Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/15541d-a7ba-4710-a5cf-965cc208ee40/1/uyse6MvFYgV1zZjG-mKiMp_Fo-M.roa
File: uyse6MvFYgV1zZjG-mKiMp_Fo-M.roa (raw, json)
Hash identifier: IdL4goafPVI3dJsFguCdwk1Q4IwjQlFtmfSCLcn4Cts=
Subject key identifier: BB:2B:1E:E8:CB:C5:62:05:75:CD:98:C6:FA:62:A2:32:9F:C5:A3:E3
Certificate issuer: /CN=46d6ebea6e6ea9e6006a81344d1163fbec4fa848
Certificate serial: 01939C154F1038D6F148327005CE7D771BAD
Authority key identifier: 46:D6:EB:EA:6E:6E:A9:E6:00:6A:81:34:4D:11:63:FB:EC:4F:A8:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rtbr6m5uqeYAaoE0TRFj--xPqEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/15541d-a7ba-4710-a5cf-965cc208ee40/1/uyse6MvFYgV1zZjG-mKiMp_Fo-M.roa
Signing time: Fri 06 Dec 2024 13:07:42 +0000
ROA not before: Fri 06 Dec 2024 13:07:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214905
IP address blocks: 185.222.40.0/24 maxlen: 24
213.254.176.0/23 maxlen: 23
2a14:4ac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9c:15:4f:10:38:d6:f1:48:32:70:05:ce:7d:77:1b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d6ebea6e6ea9e6006a81344d1163fbec4fa848
Validity
Not Before: Dec 6 13:07:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb2b1ee8cbc5620575cd98c6fa62a2329fc5a3e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:59:ba:4c:ed:7a:5f:a6:ef:6f:46:7e:39:20:
4f:af:35:3f:19:1c:89:59:e9:d6:a9:33:1f:bf:b1:
c3:6b:e7:1f:83:b7:ff:0f:04:5d:ce:1c:a4:8a:92:
8e:17:14:d8:0a:77:e5:7c:34:16:b9:db:00:dd:de:
5a:4a:81:59:d7:8c:cf:43:aa:05:94:b3:bf:83:34:
7b:90:6b:87:ff:f4:30:e7:71:e4:a6:f5:71:41:c5:
bc:49:29:98:8b:97:e1:60:e2:8d:6f:de:aa:7b:be:
c4:cd:aa:d7:27:78:77:17:7f:55:eb:43:7f:fc:ce:
af:a4:1f:aa:a8:f9:3d:70:b8:24:82:95:be:82:b9:
df:9a:c8:95:66:88:aa:c6:6d:57:b4:ab:d7:47:22:
d0:ec:c9:36:de:3b:7f:4d:e2:c8:51:5b:90:d2:56:
14:e8:42:b8:73:4e:03:97:53:d5:d2:b6:71:2b:32:
d0:dd:4c:3e:d0:e6:eb:7c:97:13:4d:59:16:a2:8b:
a6:7c:31:f9:63:a0:82:32:90:7d:51:a9:c3:ef:74:
d2:82:df:c2:5a:8b:41:10:76:d9:3e:ff:d6:20:d4:
39:bd:81:56:38:c2:75:c9:29:b0:68:db:55:20:3e:
f6:6c:18:2a:fb:8b:4c:f7:cc:f8:1d:72:80:17:58:
cb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2B:1E:E8:CB:C5:62:05:75:CD:98:C6:FA:62:A2:32:9F:C5:A3:E3
X509v3 Authority Key Identifier:
keyid:46:D6:EB:EA:6E:6E:A9:E6:00:6A:81:34:4D:11:63:FB:EC:4F:A8:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rtbr6m5uqeYAaoE0TRFj--xPqEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/15541d-a7ba-4710-a5cf-965cc208ee40/1/uyse6MvFYgV1zZjG-mKiMp_Fo-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/15541d-a7ba-4710-a5cf-965cc208ee40/1/Rtbr6m5uqeYAaoE0TRFj--xPqEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.40.0/24
213.254.176.0/23
IPv6:
2a14:4ac0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:70:59:14:44:a4:e0:55:d5:9b:19:24:18:8b:ed:4a:a2:62:
e7:9d:92:5f:bc:d6:33:2d:03:03:9d:ad:02:5b:66:43:a3:09:
37:88:d5:9c:59:39:f8:a1:68:da:c9:48:b5:74:46:cc:c3:1e:
ab:0c:86:86:c4:34:70:6a:a4:64:ba:99:b1:45:18:37:a2:68:
f5:a4:6f:4c:77:fa:de:bf:58:68:ac:d1:87:ff:e3:f1:ea:76:
1f:78:9a:9f:8e:63:2a:d1:5c:d5:d3:05:5a:73:ad:ae:11:1c:
41:de:86:6f:09:12:eb:33:86:b6:97:62:06:9f:3a:49:b2:fb:
ef:2b:16:2a:22:25:cb:ed:dc:b8:f1:46:ec:c8:0f:91:65:94:
27:e5:0f:b2:b1:73:2a:c2:18:74:43:ca:8e:a6:8c:6c:01:28:
fa:1a:9b:f6:7c:78:80:eb:a5:8b:8d:b5:25:c3:66:b6:d9:fb:
2e:77:dc:4b:16:e9:c6:e7:47:8d:ce:3e:f5:86:df:e1:75:a6:
f9:48:76:c9:5f:d4:a2:0f:b2:ca:ff:2a:fa:e1:f4:53:6f:02:
18:60:7c:1e:25:3f:2d:b3:8f:28:53:1c:11:46:1d:0e:96:cf:
7c:34:2e:89:5f:f2:99:98:f6:f2:3d:ba:5b:9c:62:c3:2e:3c:
c7:c4:e2:37
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZOcFU8QONbxSDJwBc59dxutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDZlYmVhNmU2ZWE5ZTYwMDZhODEzNDRkMTE2M2ZiZWM0
ZmE4NDgwHhcNMjQxMjA2MTMwNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJiMWVlOGNiYzU2MjA1NzVjZDk4YzZmYTYyYTIzMjlmYzVhM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlm6TO16X6bvb0Z+OSBPrzU/GRyJ
WenWqTMfv7HDa+cfg7f/DwRdzhykipKOFxTYCnflfDQWudsA3d5aSoFZ14zPQ6oF
lLO/gzR7kGuH//Qw53HkpvVxQcW8SSmYi5fhYOKNb96qe77EzarXJ3h3F39V60N/
/M6vpB+qqPk9cLgkgpW+grnfmsiVZoiqxm1XtKvXRyLQ7Mk23jt/TeLIUVuQ0lYU
6EK4c04Dl1PV0rZxKzLQ3Uw+0ObrfJcTTVkWooumfDH5Y6CCMpB9UanD73TSgt/C
WotBEHbZPv/WINQ5vYFWOMJ1ySmwaNtVID72bBgq+4tM98z4HXKAF1jL5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLsrHujLxWIFdc2YxvpiojKfxaPjMB8GA1UdIwQY
MBaAFEbW6+pubqnmAGqBNE0RY/vsT6hIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRicjZtNXVxZVlBYW9FMFRSRmotLXhQcUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xNTU0MWQtYTdiYS00NzEwLWE1Y2Yt
OTY1Y2MyMDhlZTQwLzEvdXlzZTZNdkZZZ1YxelpqRy1tS2lNcF9Gby1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xNTU0MWQtYTdiYS00NzEwLWE1Y2YtOTY1Y2MyMDhlZTQw
LzEvUnRicjZtNXVxZVlBYW9FMFRSRmotLXhQcUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAud4oAwQB
1f6wMA0EAgACMAcDBQMqFErAMA0GCSqGSIb3DQEBCwUAA4IBAQAKcFkURKTgVdWb
GSQYi+1KomLnnZJfvNYzLQMDna0CW2ZDowk3iNWcWTn4oWjayUi1dEbMwx6rDIaG
xDRwaqRkupmxRRg3omj1pG9Md/rev1horNGH/+Px6nYfeJqfjmMq0VzV0wVac62u
ERxB3oZvCRLrM4a2l2IGnzpJsvvvKxYqIiXL7dy48UbsyA+RZZQn5Q+ysXMqwhh0
Q8qOpoxsASj6Gpv2fHiA66WLjbUlw2a22fsud9xLFunG50eNzj71ht/hdab5SHbJ
X9SiD7LK/yr64fRTbwIYYHweJT8ts48oUxwRRh0Ols98NC6JX/KZmPbyPbpbnGLD
LjzHxOI3
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:29:31 2025 by rpki-client