Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uOi-UdPOMG6LvFNRpgj9Ezo9GW8.roa
File: uOi-UdPOMG6LvFNRpgj9Ezo9GW8.roa (raw, json)
Hash identifier: GTH/eT7UmXFjW5xALXfJ+cni+a27sJ8gpNIkAz4E5y0=
Subject key identifier: B8:E8:BE:51:D3:CE:30:6E:8B:BC:53:51:A6:08:FD:13:3A:3D:19:6F
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0194653BF24A9167DBB3F88C79EF27DF8944
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uOi-UdPOMG6LvFNRpgj9Ezo9GW8.roa
Signing time: Tue 14 Jan 2025 14:33:34 +0000
ROA not before: Tue 14 Jan 2025 14:33:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215245
IP address blocks: 185.144.70.0/24 maxlen: 24
185.144.71.0/24 maxlen: 24
194.117.224.0/24 maxlen: 24
194.117.225.0/24 maxlen: 24
2a14:6780:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Jan 2025 13:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:3b:f2:4a:91:67:db:b3:f8:8c:79:ef:27:df:89:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Jan 14 14:33:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8e8be51d3ce306e8bbc5351a608fd133a3d196f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b7:3f:cc:69:31:21:bc:52:9e:68:71:46:15:
fd:b6:0d:47:af:67:46:8a:fd:07:4e:06:46:c1:ac:
38:16:55:0d:85:52:28:93:84:a4:4b:01:97:8c:d5:
76:5d:e4:16:a1:f1:d0:79:17:fc:bd:60:b5:77:af:
fe:41:7a:bc:e0:1e:eb:33:73:9a:09:90:20:9e:89:
5d:8a:1d:7a:2b:8c:74:bc:b8:a1:68:14:1e:66:b3:
f4:7f:c0:36:cd:82:33:09:7f:67:ed:3c:bc:d9:51:
0d:3e:62:d7:cb:fa:b4:1c:15:58:7a:81:03:71:78:
73:00:36:55:d1:6e:a4:13:74:7b:32:33:03:2a:2d:
01:d1:57:93:6a:24:4a:f6:a6:88:74:4d:52:d4:ca:
cd:d3:d7:30:0b:d9:e8:f6:09:07:f0:14:b4:f4:0b:
df:6b:b6:b0:5c:c4:40:97:ca:92:19:0f:92:9e:a3:
56:9f:0d:af:bd:37:4d:02:20:52:8a:f4:62:f3:a2:
cf:01:eb:d7:7a:d3:2c:20:ed:90:a2:8a:89:1a:93:
ce:1b:0d:d1:91:8f:2d:f3:de:27:7d:9b:d4:38:7e:
d2:d9:8c:af:1c:28:f2:d3:88:95:bf:f1:2e:44:1d:
7b:0c:dc:fb:e2:6d:29:a8:ed:5a:0a:21:23:1c:c3:
25:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E8:BE:51:D3:CE:30:6E:8B:BC:53:51:A6:08:FD:13:3A:3D:19:6F
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uOi-UdPOMG6LvFNRpgj9Ezo9GW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.70.0/23
194.117.224.0/23
IPv6:
2a14:6780:4::/48
Signature Algorithm: sha256WithRSAEncryption
4b:2a:f4:c8:20:aa:f1:46:14:df:11:97:2e:28:83:2f:cf:64:
2e:c6:fd:5f:ff:31:3b:3c:c5:ba:8b:34:60:96:32:d5:33:cf:
47:e8:de:a6:99:0c:e8:1f:3f:ff:3b:b1:40:3a:0c:5e:3d:86:
fd:fb:ca:5b:20:a4:d1:d1:d3:f5:87:16:4c:58:c8:74:82:b6:
56:f6:ac:a8:89:eb:ab:46:33:9c:01:c9:bd:ac:b6:d2:a8:1b:
ca:66:9d:25:81:28:d9:ac:5d:48:26:f4:04:17:17:4b:5c:17:
c7:c4:ca:34:f1:0b:54:3e:61:3e:2c:74:d6:96:75:1c:98:9b:
c4:78:ff:b0:c6:2b:2c:a3:93:82:6d:8c:bf:f6:d8:df:38:0c:
8c:37:e8:7b:4c:ec:c6:f0:b1:af:3c:44:a0:f5:c9:94:70:ab:
68:6b:e7:65:b2:48:03:9e:c9:6a:e6:e8:e9:69:e2:de:81:99:
06:f7:04:f9:6d:93:20:86:b6:b6:8d:0d:9d:5a:1e:37:26:70:
4e:67:6a:e9:c4:32:28:5d:28:49:15:a0:8a:ff:7e:9f:e3:f2:
7c:a0:f9:8f:07:8d:0d:87:5a:d0:8e:b1:77:92:3d:86:7e:68:
da:6c:f4:ef:a9:da:3c:08:9c:e0:61:21:ee:c2:a8:a9:aa:14:
f1:03:cd:b5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZRlO/JKkWfbs/iMee8n34lEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwMTE0MTQzMzM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGU4YmU1MWQzY2UzMDZlOGJiYzUzNTFhNjA4ZmQxMzNhM2QxOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLc/zGkxIbxSnmhxRhX9tg1Hr2dG
iv0HTgZGwaw4FlUNhVIok4SkSwGXjNV2XeQWofHQeRf8vWC1d6/+QXq84B7rM3Oa
CZAgnoldih16K4x0vLihaBQeZrP0f8A2zYIzCX9n7Ty82VENPmLXy/q0HBVYeoED
cXhzADZV0W6kE3R7MjMDKi0B0VeTaiRK9qaIdE1S1MrN09cwC9no9gkH8BS09Avf
a7awXMRAl8qSGQ+SnqNWnw2vvTdNAiBSivRi86LPAevXetMsIO2QooqJGpPOGw3R
kY8t894nfZvUOH7S2YyvHCjy04iVv/EuRB17DNz74m0pqO1aCiEjHMMlgwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLjovlHTzjBui7xTUaYI/RM6PRlvMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvdU9pLVVkUE9NRzZMdkZOUnBnajlFem85R1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBuZBGAwQB
wnXgMA8EAgACMAkDBwAqFGeAAAQwDQYJKoZIhvcNAQELBQADggEBAEsq9MggqvFG
FN8Rly4ogy/PZC7G/V//MTs8xbqLNGCWMtUzz0fo3qaZDOgfP/87sUA6DF49hv37
ylsgpNHR0/WHFkxYyHSCtlb2rKiJ66tGM5wByb2sttKoG8pmnSWBKNmsXUgm9AQX
F0tcF8fEyjTxC1Q+YT4sdNaWdRyYm8R4/7DGKyyjk4JtjL/22N84DIw36HtM7Mbw
sa88RKD1yZRwq2hr52WySAOeyWrm6Olp4t6BmQb3BPltkyCGtraNDZ1aHjcmcE5n
aunEMihdKEkVoIr/fp/j8nyg+Y8HjQ2HWtCOsXeSPYZ+aNps9O+p2jwInOBhIe7C
qKmqFPEDzbU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:54:34 2025 by rpki-client