Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/ufaSQRcZ0Vbu3HDulu-b566RWwo.roa
File: ufaSQRcZ0Vbu3HDulu-b566RWwo.roa (raw, json)
Hash identifier: x+Upfscs7ZWhIqwhPsjOkbbNxXTepCMyMMHlEaFwOMo=
Subject key identifier: B9:F6:92:41:17:19:D1:56:EE:DC:70:EE:96:EF:9B:E7:AE:91:5B:0A
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0193DE60C4737FCF8ADA5C7E1A6470796AED
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/ufaSQRcZ0Vbu3HDulu-b566RWwo.roa
Signing time: Thu 19 Dec 2024 10:05:03 +0000
ROA not before: Thu 19 Dec 2024 10:05:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.160.228.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:de:60:c4:73:7f:cf:8a:da:5c:7e:1a:64:70:79:6a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Dec 19 10:05:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9f692411719d156eedc70ee96ef9be7ae915b0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:06:1a:2f:82:55:2e:03:c2:81:07:b8:43:02:
7f:3c:8e:53:f7:07:90:f8:66:31:d4:c6:97:a6:cf:
7f:29:88:24:39:38:fc:34:ce:73:c3:e9:34:c2:32:
03:b2:6f:8f:21:e4:72:ee:26:5b:70:ab:95:a8:20:
d1:ab:fd:c4:6e:84:15:18:50:3e:82:fc:89:34:76:
30:30:ef:28:ef:92:4c:26:ac:31:fb:2c:e7:5c:a9:
e9:1c:ee:79:a1:e8:3c:ed:08:c8:66:a2:b7:83:c3:
7e:98:62:90:88:cb:7d:de:c7:19:be:a5:37:03:10:
9b:2b:c7:c9:fa:9a:63:40:d5:3e:b4:21:3c:74:af:
d7:f5:02:6b:fd:9d:b6:c5:0a:be:d6:fe:64:da:6f:
ac:ea:e0:f1:4b:14:db:9f:79:67:78:bc:14:9d:d6:
67:23:1a:57:3e:bb:e8:07:16:17:c1:56:74:ed:8d:
47:e7:9f:2b:b6:32:4b:5f:de:12:f1:a7:f3:26:7d:
1d:c0:b9:a6:ae:0b:df:06:db:56:11:ea:74:a8:f3:
87:5c:80:9b:88:f3:05:5f:d6:48:b4:27:12:25:d7:
32:97:d9:ab:6c:61:a8:2a:2d:9f:cb:ad:6b:33:e3:
2b:fa:f5:51:ea:ee:3a:c0:2a:ef:e0:16:32:1b:13:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F6:92:41:17:19:D1:56:EE:DC:70:EE:96:EF:9B:E7:AE:91:5B:0A
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/ufaSQRcZ0Vbu3HDulu-b566RWwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/23
185.160.231.0/24
Signature Algorithm: sha256WithRSAEncryption
56:7d:34:e9:44:1a:b2:b8:6e:a1:24:1c:6c:ae:d7:46:76:8a:
d3:ee:18:44:cc:18:d8:ce:b6:76:c3:ae:a1:83:73:70:27:28:
f9:af:0f:66:52:29:c1:7e:1a:31:63:c7:92:7a:27:e0:0b:04:
22:02:77:9f:1c:7d:41:97:41:61:b6:de:ed:9f:07:10:83:1f:
0a:02:00:29:5a:32:9f:3f:27:76:aa:96:ee:41:b4:dc:ef:73:
08:a3:46:98:43:31:e6:f4:fb:83:9b:10:f7:8a:1e:97:94:2f:
27:b2:44:10:32:ba:36:57:fb:0d:ff:c7:90:65:dd:62:42:31:
93:cd:ec:cc:52:4b:ad:3e:7d:67:8d:09:b7:f0:7b:05:7e:d6:
08:7b:e8:d0:21:c9:ac:67:57:09:c5:23:0e:44:70:c6:41:5a:
5c:c6:0b:8c:23:e1:af:d8:b9:08:9f:0f:39:02:c7:6a:98:a1:
36:12:b5:f1:a8:21:12:ca:9e:1d:97:e2:40:d1:07:18:d6:14:
36:fe:d8:b3:19:ce:50:51:77:15:de:07:6a:de:5b:d0:4c:3d:
c1:2c:56:8b:32:5f:e9:cc:d1:ac:8a:04:02:76:8f:96:8d:1f:
a6:27:37:26:ef:68:42:d0:e8:1b:d5:bd:d3:30:bf:8f:f2:eb:
96:f9:14:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPeYMRzf8+K2lx+GmRweWrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQxMjE5MTAwNTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWY2OTI0MTE3MTlkMTU2ZWVkYzcwZWU5NmVmOWJlN2FlOTE1YjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QYaL4JVLgPCgQe4QwJ/PI5T9weQ
+GYx1MaXps9/KYgkOTj8NM5zw+k0wjIDsm+PIeRy7iZbcKuVqCDRq/3EboQVGFA+
gvyJNHYwMO8o75JMJqwx+yznXKnpHO55oeg87QjIZqK3g8N+mGKQiMt93scZvqU3
AxCbK8fJ+ppjQNU+tCE8dK/X9QJr/Z22xQq+1v5k2m+s6uDxSxTbn3lneLwUndZn
IxpXPrvoBxYXwVZ07Y1H558rtjJLX94S8afzJn0dwLmmrgvfBttWEep0qPOHXICb
iPMFX9ZItCcSJdcyl9mrbGGoKi2fy61rM+Mr+vVR6u46wCrv4BYyGxOjCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLn2kkEXGdFW7txw7pbvm+eukVsKMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvdWZhU1FSY1owVmJ1M0hEdWx1LWI1NjZSV3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaDkAwQA
uaDnMA0GCSqGSIb3DQEBCwUAA4IBAQBWfTTpRBqyuG6hJBxsrtdGdorT7hhEzBjY
zrZ2w66hg3NwJyj5rw9mUinBfhoxY8eSeifgCwQiAnefHH1Bl0Fhtt7tnwcQgx8K
AgApWjKfPyd2qpbuQbTc73MIo0aYQzHm9PuDmxD3ih6XlC8nskQQMro2V/sN/8eQ
Zd1iQjGTzezMUkutPn1njQm38HsFftYIe+jQIcmsZ1cJxSMORHDGQVpcxguMI+Gv
2LkInw85AsdqmKE2ErXxqCESyp4dl+JA0QcY1hQ2/tizGc5QUXcV3gdq3lvQTD3B
LFaLMl/pzNGsigQCdo+WjR+mJzcm72hC0Ogb1b3TML+P8uuW+RQX
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:41:33 2025 by rpki-client