Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/29fb04-e07b-4e30-b8f5-54204ddd2ca6/1/UH7tO8z9RYjvAkgkSxocLKQLddE.roa
File: UH7tO8z9RYjvAkgkSxocLKQLddE.roa (raw, json)
Hash identifier: Fsef3k+3xUySyZEiq28PA+LPnY3ei5H2RbIjwqwhaxQ=
Subject key identifier: 50:7E:ED:3B:CC:FD:45:88:EF:02:48:24:4B:1A:1C:2C:A4:0B:75:D1
Certificate issuer: /CN=5ec1769d3ff042124698e31c472b63bbf1bbb5ad
Certificate serial: 0194C8846209E574A27B5709D4CC228871E9
Authority key identifier: 5E:C1:76:9D:3F:F0:42:12:46:98:E3:1C:47:2B:63:BB:F1:BB:B5:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XsF2nT_wQhJGmOMcRytju_G7ta0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/29fb04-e07b-4e30-b8f5-54204ddd2ca6/1/UH7tO8z9RYjvAkgkSxocLKQLddE.roa
Signing time: Sun 02 Feb 2025 21:15:06 +0000
ROA not before: Sun 02 Feb 2025 21:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.84.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Feb 2025 09:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c8:84:62:09:e5:74:a2:7b:57:09:d4:cc:22:88:71:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ec1769d3ff042124698e31c472b63bbf1bbb5ad
Validity
Not Before: Feb 2 21:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=507eed3bccfd4588ef0248244b1a1c2ca40b75d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:72:70:66:5b:15:01:c1:44:8e:a4:8b:7e:76:
95:e6:f2:a3:7e:b4:26:86:c6:a0:8d:30:e8:50:04:
5d:f3:66:55:3c:7f:6b:b9:60:2c:19:cb:8e:ca:98:
6d:9c:aa:71:1a:9e:38:e9:5c:d2:5a:2e:2a:d5:84:
ec:c0:07:4a:59:63:ba:40:0f:0a:05:15:ac:d7:51:
2b:29:0e:cc:e2:93:85:83:39:62:09:22:b4:5e:42:
60:95:f0:41:e3:a8:28:20:f3:00:72:32:9a:83:b3:
d0:03:3b:71:42:12:fa:b5:11:71:41:7e:2c:90:9e:
6e:16:67:63:2a:2e:17:ee:23:03:a9:5b:bf:55:5e:
0c:1c:03:84:d6:59:c1:e2:8b:2f:07:67:76:2b:12:
67:d0:28:60:bf:7c:9c:af:fd:63:b0:ab:f6:37:e7:
4a:82:79:15:10:d9:a1:4c:f0:68:76:01:c1:fc:d4:
38:04:b6:f6:7a:6e:6c:cf:ba:11:cd:29:6a:2b:52:
3c:e3:fc:52:75:6b:90:36:01:c8:cc:e5:2d:3a:3f:
71:47:91:78:ab:95:cb:48:7b:c0:5f:5c:a1:a5:6a:
82:9d:e6:f5:5f:be:f8:0d:4c:3d:16:e7:ab:1f:ce:
49:5c:b7:32:57:e5:f4:3c:a1:98:01:64:88:bc:a3:
0e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:7E:ED:3B:CC:FD:45:88:EF:02:48:24:4B:1A:1C:2C:A4:0B:75:D1
X509v3 Authority Key Identifier:
keyid:5E:C1:76:9D:3F:F0:42:12:46:98:E3:1C:47:2B:63:BB:F1:BB:B5:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XsF2nT_wQhJGmOMcRytju_G7ta0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29fb04-e07b-4e30-b8f5-54204ddd2ca6/1/UH7tO8z9RYjvAkgkSxocLKQLddE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29fb04-e07b-4e30-b8f5-54204ddd2ca6/1/XsF2nT_wQhJGmOMcRytju_G7ta0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.159.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:5d:6d:75:35:7d:09:4f:b4:6f:74:76:93:d2:32:b1:d6:88:
88:6f:46:6b:39:84:79:16:a0:9f:ce:7f:25:6a:9b:f3:16:b7:
dd:19:1e:3e:12:6b:d8:fa:d9:fd:33:75:e2:5a:d5:86:5c:ae:
18:ec:60:24:15:09:0e:48:e1:d2:8c:df:28:e8:f6:1f:30:fa:
a9:68:93:b1:de:bb:ca:60:a4:92:86:86:89:0e:cc:5d:58:1f:
4e:34:0a:5c:bc:53:65:bc:e7:7d:7e:bc:49:30:d6:03:0b:0e:
8d:62:77:65:61:f2:61:f0:91:da:ec:43:97:d5:b0:44:6b:c2:
85:f8:f2:b0:9f:d5:be:02:18:a9:b2:84:9d:7a:e5:cb:03:90:
81:3a:51:81:db:1d:f4:db:bf:e4:3e:0e:2c:81:8f:07:c4:45:
ea:aa:77:83:1c:a1:66:bd:07:49:7b:44:cd:eb:28:f0:a7:bd:
4e:dc:38:7d:51:2c:d2:ba:10:98:72:62:5c:0c:9d:96:5f:51:
f4:63:c0:6f:97:57:14:3c:e4:6b:28:47:40:88:5f:67:c3:57:
fd:d9:81:72:0a:dc:7c:28:b1:ea:90:ca:a4:8a:50:a0:d6:b1:
c4:b3:9a:81:cf:bb:85:e7:7f:d7:d4:02:31:33:81:a5:30:78:
a2:b4:26:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTIhGIJ5XSie1cJ1MwiiHHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYzE3NjlkM2ZmMDQyMTI0Njk4ZTMxYzQ3MmI2M2JiZjFi
YmI1YWQwHhcNMjUwMjAyMjExNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDdlZWQzYmNjZmQ0NTg4ZWYwMjQ4MjQ0YjFhMWMyY2E0MGI3NWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nJwZlsVAcFEjqSLfnaV5vKjfrQm
hsagjTDoUARd82ZVPH9ruWAsGcuOyphtnKpxGp446VzSWi4q1YTswAdKWWO6QA8K
BRWs11ErKQ7M4pOFgzliCSK0XkJglfBB46goIPMAcjKag7PQAztxQhL6tRFxQX4s
kJ5uFmdjKi4X7iMDqVu/VV4MHAOE1lnB4osvB2d2KxJn0Chgv3ycr/1jsKv2N+dK
gnkVENmhTPBodgHB/NQ4BLb2em5sz7oRzSlqK1I84/xSdWuQNgHIzOUtOj9xR5F4
q5XLSHvAX1yhpWqCneb1X774DUw9FuerH85JXLcyV+X0PKGYAWSIvKMOAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFB+7TvM/UWI7wJIJEsaHCykC3XRMB8GA1UdIwQY
MBaAFF7Bdp0/8EISRpjjHEcrY7vxu7WtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHNGMm5UX3dRaEpHbU9NY1J5dGp1X0c3dGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yOWZiMDQtZTA3Yi00ZTMwLWI4ZjUt
NTQyMDRkZGQyY2E2LzEvVUg3dE84ejlSWWp2QWtna1N4b2NMS1FMZGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yOWZiMDQtZTA3Yi00ZTMwLWI4ZjUtNTQyMDRkZGQyY2E2
LzEvWHNGMm5UX3dRaEpHbU9NY1J5dGp1X0c3dGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVSfMA0G
CSqGSIb3DQEBCwUAA4IBAQBNXW11NX0JT7RvdHaT0jKx1oiIb0ZrOYR5FqCfzn8l
apvzFrfdGR4+EmvY+tn9M3XiWtWGXK4Y7GAkFQkOSOHSjN8o6PYfMPqpaJOx3rvK
YKSShoaJDsxdWB9ONApcvFNlvOd9frxJMNYDCw6NYndlYfJh8JHa7EOX1bBEa8KF
+PKwn9W+AhipsoSdeuXLA5CBOlGB2x3027/kPg4sgY8HxEXqqneDHKFmvQdJe0TN
6yjwp71O3Dh9USzSuhCYcmJcDJ2WX1H0Y8Bvl1cUPORrKEdAiF9nw1f92YFyCtx8
KLHqkMqkilCg1rHEs5qBz7uF53/X1AIxM4GlMHiitCat
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:28:12 2025 by rpki-client