Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/UH04KnB8osIzBa9Z4SDOVVAdZ9I.roa
File: UH04KnB8osIzBa9Z4SDOVVAdZ9I.roa (raw, json)
Hash identifier: AHemANPJishiTNmkCKgkBu0EAeXaH5lmfjIMFL907Ok=
Subject key identifier: 50:7D:38:2A:70:7C:A2:C2:33:05:AF:59:E1:20:CE:55:50:1D:67:D2
Certificate issuer: /CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Certificate serial: 018CC26D80E20E4C7E509E47AFF9353CC5EE
Authority key identifier: 11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/UH04KnB8osIzBa9Z4SDOVVAdZ9I.roa
Signing time: Mon 01 Jan 2024 00:30:05 +0000
ROA not before: Mon 01 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 185.255.208.0/24 maxlen: 24
185.255.208.0/22 maxlen: 22
185.255.211.0/24 maxlen: 24
185.255.210.0/24 maxlen: 24
185.255.209.0/24 maxlen: 24
185.227.64.0/22 maxlen: 22
2a0a:4b80::/30 maxlen: 30
2a0a:4b84::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 26 Feb 2024 13:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:80:e2:0e:4c:7e:50:9e:47:af:f9:35:3c:c5:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Validity
Not Before: Jan 1 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=507d382a707ca2c23305af59e120ce55501d67d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:45:13:06:a4:b2:87:53:e9:a7:1c:69:5f:4e:
46:f6:df:5a:ee:7f:6a:25:e0:0c:7a:3d:d8:c0:96:
10:d7:0f:89:d6:2c:0c:2a:02:59:08:70:1e:de:25:
a0:40:23:cd:15:e6:10:d7:13:54:3d:c0:25:dc:c0:
df:1e:55:2d:83:7c:5b:04:b4:9c:47:7e:00:b0:73:
df:28:c5:41:26:f7:10:bf:5b:b2:26:36:4f:01:68:
dc:3a:13:ee:bc:73:99:6f:52:ca:3b:4d:65:dd:f4:
81:0c:e0:93:be:e2:96:a9:be:f0:f1:61:fb:1f:fe:
d5:0a:34:e8:3d:bd:a0:ef:d4:af:7f:9c:d1:9c:0b:
59:c6:b3:e8:7d:26:78:7f:71:a8:f0:b3:71:b6:91:
0b:dc:47:a6:e1:16:14:1e:c2:ee:27:c6:18:62:96:
ee:05:8a:60:9c:e4:f0:99:2c:25:c8:f8:3f:35:3a:
a1:15:c2:e0:22:8b:c5:ee:51:56:6d:fc:8f:13:34:
c3:56:b4:79:9f:9c:b9:6b:f0:b5:9a:f5:74:a5:20:
c5:e1:e5:b1:d5:21:df:5d:35:a6:42:07:90:c5:5d:
24:06:13:40:fe:62:e2:dc:5b:a5:bb:34:e3:17:30:
56:91:4d:57:7a:7a:87:e5:8e:d9:e3:6e:a5:a0:35:
8d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:7D:38:2A:70:7C:A2:C2:33:05:AF:59:E1:20:CE:55:50:1D:67:D2
X509v3 Authority Key Identifier:
keyid:11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/UH04KnB8osIzBa9Z4SDOVVAdZ9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.64.0/22
185.255.208.0/22
IPv6:
2a0a:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
7d:42:c8:92:c5:1f:1e:34:bb:ad:e3:c3:87:58:9c:46:f3:89:
95:9a:14:bf:11:9f:b4:f6:95:80:a4:c3:47:c8:83:4c:ec:56:
f2:67:5a:5d:3f:7f:d8:ef:d1:3a:e9:66:05:df:b0:3d:d6:00:
19:1c:88:ae:6c:3c:ba:e6:3d:e4:50:e0:7b:09:b6:c4:de:a9:
00:f8:f6:c7:cc:15:54:82:84:ad:92:18:ba:7c:fc:52:aa:f4:
3a:84:5b:1e:9b:02:c1:0a:ed:a3:1a:e6:94:31:d3:e4:48:3a:
9c:54:ad:22:1d:f2:87:52:83:60:59:dd:ad:f2:8f:b0:7e:39:
33:57:00:14:52:cd:fa:bb:f4:5c:d3:fc:e8:2d:db:78:c2:75:
58:14:02:bf:af:01:c9:3a:e3:2c:f0:c8:f9:50:89:a8:f6:5e:
a5:09:28:b0:92:55:98:17:78:4e:0b:cc:a6:b8:45:84:22:91:
ac:d9:d9:14:45:ef:5a:b9:c5:d1:ef:49:f0:43:da:f9:2b:00:
17:cd:cb:b4:f3:81:2c:77:51:99:72:46:f2:e0:ee:4a:f8:c5:
49:9d:0e:c0:19:07:ee:98:9b:02:d3:ab:30:c5:cb:85:84:ef:
26:f6:b7:e8:c8:58:26:bc:5f:da:ea:0e:a9:2c:bb:c2:64:2c:
a5:3c:44:ab
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbYDiDkx+UJ5Hr/k1PMXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYmM0MGJjYWI1ZTkwNTNhYjZkYjdkMTllMmEzOGRmMWI2
ZjlhNGIwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDdkMzgyYTcwN2NhMmMyMzMwNWFmNTllMTIwY2U1NTUwMWQ2N2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUUTBqSyh1PppxxpX05G9t9a7n9q
JeAMej3YwJYQ1w+J1iwMKgJZCHAe3iWgQCPNFeYQ1xNUPcAl3MDfHlUtg3xbBLSc
R34AsHPfKMVBJvcQv1uyJjZPAWjcOhPuvHOZb1LKO01l3fSBDOCTvuKWqb7w8WH7
H/7VCjToPb2g79Svf5zRnAtZxrPofSZ4f3Go8LNxtpEL3Eem4RYUHsLuJ8YYYpbu
BYpgnOTwmSwlyPg/NTqhFcLgIovF7lFWbfyPEzTDVrR5n5y5a/C1mvV0pSDF4eWx
1SHfXTWmQgeQxV0kBhNA/mLi3FuluzTjFzBWkU1XenqH5Y7Z426loDWNkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFB9OCpwfKLCMwWvWeEgzlVQHWfSMB8GA1UdIwQY
MBaAFBG8QLyrXpBTq2230Z4qON8bb5pLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQt
YWU0Zjg0ZTE2Y2ExLzEvVUgwNEtuQjhvc0l6QmE5WjRTRE9WVkFkWjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQtYWU0Zjg0ZTE2Y2Ex
LzEvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueNAAwQC
uf/QMA0EAgACMAcDBQMqCkuAMA0GCSqGSIb3DQEBCwUAA4IBAQB9QsiSxR8eNLut
48OHWJxG84mVmhS/EZ+09pWApMNHyINM7FbyZ1pdP3/Y79E66WYF37A91gAZHIiu
bDy65j3kUOB7CbbE3qkA+PbHzBVUgoStkhi6fPxSqvQ6hFsemwLBCu2jGuaUMdPk
SDqcVK0iHfKHUoNgWd2t8o+wfjkzVwAUUs36u/Rc0/zoLdt4wnVYFAK/rwHJOuMs
8Mj5UImo9l6lCSiwklWYF3hOC8ymuEWEIpGs2dkURe9aucXR70nwQ9r5KwAXzcu0
84Esd1GZckby4O5K+MVJnQ7AGQfumJsC06swxcuFhO8m9rfoyFgmvF/a6g6pLLvC
ZCylPESr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:27 2025 by rpki-client