Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/uCwFLaxGBi7LYLJzKI_GBkQHz9A.roa
File: uCwFLaxGBi7LYLJzKI_GBkQHz9A.roa (raw, json)
Hash identifier: lR9G6COeF5XqDubXQE+txKzW0bf9fynE/IQVhWWuzMo=
Subject key identifier: B8:2C:05:2D:AC:46:06:2E:CB:60:B2:73:28:8F:C6:06:44:07:CF:D0
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 019420681165E28C0EE74446FF4F22A2F0F5
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/uCwFLaxGBi7LYLJzKI_GBkQHz9A.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48551
IP address blocks: 185.221.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 17:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:11:65:e2:8c:0e:e7:44:46:ff:4f:22:a2:f0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b82c052dac46062ecb60b273288fc6064407cfd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b9:f9:90:95:10:de:78:66:86:c9:be:9f:2d:
00:a4:87:28:45:12:f0:ca:88:13:43:5f:37:1f:ae:
e7:44:10:a9:e6:be:34:80:67:b2:58:d3:59:64:1b:
a3:fe:a4:9e:2d:dc:62:fb:b9:1a:4c:71:84:49:02:
19:74:cc:0e:83:e0:89:22:d8:c6:6c:71:30:58:5a:
11:48:46:3d:b5:bb:82:5b:17:f7:9d:9f:ca:73:7b:
d7:13:0f:f7:5d:d5:53:68:af:d6:fb:71:64:5c:6a:
c3:1b:58:73:4a:3b:de:40:3f:88:41:2f:a7:fa:26:
ac:72:3f:2a:28:72:0a:33:a2:ae:52:3e:49:12:bc:
12:f5:bb:37:1a:1b:7b:27:6e:5a:d1:2a:be:ff:e2:
39:6c:f4:0c:d6:03:88:42:be:38:44:4b:dd:cf:8b:
58:a5:62:ef:a2:fe:e0:51:97:0a:4a:da:f6:96:bc:
a9:d3:65:d9:9d:da:f0:72:85:32:c0:9e:77:92:b3:
6c:a9:d3:dd:99:f9:6d:b0:4f:0f:fc:0a:4a:2a:d6:
21:2f:0f:e3:f5:80:1f:6c:24:de:2c:ad:1d:49:d2:
0b:8d:fc:8f:6c:a9:ed:ad:41:09:92:9c:ac:f9:a0:
18:5b:f1:80:5a:73:00:ba:2b:80:e8:12:c6:23:06:
5e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2C:05:2D:AC:46:06:2E:CB:60:B2:73:28:8F:C6:06:44:07:CF:D0
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/uCwFLaxGBi7LYLJzKI_GBkQHz9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.239.0/24
Signature Algorithm: sha256WithRSAEncryption
15:74:d6:a0:32:9a:ef:48:0f:1b:57:2f:6b:32:00:1c:75:5a:
2e:7c:ab:7a:8f:34:38:86:d7:62:10:e0:e6:8d:c2:84:ab:f5:
98:58:2f:d1:09:d1:52:e9:c0:50:65:61:e5:c1:16:83:c6:e3:
21:80:2c:b1:65:7a:b5:34:43:bb:84:13:00:77:2f:ce:cb:12:
f4:95:cd:fd:3e:71:10:ff:0d:f1:42:7d:5e:7d:5b:36:f7:12:
6e:43:b3:ea:c0:6c:23:9b:40:a7:d4:57:54:f6:c9:2f:df:c0:
1e:0b:17:e8:13:64:69:33:e0:ec:e9:1c:5f:e0:6e:30:d2:a4:
c2:6a:6a:cf:30:9d:da:5a:3a:97:c8:cc:0c:1b:80:66:3f:5d:
fb:f0:4d:cd:49:76:6a:82:17:b5:2b:9e:99:fc:7f:1a:a8:bf:
33:bd:f7:12:b5:4d:e8:0d:49:59:10:91:84:f2:74:2f:bf:c3:
4c:2a:d2:8f:11:12:46:31:7a:c1:07:0a:5f:ae:30:21:fb:57:
b2:53:82:3b:1f:6c:8b:fe:23:a4:ed:d4:89:1b:e5:56:80:bb:
7a:07:86:28:f5:a6:68:8f:2e:e1:98:dc:8a:f9:66:91:40:9f:
04:4d:9d:ac:41:cb:dd:db:a2:64:0f:22:4f:50:a3:04:65:87:
86:41:d8:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBFl4owO50RG/08iovD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODJjMDUyZGFjNDYwNjJlY2I2MGIyNzMyODhmYzYwNjQ0MDdjZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrn5kJUQ3nhmhsm+ny0ApIcoRRLw
yogTQ183H67nRBCp5r40gGeyWNNZZBuj/qSeLdxi+7kaTHGESQIZdMwOg+CJItjG
bHEwWFoRSEY9tbuCWxf3nZ/Kc3vXEw/3XdVTaK/W+3FkXGrDG1hzSjveQD+IQS+n
+iascj8qKHIKM6KuUj5JErwS9bs3Ght7J25a0Sq+/+I5bPQM1gOIQr44REvdz4tY
pWLvov7gUZcKStr2lryp02XZndrwcoUywJ53krNsqdPdmfltsE8P/ApKKtYhLw/j
9YAfbCTeLK0dSdILjfyPbKntrUEJkpys+aAYW/GAWnMAuiuA6BLGIwZe3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgsBS2sRgYuy2CycyiPxgZEB8/QMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvdUN3RkxheEdCaTdMWUxKektJX0dCa1FIejlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud3vMA0G
CSqGSIb3DQEBCwUAA4IBAQAVdNagMprvSA8bVy9rMgAcdVoufKt6jzQ4htdiEODm
jcKEq/WYWC/RCdFS6cBQZWHlwRaDxuMhgCyxZXq1NEO7hBMAdy/OyxL0lc39PnEQ
/w3xQn1efVs29xJuQ7PqwGwjm0Cn1FdU9skv38AeCxfoE2RpM+Ds6Rxf4G4w0qTC
amrPMJ3aWjqXyMwMG4BmP1378E3NSXZqghe1K56Z/H8aqL8zvfcStU3oDUlZEJGE
8nQvv8NMKtKPERJGMXrBBwpfrjAh+1eyU4I7H2yL/iOk7dSJG+VWgLt6B4Yo9aZo
jy7hmNyK+WaRQJ8ETZ2sQcvd26JkDyJPUKMEZYeGQdhL
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:20:46 2025 by rpki-client