Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7c0f14-5b24-4b1b-8eb5-b4d8c2b7a103/1/UZvLpMqTE7JyCbIwT6Cjwb0l3Fc.roa
File: UZvLpMqTE7JyCbIwT6Cjwb0l3Fc.roa (raw, json)
Hash identifier: tMHPR07VQsBAWvNQmMfFkbJ5eNVQiKfWBDheTJUBG1M=
Subject key identifier: 51:9B:CB:A4:CA:93:13:B2:72:09:B2:30:4F:A0:A3:C1:BD:25:DC:57
Certificate issuer: /CN=fe31ddef25d96c84b001a2ac5047b04e060a0ac3
Certificate serial: 018CC94ACB80F374270ED10F3CAA962C1F11
Authority key identifier: FE:31:DD:EF:25:D9:6C:84:B0:01:A2:AC:50:47:B0:4E:06:0A:0A:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_jHd7yXZbISwAaKsUEewTgYKCsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/7c0f14-5b24-4b1b-8eb5-b4d8c2b7a103/1/UZvLpMqTE7JyCbIwT6Cjwb0l3Fc.roa
Signing time: Tue 02 Jan 2024 08:29:31 +0000
ROA not before: Tue 02 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3178
IP address blocks: 185.56.192.0/24 maxlen: 24
185.56.192.0/22 maxlen: 22
185.56.195.0/24 maxlen: 24
185.56.193.0/24 maxlen: 24
185.56.194.0/24 maxlen: 24
5.8.240.0/23 maxlen: 23
5.8.240.0/24 maxlen: 24
5.8.241.0/24 maxlen: 24
5.8.245.0/24 maxlen: 24
5.8.240.0/21 maxlen: 21
5.8.246.0/24 maxlen: 24
5.8.243.0/24 maxlen: 24
5.8.244.0/24 maxlen: 24
5.8.244.0/23 maxlen: 23
5.8.242.0/24 maxlen: 24
5.8.242.0/23 maxlen: 23
5.8.247.0/24 maxlen: 24
2a01:aa20::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:cb:80:f3:74:27:0e:d1:0f:3c:aa:96:2c:1f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe31ddef25d96c84b001a2ac5047b04e060a0ac3
Validity
Not Before: Jan 2 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=519bcba4ca9313b27209b2304fa0a3c1bd25dc57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ad:47:84:24:7d:8b:01:0d:4b:06:80:17:b9:
3a:3d:24:5f:e2:d1:6b:b9:c8:4d:0f:97:52:be:e3:
16:84:d1:41:07:1a:6a:3f:f3:f7:44:73:ed:ad:71:
14:9c:a6:06:20:9e:83:a8:92:e8:c9:fa:e4:09:e1:
8a:bd:73:fe:4d:c4:1a:5f:9b:36:e4:81:4d:4a:54:
c9:2a:65:31:7e:14:9b:ad:cb:5f:70:99:45:6b:76:
66:91:14:f9:1d:f8:12:60:7f:a5:a6:6f:d5:5f:2a:
de:a1:7f:79:a6:e8:b2:16:a1:4c:4e:b5:ab:0d:10:
10:71:1e:a0:cb:4b:d6:b5:c3:15:f9:66:c7:fd:86:
24:30:5e:63:91:a4:fe:b4:77:27:8b:63:08:9f:b5:
74:7a:f9:3a:7a:49:5c:2d:f3:9a:ed:10:4e:00:1b:
fd:e8:05:0d:a5:1b:f3:e9:7f:43:88:10:f8:f0:b9:
f9:f0:44:0d:aa:d8:bb:f6:46:fe:4e:42:30:0f:26:
69:7d:f2:ca:ba:55:d1:bb:dd:12:c4:6f:39:86:5e:
b5:74:c6:b4:e0:1a:0b:d2:fe:d4:54:1b:2e:0a:29:
c0:ea:ab:f0:c3:00:f6:92:56:a2:f6:75:52:83:dc:
d5:83:f7:7d:04:02:fc:0a:87:a9:8f:b8:27:e2:56:
16:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9B:CB:A4:CA:93:13:B2:72:09:B2:30:4F:A0:A3:C1:BD:25:DC:57
X509v3 Authority Key Identifier:
keyid:FE:31:DD:EF:25:D9:6C:84:B0:01:A2:AC:50:47:B0:4E:06:0A:0A:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_jHd7yXZbISwAaKsUEewTgYKCsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7c0f14-5b24-4b1b-8eb5-b4d8c2b7a103/1/UZvLpMqTE7JyCbIwT6Cjwb0l3Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7c0f14-5b24-4b1b-8eb5-b4d8c2b7a103/1/_jHd7yXZbISwAaKsUEewTgYKCsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.240.0/21
185.56.192.0/22
IPv6:
2a01:aa20::/32
Signature Algorithm: sha256WithRSAEncryption
4a:65:e0:84:73:cf:80:ee:4b:f8:f7:4a:dc:4d:de:d7:fa:bb:
31:bf:e2:01:87:6a:cd:18:7b:d2:f4:65:fe:9c:2f:28:9c:ab:
b7:6a:7b:e6:22:36:d0:95:0a:db:c1:ee:7d:90:49:d0:18:62:
08:c8:b9:f7:11:e2:ed:99:34:c9:5e:ac:d7:b1:f9:73:41:82:
71:97:1c:42:ec:fc:07:32:61:cd:b9:0d:36:02:dd:5b:d9:c0:
f6:a3:64:0f:63:8d:8a:44:81:0f:a7:09:d5:3d:77:72:e2:72:
dd:54:8c:cf:c2:4f:ae:e6:de:af:44:55:36:6c:eb:34:cb:45:
36:50:3b:20:17:87:94:4b:c4:71:a0:d6:43:e8:95:cb:86:a9:
03:ae:cd:fd:b9:1e:2b:b2:df:40:f0:17:2a:61:86:b6:36:b6:
aa:a2:8e:a8:1a:06:d1:80:4c:24:e5:1d:f8:83:15:08:92:ba:
06:fd:8c:0f:17:fa:28:03:03:f9:8a:73:6b:dd:0d:35:eb:79:
5f:fe:a3:b4:9b:a2:91:69:73:81:33:db:38:57:94:3f:21:a2:
ee:b9:f8:23:45:a7:35:e6:40:40:db:5c:64:8c:68:0a:ce:71:
18:a3:23:b3:a0:86:62:9a:0e:56:2c:99:cf:38:72:6f:7e:ba:
8d:b8:ec:bc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJSsuA83QnDtEPPKqWLB8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMzFkZGVmMjVkOTZjODRiMDAxYTJhYzUwNDdiMDRlMDYw
YTBhYzMwHhcNMjQwMTAyMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTliY2JhNGNhOTMxM2IyNzIwOWIyMzA0ZmEwYTNjMWJkMjVkYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa1HhCR9iwENSwaAF7k6PSRf4tFr
uchND5dSvuMWhNFBBxpqP/P3RHPtrXEUnKYGIJ6DqJLoyfrkCeGKvXP+TcQaX5s2
5IFNSlTJKmUxfhSbrctfcJlFa3ZmkRT5HfgSYH+lpm/VXyreoX95puiyFqFMTrWr
DRAQcR6gy0vWtcMV+WbH/YYkMF5jkaT+tHcni2MIn7V0evk6eklcLfOa7RBOABv9
6AUNpRvz6X9DiBD48Ln58EQNqti79kb+TkIwDyZpffLKulXRu90SxG85hl61dMa0
4BoL0v7UVBsuCinA6qvwwwD2klai9nVSg9zVg/d9BAL8Coepj7gn4lYWdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFGby6TKkxOycgmyME+go8G9JdxXMB8GA1UdIwQY
MBaAFP4x3e8l2WyEsAGirFBHsE4GCgrDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2pIZDd5WFpiSVN3QWFLc1VFZXdUZ1lLQ3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83YzBmMTQtNWIyNC00YjFiLThlYjUt
YjRkOGMyYjdhMTAzLzEvVVp2THBNcVRFN0p5Q2JJd1Q2Q2p3YjBsM0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83YzBmMTQtNWIyNC00YjFiLThlYjUtYjRkOGMyYjdhMTAz
LzEvX2pIZDd5WFpiSVN3QWFLc1VFZXdUZ1lLQ3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBQjwAwQC
uTjAMA0EAgACMAcDBQAqAaogMA0GCSqGSIb3DQEBCwUAA4IBAQBKZeCEc8+A7kv4
90rcTd7X+rsxv+IBh2rNGHvS9GX+nC8onKu3anvmIjbQlQrbwe59kEnQGGIIyLn3
EeLtmTTJXqzXsflzQYJxlxxC7PwHMmHNuQ02At1b2cD2o2QPY42KRIEPpwnVPXdy
4nLdVIzPwk+u5t6vRFU2bOs0y0U2UDsgF4eUS8RxoNZD6JXLhqkDrs39uR4rst9A
8BcqYYa2Nraqoo6oGgbRgEwk5R34gxUIkroG/YwPF/ooAwP5inNr3Q0163lf/qO0
m6KRaXOBM9s4V5Q/IaLuufgjRac15kBA21xkjGgKznEYoyOzoIZimg5WLJnPOHJv
frqNuOy8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:56 2025 by rpki-client