Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3c5026-5011-4689-8367-7b4e5e184735/1/ad31C8f1xIK0cBmqc3VwlVOX_0g.roa
File: ad31C8f1xIK0cBmqc3VwlVOX_0g.roa (raw, json)
Hash identifier: osmQTydIIUGIE9VFAC+CMKwGTGdQsFHwVM2/PDA0Khk=
Subject key identifier: 69:DD:F5:0B:C7:F5:C4:82:B4:70:19:AA:73:75:70:95:53:97:FF:48
Certificate issuer: /CN=3fcff98aaa5b48dc6158d2fc65f25c5097b5e26a
Certificate serial: 019281004737524F6FEDEDB211C6ADCB3216
Authority key identifier: 3F:CF:F9:8A:AA:5B:48:DC:61:58:D2:FC:65:F2:5C:50:97:B5:E2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P8_5iqpbSNxhWNL8ZfJcUJe14mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3c5026-5011-4689-8367-7b4e5e184735/1/ad31C8f1xIK0cBmqc3VwlVOX_0g.roa
Signing time: Sat 12 Oct 2024 13:52:11 +0000
ROA not before: Sat 12 Oct 2024 13:52:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214087
IP address blocks: 185.184.30.0/23 maxlen: 23
185.184.30.0/24 maxlen: 24
185.184.31.0/24 maxlen: 24
2a10:ac82::/32 maxlen: 32
2a10:ac82::/48 maxlen: 48
2a10:ac83::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Oct 2024 19:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:81:00:47:37:52:4f:6f:ed:ed:b2:11:c6:ad:cb:32:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fcff98aaa5b48dc6158d2fc65f25c5097b5e26a
Validity
Not Before: Oct 12 13:52:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ddf50bc7f5c482b47019aa737570955397ff48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:43:b0:77:68:f9:e5:ba:1e:f8:be:d5:10:1a:
35:96:73:14:0a:74:03:93:e8:cb:e7:fc:3f:02:be:
3b:6f:c8:b9:44:ef:58:ce:94:27:92:da:b5:00:ca:
0d:82:a3:da:6a:b6:25:d1:65:b8:16:46:93:4f:f4:
71:99:75:e6:c8:eb:48:d9:69:2f:8b:71:4b:c1:f2:
f9:73:75:21:f5:59:86:c8:6b:6b:f9:5d:0e:4a:bd:
09:9b:82:a5:14:c8:c0:05:89:32:7d:5d:33:d7:06:
18:c5:65:6f:15:77:f5:52:a1:45:a2:32:36:fa:e8:
dc:ce:53:5d:a6:70:2f:8d:25:f0:fe:9e:97:05:27:
6a:95:c8:45:11:bf:3c:cd:c7:c0:ec:67:0f:05:04:
62:e7:ad:c7:65:8a:6c:9f:24:78:09:ef:e7:86:50:
68:5b:a3:78:19:ed:bd:72:55:34:11:b1:70:35:e0:
d6:72:51:e6:9a:32:fd:66:58:37:c3:25:fd:8d:15:
d1:d1:64:e1:a8:96:e5:cd:52:21:90:18:e0:5a:bd:
da:da:c4:16:e4:a8:3f:d8:c8:27:e1:0f:e7:11:cd:
9d:2a:47:bb:eb:a3:1c:94:9c:5b:56:68:01:d0:79:
25:40:43:ae:e1:af:db:d6:b8:98:90:b2:17:63:5f:
33:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:DD:F5:0B:C7:F5:C4:82:B4:70:19:AA:73:75:70:95:53:97:FF:48
X509v3 Authority Key Identifier:
keyid:3F:CF:F9:8A:AA:5B:48:DC:61:58:D2:FC:65:F2:5C:50:97:B5:E2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P8_5iqpbSNxhWNL8ZfJcUJe14mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3c5026-5011-4689-8367-7b4e5e184735/1/ad31C8f1xIK0cBmqc3VwlVOX_0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3c5026-5011-4689-8367-7b4e5e184735/1/P8_5iqpbSNxhWNL8ZfJcUJe14mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.30.0/23
IPv6:
2a10:ac82::/31
Signature Algorithm: sha256WithRSAEncryption
12:52:4a:e3:a0:8d:6e:c1:ef:82:a2:e7:f9:bf:50:51:37:59:
ce:75:bb:f8:e2:0c:0d:ca:b9:ad:9c:42:c3:9c:a3:7e:8a:1d:
da:ce:20:38:39:73:d1:75:24:d5:d7:78:8b:73:ef:61:3b:4a:
f3:e6:92:ae:7d:4c:14:ec:3d:73:99:c7:91:c6:9e:08:a4:46:
e4:2a:65:86:bd:43:18:95:d4:ac:21:01:2c:17:19:ff:7a:88:
db:2b:03:59:db:62:44:13:d8:f5:95:fb:f7:26:1c:89:d2:53:
8e:8a:da:be:1e:f4:ef:80:71:f2:fe:9f:9d:33:4e:25:c1:cc:
04:1d:3f:84:82:19:e3:eb:21:05:c3:0c:86:08:29:64:ec:2e:
5a:d8:e7:e1:a5:b2:80:b9:bb:e3:fc:68:7d:2a:0d:52:b2:13:
14:c4:f1:4b:0a:6c:07:f2:d2:ad:a6:79:80:16:50:e4:f7:95:
a6:5f:04:a0:f7:79:9c:79:78:2a:1e:9e:97:48:8b:84:2d:e6:
d5:59:d4:6b:7b:17:52:97:6c:f0:7d:c4:ef:2d:f8:2e:07:86:
1d:77:af:9d:90:5d:04:b0:22:b0:7d:bf:b3:df:68:be:8d:94:
7b:b3:22:f9:ad:1f:52:65:f6:37:df:05:a7:5c:fd:ef:09:cf:
c8:96:4f:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKBAEc3Uk9v7e2yEcatyzIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmY2ZmOThhYWE1YjQ4ZGM2MTU4ZDJmYzY1ZjI1YzUwOTdi
NWUyNmEwHhcNMjQxMDEyMTM1MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWRkZjUwYmM3ZjVjNDgyYjQ3MDE5YWE3Mzc1NzA5NTUzOTdmZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkOwd2j55boe+L7VEBo1lnMUCnQD
k+jL5/w/Ar47b8i5RO9YzpQnktq1AMoNgqPaarYl0WW4FkaTT/RxmXXmyOtI2Wkv
i3FLwfL5c3Uh9VmGyGtr+V0OSr0Jm4KlFMjABYkyfV0z1wYYxWVvFXf1UqFFojI2
+ujczlNdpnAvjSXw/p6XBSdqlchFEb88zcfA7GcPBQRi563HZYpsnyR4Ce/nhlBo
W6N4Ge29clU0EbFwNeDWclHmmjL9Zlg3wyX9jRXR0WThqJblzVIhkBjgWr3a2sQW
5Kg/2Mgn4Q/nEc2dKke766MclJxbVmgB0HklQEOu4a/b1riYkLIXY18zEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGnd9QvH9cSCtHAZqnN1cJVTl/9IMB8GA1UdIwQY
MBaAFD/P+YqqW0jcYVjS/GXyXFCXteJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDhfNWlxcGJTTnhoV05MOFpmSmNVSmUxNG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zYzUwMjYtNTAxMS00Njg5LTgzNjct
N2I0ZTVlMTg0NzM1LzEvYWQzMUM4ZjF4SUswY0JtcWMzVndsVk9YXzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zYzUwMjYtNTAxMS00Njg5LTgzNjctN2I0ZTVlMTg0NzM1
LzEvUDhfNWlxcGJTTnhoV05MOFpmSmNVSmUxNG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBubgeMA0E
AgACMAcDBQEqEKyCMA0GCSqGSIb3DQEBCwUAA4IBAQASUkrjoI1uwe+Couf5v1BR
N1nOdbv44gwNyrmtnELDnKN+ih3aziA4OXPRdSTV13iLc+9hO0rz5pKufUwU7D1z
mceRxp4IpEbkKmWGvUMYldSsIQEsFxn/eojbKwNZ22JEE9j1lfv3JhyJ0lOOitq+
HvTvgHHy/p+dM04lwcwEHT+Eghnj6yEFwwyGCClk7C5a2OfhpbKAubvj/Gh9Kg1S
shMUxPFLCmwH8tKtpnmAFlDk95WmXwSg93mceXgqHp6XSIuELebVWdRrexdSl2zw
fcTvLfguB4Ydd6+dkF0EsCKwfb+z32i+jZR7syL5rR9SZfY33wWnXP3vCc/Ilk/a
-----END CERTIFICATE-----
Generated at Thu Jun 12 10:18:42 2025 by rpki-client