Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/c6ec68-225f-4d95-9340-a1f74586387b/1/uZiaTq3yiY7hzYTIlesT-SvL720.roa
File: uZiaTq3yiY7hzYTIlesT-SvL720.roa (raw, json)
Hash identifier: LDhJ9qoMfxOR7ri1o/2qvYW9OU0kSR0croF/qKMk4lc=
Subject key identifier: B9:98:9A:4E:AD:F2:89:8E:E1:CD:84:C8:95:EB:13:F9:2B:CB:EF:6D
Certificate issuer: /CN=f52f20d0d3b2efc5bc97a47b775bd8ba1794f9e5
Certificate serial: 018CC8012D4DC446807241B4C74DDA1EAEB8
Authority key identifier: F5:2F:20:D0:D3:B2:EF:C5:BC:97:A4:7B:77:5B:D8:BA:17:94:F9:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9S8g0NOy78W8l6R7d1vYuheU-eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/c6ec68-225f-4d95-9340-a1f74586387b/1/uZiaTq3yiY7hzYTIlesT-SvL720.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208018
IP address blocks: 185.172.206.0/23 maxlen: 23
185.172.204.0/22 maxlen: 22
185.172.204.0/23 maxlen: 23
185.172.207.0/24 maxlen: 24
2a0f:1dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2d:4d:c4:46:80:72:41:b4:c7:4d:da:1e:ae:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f52f20d0d3b2efc5bc97a47b775bd8ba1794f9e5
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9989a4eadf2898ee1cd84c895eb13f92bcbef6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ff:8e:87:11:04:7c:1d:91:37:a4:9e:66:4f:
01:52:46:90:b9:35:8a:cd:c4:7e:fa:fb:32:c7:b2:
dd:d0:50:b9:9f:6b:d2:b1:b6:68:db:64:39:eb:75:
aa:79:f1:ba:b0:0b:07:69:82:6b:cd:43:d5:6c:b5:
19:15:7d:1f:7f:73:a0:37:ba:d7:8e:3c:02:54:49:
2d:74:35:d7:5b:73:49:1a:5e:dd:03:7c:80:e6:90:
10:98:fa:ac:96:0c:d3:d2:67:83:6e:15:ef:24:e2:
f1:61:18:9c:5e:8d:e5:f5:dc:6d:86:a5:7c:ae:93:
87:5e:02:08:e7:4b:36:1b:37:fc:8c:c0:0d:26:69:
0b:33:34:97:f1:da:5c:94:73:9e:c2:6d:7e:62:c0:
8c:ed:be:1e:0a:8a:99:9f:b9:90:28:9b:3d:2c:93:
80:07:51:d1:c0:d7:7d:78:dd:7a:fc:6e:7e:c5:e2:
31:4d:cd:a0:fb:a9:17:92:74:32:2c:d6:74:42:e6:
d2:bf:1e:19:3e:32:40:d8:cc:c0:9a:d8:ad:bb:7d:
75:96:10:02:c6:92:55:74:3a:82:14:6d:6d:f6:74:
98:84:4f:72:89:1c:75:0f:bd:e1:b5:7c:09:ce:de:
cd:c1:88:fc:bf:c7:1f:7c:65:db:0e:0e:bb:1a:5c:
c4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:98:9A:4E:AD:F2:89:8E:E1:CD:84:C8:95:EB:13:F9:2B:CB:EF:6D
X509v3 Authority Key Identifier:
keyid:F5:2F:20:D0:D3:B2:EF:C5:BC:97:A4:7B:77:5B:D8:BA:17:94:F9:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9S8g0NOy78W8l6R7d1vYuheU-eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/c6ec68-225f-4d95-9340-a1f74586387b/1/uZiaTq3yiY7hzYTIlesT-SvL720.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/c6ec68-225f-4d95-9340-a1f74586387b/1/9S8g0NOy78W8l6R7d1vYuheU-eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.204.0/22
IPv6:
2a0f:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:95:3f:7a:83:08:9e:78:e6:82:14:5f:9f:25:e6:4c:c9:86:
ea:9d:74:7a:ac:e0:cd:70:41:96:d4:ce:15:c0:f9:36:45:c8:
4b:7d:c4:0b:7d:68:a1:dd:60:f9:8f:a1:1f:41:6c:9f:1f:a2:
bf:64:ed:aa:f6:20:c5:ca:04:df:f9:14:12:4c:97:c9:f2:f6:
a8:95:f6:11:26:d8:cf:08:fb:bd:19:8a:c4:77:1f:45:9e:d5:
bc:8a:c7:5a:62:de:a3:93:ed:04:e2:46:8b:c7:2e:26:74:b7:
1b:1e:72:a3:e5:a4:c4:87:79:51:37:b8:ad:59:21:fb:f5:74:
fb:36:d0:f5:53:2a:f1:6a:33:68:b6:1d:78:fc:83:5e:12:57:
19:3c:d3:99:c4:cf:33:81:b2:7f:7e:cc:a5:22:af:7a:be:c9:
43:d5:f1:18:95:6c:8a:61:9f:e0:ab:96:a2:e3:82:47:4d:41:
c9:19:82:07:b8:8a:e4:28:73:f6:3f:6f:e5:79:a6:60:b9:0e:
7f:9c:5a:4c:fa:61:ba:4d:d6:b5:2e:2f:54:5b:f1:6e:6f:a6:
13:23:de:5a:3d:c6:f6:ed:e1:9a:77:e8:68:c4:ec:bf:f2:62:
3d:b6:57:fe:43:61:4b:34:a7:2d:51:e6:f1:2a:fe:4d:59:70:
d9:e7:da:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAS1NxEaAckG0x03aHq64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MmYyMGQwZDNiMmVmYzViYzk3YTQ3Yjc3NWJkOGJhMTc5
NGY5ZTUwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk4OWE0ZWFkZjI4OThlZTFjZDg0Yzg5NWViMTNmOTJiY2JlZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv+OhxEEfB2RN6SeZk8BUkaQuTWK
zcR++vsyx7Ld0FC5n2vSsbZo22Q563WqefG6sAsHaYJrzUPVbLUZFX0ff3OgN7rX
jjwCVEktdDXXW3NJGl7dA3yA5pAQmPqslgzT0meDbhXvJOLxYRicXo3l9dxthqV8
rpOHXgII50s2Gzf8jMANJmkLMzSX8dpclHOewm1+YsCM7b4eCoqZn7mQKJs9LJOA
B1HRwNd9eN16/G5+xeIxTc2g+6kXknQyLNZ0QubSvx4ZPjJA2MzAmtitu311lhAC
xpJVdDqCFG1t9nSYhE9yiRx1D73htXwJzt7NwYj8v8cffGXbDg67GlzEoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLmYmk6t8omO4c2EyJXrE/kry+9tMB8GA1UdIwQY
MBaAFPUvINDTsu/FvJeke3db2LoXlPnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVM4ZzBOT3k3OFc4bDZSN2Qxdll1aGVVLWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jNmVjNjgtMjI1Zi00ZDk1LTkzNDAt
YTFmNzQ1ODYzODdiLzEvdVppYVRxM3lpWTdoellUSWxlc1QtU3ZMNzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jNmVjNjgtMjI1Zi00ZDk1LTkzNDAtYTFmNzQ1ODYzODdi
LzEvOVM4ZzBOT3k3OFc4bDZSN2Qxdll1aGVVLWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazMMA0E
AgACMAcDBQMqDx3AMA0GCSqGSIb3DQEBCwUAA4IBAQCLlT96gwieeOaCFF+fJeZM
yYbqnXR6rODNcEGW1M4VwPk2RchLfcQLfWih3WD5j6EfQWyfH6K/ZO2q9iDFygTf
+RQSTJfJ8vaolfYRJtjPCPu9GYrEdx9FntW8isdaYt6jk+0E4kaLxy4mdLcbHnKj
5aTEh3lRN7itWSH79XT7NtD1UyrxajNoth14/INeElcZPNOZxM8zgbJ/fsylIq96
vslD1fEYlWyKYZ/gq5ai44JHTUHJGYIHuIrkKHP2P2/leaZguQ5/nFpM+mG6Tda1
Li9UW/Fub6YTI95aPcb27eGad+hoxOy/8mI9tlf+Q2FLNKctUebxKv5NWXDZ59pL
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:34:07 2025 by rpki-client