Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/ukZW1_CPIEqGtJubvng3HaMF5jU.roa
File: ukZW1_CPIEqGtJubvng3HaMF5jU.roa (raw, json)
Hash identifier: VYN61XSZHLt2yMt1l86iOqs1ZFsKJzF61wXbrkIOVVs=
Subject key identifier: BA:46:56:D7:F0:8F:20:4A:86:B4:9B:9B:BE:78:37:1D:A3:05:E6:35
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018EC228E277BEC0E4E286B838F4529C5327
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/ukZW1_CPIEqGtJubvng3HaMF5jU.roa
Signing time: Tue 09 Apr 2024 09:20:43 +0000
ROA not before: Tue 09 Apr 2024 09:20:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209178
IP address blocks: 185.233.19.0/24 maxlen: 24
185.235.165.0/24 maxlen: 24
2a02:afc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 May 2024 09:45:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:28:e2:77:be:c0:e4:e2:86:b8:38:f4:52:9c:53:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Apr 9 09:20:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba4656d7f08f204a86b49b9bbe78371da305e635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9c:59:7d:73:f6:bd:59:16:68:8d:72:01:73:
07:05:82:a6:42:bc:4d:60:06:f8:54:1b:d2:8b:f9:
80:ba:72:d1:fb:e3:6c:29:51:76:2b:76:9c:64:60:
d5:f5:3c:a4:a7:67:fc:56:17:51:96:f5:72:a5:c2:
70:7b:ee:a5:29:27:78:86:fc:cf:b2:90:4e:b1:9a:
72:10:13:84:2b:cb:20:77:da:10:a7:14:2e:4e:7f:
40:e4:e8:22:7e:ec:1a:54:97:54:7f:5c:11:4a:a2:
82:60:db:bf:ca:2e:24:c3:b6:25:c8:2f:bf:a3:6e:
67:eb:7a:8d:db:23:b3:5d:65:fe:6c:09:fa:25:71:
7c:27:9d:fb:f2:ac:02:76:58:67:15:37:79:35:61:
24:8f:27:e5:df:90:24:26:61:52:f6:dd:5a:af:6c:
cf:7e:38:49:78:28:c3:b9:2c:8c:b5:b3:82:be:1b:
4a:ff:ab:ff:6b:78:29:ec:36:2c:53:1e:6e:9b:76:
37:46:45:26:93:2f:6c:39:28:f9:83:23:df:48:47:
2d:3c:99:d4:24:d3:7a:dd:39:c9:f0:36:7e:90:6e:
40:d9:99:a3:88:2f:30:80:0e:cd:9e:f1:1f:ba:2b:
f4:75:10:4e:ff:5a:54:ec:3d:d9:7e:eb:cd:80:85:
de:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:46:56:D7:F0:8F:20:4A:86:B4:9B:9B:BE:78:37:1D:A3:05:E6:35
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/ukZW1_CPIEqGtJubvng3HaMF5jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.19.0/24
185.235.165.0/24
IPv6:
2a02:afc0::/29
Signature Algorithm: sha256WithRSAEncryption
68:2a:74:a1:e7:15:3f:70:06:f7:79:be:13:bc:8c:e9:a2:a4:
4a:e1:ba:21:e2:22:51:a5:5b:cb:6e:c8:c7:43:7d:8f:81:98:
0c:2c:51:23:a8:b2:df:94:a4:a0:be:bd:5e:e0:f2:6d:db:d3:
65:28:90:fe:c3:2a:17:dd:20:d8:42:62:b2:03:59:69:27:36:
cc:00:5e:3b:fa:5d:be:2f:80:8e:f1:e9:80:2a:70:ee:77:12:
e3:7a:f4:b9:e9:1d:4c:9f:49:76:5c:c0:2c:28:f6:56:c3:c3:
38:9b:dd:ca:02:24:70:40:ee:55:fc:db:e0:ea:5c:cb:15:e7:
da:1e:b4:a7:15:ac:bb:cc:0a:d0:09:e7:a5:4d:67:53:87:a9:
34:c9:5d:d0:1b:30:a3:40:7f:ab:6d:b8:5d:93:39:64:0d:b6:
eb:5a:63:e6:15:a7:3e:be:73:70:31:fd:a2:23:c0:a3:e3:60:
03:1f:35:5c:36:5c:79:d4:a9:cb:ff:27:f6:50:3c:43:7c:29:
d8:f7:96:74:8e:79:65:96:36:f1:b1:22:86:01:f4:bc:42:12:
a0:2d:7c:d1:8e:cf:e6:f1:7b:68:0a:b2:16:30:79:1d:e2:a3:
fd:89:f6:8f:bf:b8:ac:83:e4:06:b8:87:3c:c2:82:eb:1c:58:
12:4b:e8:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY7CKOJ3vsDk4oa4OPRSnFMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwNDA5MDkyMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQ2NTZkN2YwOGYyMDRhODZiNDliOWJiZTc4MzcxZGEzMDVlNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZxZfXP2vVkWaI1yAXMHBYKmQrxN
YAb4VBvSi/mAunLR++NsKVF2K3acZGDV9Tykp2f8VhdRlvVypcJwe+6lKSd4hvzP
spBOsZpyEBOEK8sgd9oQpxQuTn9A5OgifuwaVJdUf1wRSqKCYNu/yi4kw7YlyC+/
o25n63qN2yOzXWX+bAn6JXF8J5378qwCdlhnFTd5NWEkjyfl35AkJmFS9t1ar2zP
fjhJeCjDuSyMtbOCvhtK/6v/a3gp7DYsUx5um3Y3RkUmky9sOSj5gyPfSEctPJnU
JNN63TnJ8DZ+kG5A2ZmjiC8wgA7NnvEfuiv0dRBO/1pU7D3ZfuvNgIXeawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLpGVtfwjyBKhrSbm754Nx2jBeY1MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvdWtaVzFfQ1BJRXFHdEp1YnZuZzNIYU1GNWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuekTAwQA
ueulMA0EAgACMAcDBQMqAq/AMA0GCSqGSIb3DQEBCwUAA4IBAQBoKnSh5xU/cAb3
eb4TvIzpoqRK4boh4iJRpVvLbsjHQ32PgZgMLFEjqLLflKSgvr1e4PJt29NlKJD+
wyoX3SDYQmKyA1lpJzbMAF47+l2+L4CO8emAKnDudxLjevS56R1Mn0l2XMAsKPZW
w8M4m93KAiRwQO5V/Nvg6lzLFefaHrSnFay7zArQCeelTWdTh6k0yV3QGzCjQH+r
bbhdkzlkDbbrWmPmFac+vnNwMf2iI8Cj42ADHzVcNlx51KnL/yf2UDxDfCnY95Z0
jnllljbxsSKGAfS8QhKgLXzRjs/m8XtoCrIWMHkd4qP9ifaPv7isg+QGuIc8woLr
HFgSS+g2
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:20:24 2025 by rpki-client