkP8jYZkGfymgSE.roa (raw, json)
Hash identifier: 2631rAU2LYELX6HlpWNkmlWCQcvIcnMMPZYpLeMqKXo=
Subject key identifier: B9:74:8A:B0:A4:76:63:BA:DB:52:43:FC:8D:86:64:19:FC:A6:81:21
Certificate issuer: /CN=0cbe91eb63a44f1e9f1a83edd218a1ec75c25e91
Certificate serial: 018CC7944115D8A1A095CAEF88AC679734DF
Authority key identifier: 0C:BE:91:EB:63:A4:4F:1E:9F:1A:83:ED:D2:18:A1:EC:75:C2:5E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DL6R62OkTx6fGoPt0hih7HXCXpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/7e51b4-0ab4-4719-b330-bdc5ae8abdb1/1/uXSKsKR2Y7rbUkP8jYZkGfymgSE.roa
Signing time: Tue 02 Jan 2024 00:30:31 +0000
ROA not before: Tue 02 Jan 2024 00:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.235.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:41:15:d8:a1:a0:95:ca:ef:88:ac:67:97:34:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cbe91eb63a44f1e9f1a83edd218a1ec75c25e91
Validity
Not Before: Jan 2 00:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9748ab0a47663badb5243fc8d866419fca68121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b3:d9:ec:4e:02:03:3e:6f:87:e7:9a:51:41:
74:89:9b:4b:82:56:30:74:f5:83:e2:3d:33:ee:20:
6b:22:0b:66:c3:fc:c8:6e:45:89:f6:a5:3e:72:87:
cd:d1:54:a6:2e:45:ff:a3:51:78:f9:b9:d1:b4:f7:
bf:4f:5e:04:05:24:f7:a3:d3:82:29:3b:2c:15:10:
93:63:d3:ce:36:65:6d:6d:57:ee:44:59:3e:77:fb:
e9:f6:29:4f:d0:99:8a:29:bd:3c:df:71:8e:63:c9:
5a:5b:69:48:3b:07:05:e2:b3:ab:c7:33:3b:65:b7:
35:c2:b7:7d:a9:10:cb:e8:b5:12:00:58:f2:52:99:
cd:84:d8:cf:ed:f2:af:fd:a1:85:f0:ac:0e:84:8d:
95:bd:51:7b:7d:b8:85:dc:a2:43:e5:3a:86:4e:2d:
79:87:ba:f3:a5:c8:85:c7:a7:53:b1:28:51:86:7e:
67:5c:ba:7d:c7:a3:8f:6d:5b:79:27:80:2e:d9:be:
b8:18:31:43:41:03:10:c7:8b:f6:b5:c1:30:db:aa:
64:9a:68:ff:70:5d:64:0e:37:9f:85:fc:fb:43:26:
b5:cd:2d:bb:df:ed:fa:fd:a7:f7:c5:60:7d:d2:ca:
6d:27:f6:86:75:a6:f7:b1:5b:83:1b:98:98:ab:91:
02:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:74:8A:B0:A4:76:63:BA:DB:52:43:FC:8D:86:64:19:FC:A6:81:21
X509v3 Authority Key Identifier:
keyid:0C:BE:91:EB:63:A4:4F:1E:9F:1A:83:ED:D2:18:A1:EC:75:C2:5E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DL6R62OkTx6fGoPt0hih7HXCXpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7e51b4-0ab4-4719-b330-bdc5ae8abdb1/1/uXSKsKR2Y7rbUkP8jYZkGfymgSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7e51b4-0ab4-4719-b330-bdc5ae8abdb1/1/DL6R62OkTx6fGoPt0hih7HXCXpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.199.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:6c:a1:59:4e:6b:10:2a:0d:95:e2:2e:ce:bf:50:66:b0:1d:
e2:d9:ac:6b:eb:fe:5c:0d:25:41:60:67:b2:83:cf:6c:2a:27:
70:7d:b6:38:bb:e9:59:78:50:78:6d:ac:ca:e6:e3:61:8c:bc:
17:88:47:1a:1a:03:04:03:0c:6d:35:ec:e3:1d:1e:03:fa:fc:
e2:05:77:6b:0a:c0:61:63:91:23:4b:d2:a9:db:a5:4f:72:84:
9d:ed:d7:75:ed:06:6c:2c:f4:f7:73:d3:9c:f3:7a:13:b2:2e:
a0:92:45:f2:40:9b:93:08:e0:8f:f5:e4:b4:5b:5b:4d:34:8b:
00:c4:cc:7d:66:c8:d3:aa:9f:91:c8:06:ba:3f:92:d1:0f:38:
76:14:b3:f9:a4:b1:21:1e:0d:94:0c:37:2a:59:35:81:bc:9f:
cf:f2:db:e0:3c:82:50:c7:83:d4:6e:73:ef:fc:67:cc:f9:1c:
b2:44:97:b1:7f:ef:64:50:6a:01:33:d2:df:04:54:7a:85:34:
f8:b0:d1:50:1b:3c:c2:91:38:dd:8c:6a:b2:a4:c2:64:8c:fd:
91:f8:da:2e:7b:3f:6e:9d:c9:d7:5a:7d:aa:f8:4d:4c:b0:42:
22:2e:86:85:11:b5:f6:d4:77:6a:af:13:d6:46:00:aa:78:f9:
14:e1:80:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlEEV2KGglcrviKxnlzTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYmU5MWViNjNhNDRmMWU5ZjFhODNlZGQyMThhMWVjNzVj
MjVlOTEwHhcNMjQwMTAyMDAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc0OGFiMGE0NzY2M2JhZGI1MjQzZmM4ZDg2NjQxOWZjYTY4MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLPZ7E4CAz5vh+eaUUF0iZtLglYw
dPWD4j0z7iBrIgtmw/zIbkWJ9qU+cofN0VSmLkX/o1F4+bnRtPe/T14EBST3o9OC
KTssFRCTY9PONmVtbVfuRFk+d/vp9ilP0JmKKb0833GOY8laW2lIOwcF4rOrxzM7
Zbc1wrd9qRDL6LUSAFjyUpnNhNjP7fKv/aGF8KwOhI2VvVF7fbiF3KJD5TqGTi15
h7rzpciFx6dTsShRhn5nXLp9x6OPbVt5J4Au2b64GDFDQQMQx4v2tcEw26pkmmj/
cF1kDjefhfz7Qya1zS273+36/af3xWB90sptJ/aGdab3sVuDG5iYq5ECuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLl0irCkdmO621JD/I2GZBn8poEhMB8GA1UdIwQY
MBaAFAy+ketjpE8enxqD7dIYoex1wl6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREw2UjYyT2tUeDZmR29QdDBoaWg3SFhDWHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83ZTUxYjQtMGFiNC00NzE5LWIzMzAt
YmRjNWFlOGFiZGIxLzEvdVhTS3NLUjJZN3JiVWtQOGpZWmtHZnltZ1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83ZTUxYjQtMGFiNC00NzE5LWIzMzAtYmRjNWFlOGFiZGIx
LzEvREw2UjYyT2tUeDZmR29QdDBoaWg3SFhDWHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuevHMA0G
CSqGSIb3DQEBCwUAA4IBAQAKbKFZTmsQKg2V4i7Ov1BmsB3i2axr6/5cDSVBYGey
g89sKidwfbY4u+lZeFB4bazK5uNhjLwXiEcaGgMEAwxtNezjHR4D+vziBXdrCsBh
Y5EjS9Kp26VPcoSd7dd17QZsLPT3c9Oc83oTsi6gkkXyQJuTCOCP9eS0W1tNNIsA
xMx9ZsjTqp+RyAa6P5LRDzh2FLP5pLEhHg2UDDcqWTWBvJ/P8tvgPIJQx4PUbnPv
/GfM+RyyRJexf+9kUGoBM9LfBFR6hTT4sNFQGzzCkTjdjGqypMJkjP2R+Nouez9u
ncnXWn2q+E1MsEIiLoaFEbX21HdqrxPWRgCqePkU4YDM
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:51 2025 by rpki-client