Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/uPe60iYlggybsfKT0QuBDpv2o64.roa
File: uPe60iYlggybsfKT0QuBDpv2o64.roa (raw, json)
Hash identifier: LISYm9o9Ad04NfQPtp2RSAm6oMqp9wyrOoX6AaEKbJ8=
Subject key identifier: B8:F7:BA:D2:26:25:82:0C:9B:B1:F2:93:D1:0B:81:0E:9B:F6:A3:AE
Certificate issuer: /CN=8a227c35f928d9c8b8ff7c25721efd47a90dcb67
Certificate serial: 01959044E835CD0C61D690597884832A0038
Authority key identifier: 8A:22:7C:35:F9:28:D9:C8:B8:FF:7C:25:72:1E:FD:47:A9:0D:CB:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iiJ8Nfko2ci4_3wlch79R6kNy2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/uPe60iYlggybsfKT0QuBDpv2o64.roa
Signing time: Thu 13 Mar 2025 16:09:49 +0000
ROA not before: Thu 13 Mar 2025 16:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199039
IP address blocks: 176.110.96.0/22 maxlen: 22
176.110.98.0/24 maxlen: 24
176.110.99.0/24 maxlen: 24
185.134.52.0/22 maxlen: 24
193.187.74.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 14 Mar 2025 16:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:44:e8:35:cd:0c:61:d6:90:59:78:84:83:2a:00:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a227c35f928d9c8b8ff7c25721efd47a90dcb67
Validity
Not Before: Mar 13 16:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8f7bad22625820c9bb1f293d10b810e9bf6a3ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d0:3e:f6:62:10:1e:35:74:77:54:82:51:f9:
35:ef:ad:c4:6b:7d:45:af:a9:8e:47:36:2d:a8:91:
75:be:68:5c:e4:68:8c:1f:37:e9:94:d3:e9:d6:7f:
04:c4:94:75:f6:c6:28:15:78:08:8c:2f:8a:fc:33:
20:2c:3d:7f:55:ca:41:57:db:ca:f3:f4:31:f3:4e:
3a:5c:cb:fe:88:95:30:32:8e:46:d2:94:dd:c0:e9:
e5:8c:b1:15:99:e1:3d:3c:ff:1b:a4:ff:f8:d0:dd:
15:58:50:c1:8d:83:93:7b:18:17:3b:92:e3:2c:9f:
62:51:80:a0:7a:0a:a2:82:04:16:7a:e1:75:e4:7a:
31:2a:77:f8:93:34:c8:28:95:89:04:9b:7d:e1:1e:
94:de:d7:5e:25:7b:ad:5c:e9:6a:e1:14:aa:b9:09:
41:92:cd:47:f6:42:53:35:1c:21:e3:e2:d3:89:2f:
96:e8:0b:f4:c3:69:54:e2:98:20:45:00:f2:64:0b:
6c:47:ad:34:fe:74:34:e4:79:ae:40:3f:a0:ef:bb:
5f:f8:e5:3f:95:9c:5b:f3:51:10:ad:15:0f:5a:f7:
9a:a0:0d:e6:10:08:fe:84:03:c1:2b:6e:6e:3c:03:
18:41:5a:e6:56:64:62:5c:70:1c:24:a8:59:d5:79:
c6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F7:BA:D2:26:25:82:0C:9B:B1:F2:93:D1:0B:81:0E:9B:F6:A3:AE
X509v3 Authority Key Identifier:
keyid:8A:22:7C:35:F9:28:D9:C8:B8:FF:7C:25:72:1E:FD:47:A9:0D:CB:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iiJ8Nfko2ci4_3wlch79R6kNy2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/uPe60iYlggybsfKT0QuBDpv2o64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9af78b-41c4-47b7-af95-37b0a2ab3cd6/1/iiJ8Nfko2ci4_3wlch79R6kNy2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.96.0/22
185.134.52.0/22
193.187.74.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:ea:d7:ce:2c:ce:52:16:a2:40:0d:72:29:fb:6d:5a:da:19:
b9:93:c9:3e:c1:3a:98:b5:d2:8d:c1:29:0a:9d:12:1a:74:88:
20:8e:8c:fd:ec:30:76:d3:5f:ca:14:84:c0:14:9d:1e:de:13:
b7:a5:58:a2:1a:9f:43:2e:92:4a:4b:a4:12:da:f4:55:88:ac:
fc:01:1e:1b:21:94:87:46:0c:5e:e2:55:fd:09:b8:60:e0:ae:
9d:33:a9:1e:6e:7d:b5:28:5a:fe:ba:60:89:f3:52:9e:b0:15:
d2:eb:40:2b:16:98:b1:c8:bd:76:93:8e:c0:21:b9:8a:5d:a9:
65:36:16:4c:fa:b4:24:d6:95:ca:20:6e:fb:d2:b4:48:e4:6a:
b0:66:18:cc:ef:58:b2:04:27:36:4b:42:41:b8:cb:d4:40:b9:
97:d7:6a:1a:89:31:87:ae:1a:ee:61:f7:3a:87:b7:9c:e3:4f:
b5:a9:e2:e3:d3:d6:0c:61:4e:cc:19:52:b9:11:5b:ba:1e:8e:
55:53:62:27:c2:4c:43:8a:38:b7:15:02:bd:1b:a6:81:bc:6a:
86:f2:e0:7d:bd:80:4d:0c:5b:33:a5:e6:5e:54:fb:50:89:00:
f5:a1:6b:59:3d:23:c1:cb:a9:7e:3f:f8:da:db:76:07:00:43:
ac:c3:21:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWQROg1zQxh1pBZeISDKgA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMjI3YzM1ZjkyOGQ5YzhiOGZmN2MyNTcyMWVmZDQ3YTkw
ZGNiNjcwHhcNMjUwMzEzMTYwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGY3YmFkMjI2MjU4MjBjOWJiMWYyOTNkMTBiODEwZTliZjZhM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNA+9mIQHjV0d1SCUfk1763Ea31F
r6mORzYtqJF1vmhc5GiMHzfplNPp1n8ExJR19sYoFXgIjC+K/DMgLD1/VcpBV9vK
8/Qx8046XMv+iJUwMo5G0pTdwOnljLEVmeE9PP8bpP/40N0VWFDBjYOTexgXO5Lj
LJ9iUYCgegqiggQWeuF15HoxKnf4kzTIKJWJBJt94R6U3tdeJXutXOlq4RSquQlB
ks1H9kJTNRwh4+LTiS+W6Av0w2lU4pggRQDyZAtsR600/nQ05HmuQD+g77tf+OU/
lZxb81EQrRUPWveaoA3mEAj+hAPBK25uPAMYQVrmVmRiXHAcJKhZ1XnGJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLj3utImJYIMm7Hyk9ELgQ6b9qOuMB8GA1UdIwQY
MBaAFIoifDX5KNnIuP98JXIe/UepDctnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWlKOE5ma28yY2k0XzN3bGNoNzlSNmtOeTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85YWY3OGItNDFjNC00N2I3LWFmOTUt
MzdiMGEyYWIzY2Q2LzEvdVBlNjBpWWxnZ3lic2ZLVDBRdUJEcHYybzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85YWY3OGItNDFjNC00N2I3LWFmOTUtMzdiMGEyYWIzY2Q2
LzEvaWlKOE5ma28yY2k0XzN3bGNoNzlSNmtOeTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCsG5gAwQC
uYY0AwQBwbtKMA0GCSqGSIb3DQEBCwUAA4IBAQCi6tfOLM5SFqJADXIp+21a2hm5
k8k+wTqYtdKNwSkKnRIadIggjoz97DB201/KFITAFJ0e3hO3pViiGp9DLpJKS6QS
2vRViKz8AR4bIZSHRgxe4lX9Cbhg4K6dM6kebn21KFr+umCJ81KesBXS60ArFpix
yL12k47AIbmKXallNhZM+rQk1pXKIG770rRI5GqwZhjM71iyBCc2S0JBuMvUQLmX
12oaiTGHrhruYfc6h7ec40+1qeLj09YMYU7MGVK5EVu6Ho5VU2InwkxDiji3FQK9
G6aBvGqG8uB9vYBNDFszpeZeVPtQiQD1oWtZPSPBy6l+P/ja23YHAEOswyGy
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:23:30 2025 by rpki-client