Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/uMy7vII9SqnSN5SQkcgmZtuRs7w.roa
File: uMy7vII9SqnSN5SQkcgmZtuRs7w.roa (raw, json)
Hash identifier: jTllahga4WftbHKpqGGvmr83DNW2/h4yiGOSrtDBLDQ=
Subject key identifier: B8:CC:BB:BC:82:3D:4A:A9:D2:37:94:90:91:C8:26:66:DB:91:B3:BC
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0194D5DC39757212525985C166AF371EAEE4
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/uMy7vII9SqnSN5SQkcgmZtuRs7w.roa
Signing time: Wed 05 Feb 2025 11:26:07 +0000
ROA not before: Wed 05 Feb 2025 11:26:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209737
IP address blocks: 185.86.6.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:58:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:dc:39:75:72:12:52:59:85:c1:66:af:37:1e:ae:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Feb 5 11:26:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8ccbbbc823d4aa9d237949091c82666db91b3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9a:5d:f7:f7:b4:f9:0c:b7:f3:c7:eb:2e:27:
81:b8:0e:b6:4f:54:f0:53:fd:7d:80:9d:25:58:f0:
ba:90:44:6c:84:71:df:07:47:ea:3e:b2:49:98:34:
2e:ce:e9:1a:89:cb:d3:50:2d:c8:bc:d8:19:f4:d1:
af:32:b6:2a:07:74:87:a4:50:1b:e8:8c:f8:60:80:
7e:5f:e5:6b:a2:b0:a1:ca:8d:61:4b:e6:c9:ea:74:
c0:63:a8:5f:b3:1a:76:8a:68:9e:0d:36:0a:a2:db:
63:6d:ed:e3:85:0e:1d:ea:54:7c:a0:1c:32:74:cc:
de:c1:9c:14:b2:13:78:bd:2c:2f:ed:85:a0:a9:f8:
48:51:fd:80:aa:a7:f0:70:f3:95:a1:2f:bd:6a:00:
26:06:99:4e:4c:bb:e8:a3:d7:f5:7b:a1:5b:3a:3e:
c1:10:29:95:ad:57:73:8f:a0:86:4b:0a:ba:06:74:
58:e9:f0:3c:fc:3d:c7:23:14:53:77:ff:55:77:ad:
b3:78:07:fa:a5:a1:f8:6f:57:9b:12:4e:e5:59:90:
56:a3:af:8b:4f:d5:18:cb:60:b1:fa:51:27:7f:49:
50:e7:24:88:b5:e8:73:fb:68:c6:59:89:2e:eb:c8:
b7:d0:0e:e2:f4:fa:15:a2:26:6f:b6:6a:e9:ad:8a:
be:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:CC:BB:BC:82:3D:4A:A9:D2:37:94:90:91:C8:26:66:DB:91:B3:BC
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/uMy7vII9SqnSN5SQkcgmZtuRs7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.6.0/24
185.254.28.0/23
193.35.152.0/24
193.35.155.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:63:28:b7:e1:bb:1e:3d:3a:76:c9:8d:1f:f2:0c:5a:dd:a2:
30:85:6a:5a:d0:e0:99:c8:80:1f:3e:14:f0:84:67:7f:f8:de:
91:9f:bf:0c:c3:20:e7:7c:40:2f:31:c4:7d:a8:c8:b1:21:87:
ad:ff:e0:2b:9c:b6:b4:51:23:65:7f:36:26:e3:00:b2:7d:76:
c2:89:6e:d5:5e:db:86:15:75:da:a1:69:f2:18:19:94:5c:ed:
54:8b:96:fc:b4:8c:62:7b:c8:90:84:51:0c:86:bc:97:6c:b6:
2a:06:12:13:91:43:b4:c3:87:9f:a1:23:d4:0e:de:31:6b:da:
11:a9:9f:4f:52:02:bd:3b:cf:77:48:d5:85:61:89:9b:94:af:
77:03:cd:bc:94:a9:bc:41:76:39:86:d2:92:c3:5b:61:62:d2:
67:5e:4f:a1:91:5d:ec:d1:38:ba:cb:96:cf:96:f3:f2:7a:d4:
49:ff:82:6b:7c:0b:df:b4:72:46:c1:3e:19:91:26:1c:ab:0f:
f5:43:82:9a:1f:30:cb:70:22:4e:3b:fb:72:07:af:4e:a7:6e:
6e:2d:01:33:af:d5:0e:5a:03:66:bb:76:73:3d:d3:88:50:1b:
39:d1:1e:69:71:5d:b8:74:60:09:64:95:a2:ff:50:53:e1:ae:
f6:94:31:94
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZTV3Dl1chJSWYXBZq83Hq7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMjA1MTEyNjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGNjYmJiYzgyM2Q0YWE5ZDIzNzk0OTA5MWM4MjY2NmRiOTFiM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJpd9/e0+Qy388frLieBuA62T1Tw
U/19gJ0lWPC6kERshHHfB0fqPrJJmDQuzukaicvTUC3IvNgZ9NGvMrYqB3SHpFAb
6Iz4YIB+X+VrorChyo1hS+bJ6nTAY6hfsxp2imieDTYKottjbe3jhQ4d6lR8oBwy
dMzewZwUshN4vSwv7YWgqfhIUf2AqqfwcPOVoS+9agAmBplOTLvoo9f1e6FbOj7B
ECmVrVdzj6CGSwq6BnRY6fA8/D3HIxRTd/9Vd62zeAf6paH4b1ebEk7lWZBWo6+L
T9UYy2Cx+lEnf0lQ5ySItehz+2jGWYku68i30A7i9PoVoiZvtmrprYq+XQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLjMu7yCPUqp0jeUkJHIJmbbkbO8MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvdU15N3ZJSTlTcW5TTjVTUWtjZ21adHVSczd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuVYGAwQB
uf4cAwQAwSOYAwQAwSObMA0GCSqGSIb3DQEBCwUAA4IBAQALYyi34bsePTp2yY0f
8gxa3aIwhWpa0OCZyIAfPhTwhGd/+N6Rn78MwyDnfEAvMcR9qMixIYet/+ArnLa0
USNlfzYm4wCyfXbCiW7VXtuGFXXaoWnyGBmUXO1Ui5b8tIxie8iQhFEMhryXbLYq
BhITkUO0w4efoSPUDt4xa9oRqZ9PUgK9O893SNWFYYmblK93A828lKm8QXY5htKS
w1thYtJnXk+hkV3s0Ti6y5bPlvPyetRJ/4JrfAvftHJGwT4ZkSYcqw/1Q4KaHzDL
cCJOO/tyB69Op25uLQEzr9UOWgNmu3ZzPdOIUBs50R5pcV24dGAJZJWi/1BT4a72
lDGU
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:03:39 2025 by rpki-client