Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/uwPKbZ-OJ9OzPzjJ7OOfvRniHC4.roa
File: uwPKbZ-OJ9OzPzjJ7OOfvRniHC4.roa (raw, json)
Hash identifier: +PcfsQXJoR1jOvwEU14Eh3EubJ+Y8ZasEf7P2IdyKI8=
Subject key identifier: BB:03:CA:6D:9F:8E:27:D3:B3:3F:38:C9:EC:E3:9F:BD:19:E2:1C:2E
Certificate issuer: /CN=8eaded0b83fa4e31ce0a0840eb429ba8a9f18e39
Certificate serial: 018D186D489E16304A644A1DBECEB97AC8F6
Authority key identifier: 8E:AD:ED:0B:83:FA:4E:31:CE:0A:08:40:EB:42:9B:A8:A9:F1:8E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jq3tC4P6TjHOCghA60KbqKnxjjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/uwPKbZ-OJ9OzPzjJ7OOfvRniHC4.roa
Signing time: Wed 17 Jan 2024 17:17:11 +0000
ROA not before: Wed 17 Jan 2024 17:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54113
IP address blocks: 185.31.16.0/24 maxlen: 24
185.31.19.0/24 maxlen: 24
2a04:4e47::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jan 2024 19:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:6d:48:9e:16:30:4a:64:4a:1d:be:ce:b9:7a:c8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eaded0b83fa4e31ce0a0840eb429ba8a9f18e39
Validity
Not Before: Jan 17 17:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb03ca6d9f8e27d3b33f38c9ece39fbd19e21c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:34:c4:ba:cb:ec:a4:6d:a2:37:50:01:d8:86:
75:f3:1c:70:9d:2d:f9:5a:17:c3:e0:a4:4b:cf:ee:
bb:89:03:b3:dc:45:84:46:57:6a:8a:79:02:d1:d5:
17:bb:97:eb:88:85:19:c1:fc:6c:5f:fe:99:25:51:
6b:a7:58:62:50:f3:47:86:b1:fd:fa:fe:cf:39:44:
08:7e:ab:a3:c3:cf:25:f5:1a:39:9c:ea:05:58:11:
4f:50:4d:c7:51:21:f8:92:3c:42:ac:11:51:18:e7:
f1:e2:57:90:b8:5b:aa:c1:7b:28:44:ba:d6:39:a0:
67:62:42:ad:f2:98:27:33:66:73:a2:31:fe:4d:98:
e6:6d:a5:f0:89:74:80:91:35:47:11:fc:05:76:da:
b2:cd:33:54:01:42:2c:43:03:78:97:ff:45:00:d4:
a0:f0:cb:e7:22:ca:72:fa:3d:9e:b8:fe:0e:44:50:
29:eb:eb:2e:36:15:41:55:08:75:8e:e7:06:3d:f8:
d7:0d:ba:08:2b:7b:ba:b2:01:ab:3c:5b:46:e6:eb:
a9:aa:6b:92:67:bd:49:3e:d1:b1:bd:93:ae:ce:39:
dd:1f:24:65:80:2b:f5:db:44:6b:b4:70:5f:4a:09:
1b:93:3b:99:99:91:dc:ee:b9:6f:9a:d9:e4:47:bc:
2b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:03:CA:6D:9F:8E:27:D3:B3:3F:38:C9:EC:E3:9F:BD:19:E2:1C:2E
X509v3 Authority Key Identifier:
keyid:8E:AD:ED:0B:83:FA:4E:31:CE:0A:08:40:EB:42:9B:A8:A9:F1:8E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jq3tC4P6TjHOCghA60KbqKnxjjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/uwPKbZ-OJ9OzPzjJ7OOfvRniHC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/jq3tC4P6TjHOCghA60KbqKnxjjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.16.0/24
185.31.19.0/24
IPv6:
2a04:4e47::/32
Signature Algorithm: sha256WithRSAEncryption
8c:c0:51:a5:bc:5f:1d:38:6b:a3:bd:22:80:af:44:d8:f7:b2:
a9:1e:39:40:de:54:66:d6:f5:86:54:ee:a6:ed:ae:fa:90:91:
30:d8:04:c7:3d:65:1a:f9:a3:f8:10:7f:6d:d3:9b:f3:e8:c8:
ba:0b:bd:5b:bc:f7:31:c1:5d:4b:cb:5a:9f:da:74:cf:d3:35:
9f:be:8a:a1:4e:b7:20:7a:89:e6:ea:b1:72:f7:e7:73:2b:25:
3e:d6:60:a9:14:ad:45:e3:73:df:e0:3d:c1:f4:c9:3b:3f:e5:
36:9c:31:06:44:bb:ba:e4:4b:ac:67:fc:43:5a:77:7b:12:f8:
6e:4d:0a:25:11:e6:01:25:39:fc:68:7c:13:c1:0b:db:70:0e:
31:a2:dd:d4:38:d7:f3:d4:c7:6a:bc:6b:35:a2:35:b5:0c:78:
50:96:c5:ca:ba:0a:42:cc:ef:d7:be:e3:fd:c5:2f:b5:9d:33:
70:28:73:d0:ba:52:9e:07:7a:fb:3d:4b:ef:43:97:81:e3:67:
e6:08:6b:0b:80:32:d9:2d:fe:ba:b4:59:62:34:55:21:8a:1b:
f3:5b:05:b3:fd:3d:7c:39:73:76:68:eb:77:fa:54:df:8f:a1:
14:cd:06:05:55:5b:a6:10:d0:26:0b:8a:71:76:08:3a:a5:e5:
ae:1d:5d:7e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY0YbUieFjBKZEodvs65esj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYWRlZDBiODNmYTRlMzFjZTBhMDg0MGViNDI5YmE4YTlm
MThlMzkwHhcNMjQwMTE3MTcxNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjAzY2E2ZDlmOGUyN2QzYjMzZjM4YzllY2UzOWZiZDE5ZTIxYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDTEusvspG2iN1AB2IZ18xxwnS35
WhfD4KRLz+67iQOz3EWERldqinkC0dUXu5friIUZwfxsX/6ZJVFrp1hiUPNHhrH9
+v7POUQIfqujw88l9Ro5nOoFWBFPUE3HUSH4kjxCrBFRGOfx4leQuFuqwXsoRLrW
OaBnYkKt8pgnM2ZzojH+TZjmbaXwiXSAkTVHEfwFdtqyzTNUAUIsQwN4l/9FANSg
8MvnIspy+j2euP4ORFAp6+suNhVBVQh1jucGPfjXDboIK3u6sgGrPFtG5uupqmuS
Z71JPtGxvZOuzjndHyRlgCv120RrtHBfSgkbkzuZmZHc7rlvmtnkR7wrYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLsDym2fjifTsz84yezjn70Z4hwuMB8GA1UdIwQY
MBaAFI6t7QuD+k4xzgoIQOtCm6ip8Y45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanEzdEM0UDZUakhPQ2doQTYwS2JxS254amprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMjJjMDgtNTZhNy00MmQ0LWJlYTUt
ODc3ZGRhMTkyMzc5LzEvdXdQS2JaLU9KOU96UHpqSjdPT2Z2Um5pSEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMjJjMDgtNTZhNy00MmQ0LWJlYTUtODc3ZGRhMTkyMzc5
LzEvanEzdEM0UDZUakhPQ2doQTYwS2JxS254amprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuR8QAwQA
uR8TMA0EAgACMAcDBQAqBE5HMA0GCSqGSIb3DQEBCwUAA4IBAQCMwFGlvF8dOGuj
vSKAr0TY97KpHjlA3lRm1vWGVO6m7a76kJEw2ATHPWUa+aP4EH9t05vz6Mi6C71b
vPcxwV1Ly1qf2nTP0zWfvoqhTrcgeonm6rFy9+dzKyU+1mCpFK1F43Pf4D3B9Mk7
P+U2nDEGRLu65EusZ/xDWnd7EvhuTQolEeYBJTn8aHwTwQvbcA4xot3UONfz1Mdq
vGs1ojW1DHhQlsXKugpCzO/XvuP9xS+1nTNwKHPQulKeB3r7PUvvQ5eB42fmCGsL
gDLZLf66tFliNFUhihvzWwWz/T18OXN2aOt3+lTfj6EUzQYFVVumENAmC4pxdgg6
peWuHV1+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:50 2025 by rpki-client