Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/uF8tc090B-i2hfd11P5QDNdWCf4.roa
File: uF8tc090B-i2hfd11P5QDNdWCf4.roa (raw, json)
Hash identifier: nYv2u0yvEFVOQz36aJ5DlJ0NKtFrW4rYp7pnmLlaeyA=
Subject key identifier: B8:5F:2D:73:4F:74:07:E8:B6:85:F7:75:D4:FE:50:0C:D7:56:09:FE
Certificate issuer: /CN=d3540b518d75fbefd616bfd94cf05fd25ba488b6
Certificate serial: 018CC86FEB7FB18C7F187A4923DD3EE9E06B
Authority key identifier: D3:54:0B:51:8D:75:FB:EF:D6:16:BF:D9:4C:F0:5F:D2:5B:A4:88:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01QLUY11--_WFr_ZTPBf0lukiLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/uF8tc090B-i2hfd11P5QDNdWCf4.roa
Signing time: Tue 02 Jan 2024 04:30:27 +0000
ROA not before: Tue 02 Jan 2024 04:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205260
IP address blocks: 185.223.196.0/22 maxlen: 22
185.223.199.0/24 maxlen: 24
2a0c:4c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:eb:7f:b1:8c:7f:18:7a:49:23:dd:3e:e9:e0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3540b518d75fbefd616bfd94cf05fd25ba488b6
Validity
Not Before: Jan 2 04:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b85f2d734f7407e8b685f775d4fe500cd75609fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:57:b4:bf:c4:a6:44:9e:dc:cb:23:b5:71:f1:
16:ce:45:0c:cc:95:a2:fc:18:3b:2b:42:00:82:10:
bb:4e:26:2c:d3:e4:c1:f1:f1:ee:ff:c0:2c:71:1c:
07:6f:71:46:d1:c3:9a:ca:14:b3:85:a8:1c:70:cb:
70:53:cc:42:a5:fa:f8:19:03:b1:dd:43:fd:39:5f:
81:8a:ed:71:8f:96:03:1a:12:44:98:9c:c6:f2:07:
c3:9b:27:db:c9:9f:b0:7d:7d:4f:c8:8b:5d:95:ed:
b9:94:4b:14:39:6e:44:ea:f3:bb:ec:d7:50:1d:75:
61:9d:d6:55:7f:df:d9:db:1d:80:dc:16:bc:08:89:
f3:07:0b:6b:2c:04:57:6f:5a:f4:5b:96:08:68:7c:
37:03:8a:1f:25:ac:46:1b:0d:9f:c6:00:fe:0f:b8:
1b:a3:4a:8b:b2:de:2f:03:49:4b:9d:e8:bc:25:11:
f7:f4:e4:2c:7e:23:88:73:3b:4b:53:ff:26:0b:89:
b4:44:a3:16:40:c4:a8:3a:fb:07:ea:41:8b:d9:63:
b2:b8:65:10:cd:38:50:08:63:e1:e9:4d:59:f2:52:
88:da:cf:2e:0d:02:42:4d:a5:6c:93:c6:26:bf:d3:
ef:5f:c8:a5:e4:c6:b3:83:ab:0f:11:ad:84:5f:67:
76:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5F:2D:73:4F:74:07:E8:B6:85:F7:75:D4:FE:50:0C:D7:56:09:FE
X509v3 Authority Key Identifier:
keyid:D3:54:0B:51:8D:75:FB:EF:D6:16:BF:D9:4C:F0:5F:D2:5B:A4:88:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01QLUY11--_WFr_ZTPBf0lukiLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/uF8tc090B-i2hfd11P5QDNdWCf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/01QLUY11--_WFr_ZTPBf0lukiLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.196.0/22
IPv6:
2a0c:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
bd:f6:fa:87:8f:c8:d1:cd:14:2a:4a:fd:8f:8b:86:5e:10:69:
83:3f:10:c6:d5:30:6a:7d:31:9e:17:90:f4:fa:c0:a2:71:1a:
14:8c:b7:e8:92:c9:54:8b:b5:0f:02:e8:23:e3:f3:c8:97:c4:
37:be:4e:ab:91:8a:dd:9b:45:bf:a6:76:66:67:1c:54:ea:16:
e6:0d:b0:40:97:8e:92:39:4d:0a:50:a7:89:3b:ba:d7:bc:2f:
6d:bb:57:a4:43:94:a3:12:db:26:ea:ae:b4:68:88:33:b7:7e:
aa:3f:00:81:7d:55:15:5e:36:06:1e:a2:7d:65:6e:75:5e:aa:
e8:16:cb:4b:91:6c:08:9b:16:08:e1:25:91:a7:19:2f:02:20:
08:f7:cd:1f:2e:69:e2:d6:00:3a:a3:9b:40:5a:91:c0:e8:35:
5b:99:10:e6:cc:bc:15:ef:19:80:73:6e:e8:a1:1c:9f:d8:c7:
fa:5c:d1:30:ca:05:1e:36:fa:e8:38:7c:5b:f6:7d:53:69:5e:
6b:30:3a:38:c1:08:ff:5b:3b:49:29:62:a1:8c:bf:f1:8c:d5:
1a:95:8e:34:55:d8:4c:24:12:57:23:a9:ab:e5:66:34:2f:91:
5e:d6:ff:77:8e:e7:29:c1:2a:a4:b9:f0:46:2d:9d:29:87:7a:
5f:2f:ba:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb+t/sYx/GHpJI90+6eBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTQwYjUxOGQ3NWZiZWZkNjE2YmZkOTRjZjA1ZmQyNWJh
NDg4YjYwHhcNMjQwMTAyMDQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVmMmQ3MzRmNzQwN2U4YjY4NWY3NzVkNGZlNTAwY2Q3NTYwOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1e0v8SmRJ7cyyO1cfEWzkUMzJWi
/Bg7K0IAghC7TiYs0+TB8fHu/8AscRwHb3FG0cOayhSzhagccMtwU8xCpfr4GQOx
3UP9OV+Biu1xj5YDGhJEmJzG8gfDmyfbyZ+wfX1PyItdle25lEsUOW5E6vO77NdQ
HXVhndZVf9/Z2x2A3Ba8CInzBwtrLARXb1r0W5YIaHw3A4ofJaxGGw2fxgD+D7gb
o0qLst4vA0lLnei8JRH39OQsfiOIcztLU/8mC4m0RKMWQMSoOvsH6kGL2WOyuGUQ
zThQCGPh6U1Z8lKI2s8uDQJCTaVsk8Ymv9PvX8il5Mazg6sPEa2EX2d2SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLhfLXNPdAfotoX3ddT+UAzXVgn+MB8GA1UdIwQY
MBaAFNNUC1GNdfvv1ha/2UzwX9JbpIi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFRTFVZMTEtLV9XRnJfWlRQQmYwbHVraUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hY2VlOGUtNzc2MS00MTlmLWI0ODMt
YjMwMTYyZTNjY2MwLzEvdUY4dGMwOTBCLWkyaGZkMTFQNVFETmRXQ2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hY2VlOGUtNzc2MS00MTlmLWI0ODMtYjMwMTYyZTNjY2Mw
LzEvMDFRTFVZMTEtLV9XRnJfWlRQQmYwbHVraUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud/EMA0E
AgACMAcDBQMqDEwAMA0GCSqGSIb3DQEBCwUAA4IBAQC99vqHj8jRzRQqSv2Pi4Ze
EGmDPxDG1TBqfTGeF5D0+sCicRoUjLfokslUi7UPAugj4/PIl8Q3vk6rkYrdm0W/
pnZmZxxU6hbmDbBAl46SOU0KUKeJO7rXvC9tu1ekQ5SjEtsm6q60aIgzt36qPwCB
fVUVXjYGHqJ9ZW51XqroFstLkWwImxYI4SWRpxkvAiAI980fLmni1gA6o5tAWpHA
6DVbmRDmzLwV7xmAc27ooRyf2Mf6XNEwygUeNvroOHxb9n1TaV5rMDo4wQj/WztJ
KWKhjL/xjNUalY40VdhMJBJXI6mr5WY0L5Fe1v93jucpwSqkufBGLZ0ph3pfL7qC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:30 2025 by rpki-client