Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/U1QXfN2MXshd8Djc_hdqsmBdFPo.roa
File: U1QXfN2MXshd8Djc_hdqsmBdFPo.roa (raw, json)
Hash identifier: yLuh9QxnBO1XIHCjApfjKWmyK37siChSWEQyScihraU=
Subject key identifier: 53:54:17:7C:DD:8C:5E:C8:5D:F0:38:DC:FE:17:6A:B2:60:5D:14:FA
Certificate issuer: /CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Certificate serial: 019426D95CCC5996C86EC2339A7ED920B00B
Authority key identifier: AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/U1QXfN2MXshd8Djc_hdqsmBdFPo.roa
Signing time: Thu 02 Jan 2025 11:49:26 +0000
ROA not before: Thu 02 Jan 2025 11:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42695
IP address blocks: 185.141.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 20 Mar 2025 13:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:5c:cc:59:96:c8:6e:c2:33:9a:7e:d9:20:b0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Validity
Not Before: Jan 2 11:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5354177cdd8c5ec85df038dcfe176ab2605d14fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f2:a1:29:72:ba:8e:93:0b:a7:57:53:f7:20:
cf:ec:61:55:85:24:00:82:11:cf:b2:4c:b9:62:a5:
ad:d4:ed:81:4f:0e:13:99:50:71:64:84:c5:87:d8:
8e:5c:41:de:f4:a8:bc:73:c5:a1:89:40:23:66:ae:
29:51:5b:ac:07:ca:ba:ef:f8:81:b1:89:4d:cd:b6:
27:cd:5a:be:f3:cc:f0:e6:39:2a:95:3c:44:86:4c:
11:0d:67:3e:c8:cb:13:34:98:da:fd:4a:47:97:6e:
49:f7:b4:ad:5a:7f:3d:12:55:0c:55:cd:1c:8e:5a:
dd:a8:ee:be:ea:b1:b2:ea:d5:97:4f:54:3c:67:6b:
1b:68:c2:dd:20:e2:e5:27:f9:08:70:e8:2f:e3:37:
b7:42:47:bc:18:32:d6:91:93:8c:28:75:8f:4e:bf:
ef:6d:0d:06:7c:06:1d:2e:81:95:d1:47:09:1b:00:
65:b9:58:bb:4d:e9:af:0c:42:1d:87:3c:41:b4:83:
68:51:67:03:ae:76:1d:a8:ec:1e:25:a1:94:49:7f:
0e:be:9c:61:89:42:f6:d5:6e:3f:dd:96:93:5b:bd:
c1:b7:f6:ba:7c:64:e3:4c:e7:ad:fd:7c:f6:e9:5c:
75:0d:2a:a5:67:c2:fd:22:04:bf:21:51:1e:7f:15:
73:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:54:17:7C:DD:8C:5E:C8:5D:F0:38:DC:FE:17:6A:B2:60:5D:14:FA
X509v3 Authority Key Identifier:
keyid:AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/U1QXfN2MXshd8Djc_hdqsmBdFPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.152.0/22
Signature Algorithm: sha256WithRSAEncryption
01:bd:f7:d0:c1:c6:8c:5a:0d:d7:cb:68:e2:94:f2:e5:56:0c:
4e:3b:f0:ef:74:dd:5b:34:c8:78:e9:38:30:a7:7f:ee:03:ed:
a6:a5:41:5b:5a:46:39:ac:ac:0c:0c:b0:9a:dd:0f:38:62:c0:
16:7b:88:b1:51:0b:63:0d:48:c4:b3:b4:f5:9e:bf:e0:0e:f9:
6b:dc:df:dc:2b:18:52:0f:19:67:31:52:c1:72:99:7e:e6:51:
42:c6:63:8c:62:c6:36:3d:00:cf:e7:73:dd:b2:9d:b5:97:9f:
ae:88:dd:70:27:48:de:4b:cb:e6:fb:29:c4:91:10:50:30:c9:
91:b9:20:b1:23:c2:39:65:76:24:c9:f3:55:8e:ec:aa:0d:51:
e8:5a:e5:50:0a:d3:5b:c5:a3:ce:43:80:d8:1d:9f:f9:35:41:
ca:a0:9e:74:59:d8:95:1c:c1:45:df:b8:a2:a9:12:e0:2e:3b:
73:d3:6c:af:73:2f:c6:15:9e:38:8f:ec:ad:a8:17:31:6f:7b:
97:01:8d:ee:23:d6:57:19:02:1f:d1:6e:d4:03:cd:e3:4b:0d:
3e:3f:b4:ba:39:1c:50:66:91:03:16:40:60:cb:55:1e:4d:3a:
1a:ba:32:36:71:b3:f7:43:03:b7:8f:68:13:c6:19:6d:dd:88:
ea:8b:4a:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2VzMWZbIbsIzmn7ZILALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWFhYjEzNDI3YWQ4YzAwNzJhZTA4ZDliYjgwYWJjMTlk
M2Y5ODQwHhcNMjUwMTAyMTE0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzU0MTc3Y2RkOGM1ZWM4NWRmMDM4ZGNmZTE3NmFiMjYwNWQxNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/KhKXK6jpMLp1dT9yDP7GFVhSQA
ghHPsky5YqWt1O2BTw4TmVBxZITFh9iOXEHe9Ki8c8WhiUAjZq4pUVusB8q67/iB
sYlNzbYnzVq+88zw5jkqlTxEhkwRDWc+yMsTNJja/UpHl25J97StWn89ElUMVc0c
jlrdqO6+6rGy6tWXT1Q8Z2sbaMLdIOLlJ/kIcOgv4ze3Qke8GDLWkZOMKHWPTr/v
bQ0GfAYdLoGV0UcJGwBluVi7TemvDEIdhzxBtINoUWcDrnYdqOweJaGUSX8Ovpxh
iUL21W4/3ZaTW73Bt/a6fGTjTOet/Xz26Vx1DSqlZ8L9IgS/IVEefxVzSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNUF3zdjF7IXfA43P4XarJgXRT6MB8GA1UdIwQY
MBaAFKuaqxNCetjAByrgjZu4CrwZ0/mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmIt
MzkyNjAzMTljN2JkLzEvVTFRWGZOMk1Yc2hkOERqY19oZHFzbUJkRlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmItMzkyNjAzMTljN2Jk
LzEvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY2YMA0G
CSqGSIb3DQEBCwUAA4IBAQABvffQwcaMWg3Xy2jilPLlVgxOO/DvdN1bNMh46Tgw
p3/uA+2mpUFbWkY5rKwMDLCa3Q84YsAWe4ixUQtjDUjEs7T1nr/gDvlr3N/cKxhS
DxlnMVLBcpl+5lFCxmOMYsY2PQDP53Pdsp21l5+uiN1wJ0jeS8vm+ynEkRBQMMmR
uSCxI8I5ZXYkyfNVjuyqDVHoWuVQCtNbxaPOQ4DYHZ/5NUHKoJ50WdiVHMFF37ii
qRLgLjtz02yvcy/GFZ44j+ytqBcxb3uXAY3uI9ZXGQIf0W7UA83jSw0+P7S6ORxQ
ZpEDFkBgy1UeTToaujI2cbP3QwO3j2gTxhlt3Yjqi0ox
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:33:43 2025 by rpki-client