Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/UC16B2ukvA6nDRBJ_N1fVBWj4RM.roa
File: UC16B2ukvA6nDRBJ_N1fVBWj4RM.roa (raw, json)
Hash identifier: U9g3p7hmJzu3C59jk3qYLUXSSVHjY0bXQPC1IxJAYTs=
Subject key identifier: 50:2D:7A:07:6B:A4:BC:0E:A7:0D:10:49:FC:DD:5F:54:15:A3:E1:13
Certificate issuer: /CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Certificate serial: 019242A121B6459770696875D03903295309
Authority key identifier: 32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/UC16B2ukvA6nDRBJ_N1fVBWj4RM.roa
Signing time: Mon 30 Sep 2024 11:11:49 +0000
ROA not before: Mon 30 Sep 2024 11:11:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212538
IP address blocks: 185.34.128.0/24 maxlen: 24
185.34.129.0/24 maxlen: 24
185.180.28.0/24 maxlen: 24
185.180.29.0/24 maxlen: 24
185.180.30.0/24 maxlen: 24
185.180.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 15:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:a1:21:b6:45:97:70:69:68:75:d0:39:03:29:53:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Validity
Not Before: Sep 30 11:11:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=502d7a076ba4bc0ea70d1049fcdd5f5415a3e113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4b:90:ed:0d:9f:5d:3e:66:c7:3f:e2:0d:33:
3c:24:bd:1b:69:87:c9:e3:26:0e:c8:d1:05:8a:ff:
ae:ee:dd:51:40:cd:77:31:31:0e:da:3c:02:9e:f1:
00:2e:53:d8:4b:4e:55:7a:0c:11:97:dc:c4:8c:3d:
ed:99:a7:c8:c3:ce:6c:f2:60:a8:2b:ab:5c:90:b2:
a6:00:b6:05:e3:79:96:ac:c3:29:de:d2:45:88:9d:
09:8e:3d:48:91:5d:64:4d:7d:84:e8:27:f5:c5:71:
6a:f9:28:2d:72:5b:f3:2b:1b:a8:ba:03:e8:06:56:
5a:78:ee:6e:e7:b7:c8:f7:b9:79:ec:6b:20:69:83:
b8:bd:93:37:f8:12:a7:84:9a:49:6c:d9:3a:4f:b4:
79:40:26:8d:d6:9f:76:62:7f:d0:58:9e:28:eb:81:
c1:37:38:64:db:a8:6b:ec:12:5a:32:e0:72:a1:74:
db:73:1d:3c:5c:9a:15:e7:fa:66:18:f7:c6:62:70:
b1:8c:29:22:b6:b2:25:8a:99:e7:5f:5d:ed:81:de:
9c:40:e0:b9:5b:6f:a8:d7:dd:16:82:73:a1:32:79:
96:d0:05:8d:be:ff:e2:e1:7d:89:e4:0c:c9:77:ab:
0e:a3:cb:a3:c9:51:12:50:99:49:8e:67:ce:6e:6a:
fd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:2D:7A:07:6B:A4:BC:0E:A7:0D:10:49:FC:DD:5F:54:15:A3:E1:13
X509v3 Authority Key Identifier:
keyid:32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/UC16B2ukvA6nDRBJ_N1fVBWj4RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.128.0/23
185.180.28.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:fc:04:be:c2:cc:3a:6f:47:bf:6a:72:8e:5f:09:a7:b1:19:
48:82:e2:b4:fd:e3:ac:17:6c:5d:36:da:59:83:5f:76:df:d0:
61:eb:7d:c1:a4:0e:ed:69:71:16:2f:6d:da:2b:79:d2:e4:8d:
52:ef:cc:79:9c:db:8e:68:66:81:59:e1:6d:d6:0c:32:44:db:
a4:bb:ea:0f:0a:d3:b0:3b:5f:a3:d3:a7:8f:b4:c3:91:e8:bf:
28:2a:76:5b:65:0f:1a:e0:d5:8e:75:44:22:b7:6f:29:1d:71:
92:fc:85:fa:d5:f6:f6:0a:1e:5c:1d:02:96:0f:d8:1c:28:a9:
3f:18:cd:10:d2:14:57:e2:76:ae:59:30:c7:0e:84:74:cd:3f:
a3:e9:06:2a:23:87:62:78:db:0c:7e:5d:8c:a3:98:88:e5:26:
76:e5:ed:1e:fb:c2:2f:74:fd:69:e5:3d:c4:ef:ce:d1:36:36:
88:ef:ac:7c:a4:e9:d6:3d:e4:e2:81:b7:09:0f:98:6d:b3:0e:
9d:2f:8c:8c:d5:d9:98:df:89:b4:28:55:0e:b2:0a:c6:a7:05:
bf:73:e1:0a:b9:cb:84:76:8c:23:e0:88:ec:5c:6c:cd:6d:9d:
17:cd:2b:b8:05:4a:71:f5:73:93:9a:ee:16:b3:1b:6c:5e:58:
4f:01:c5:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJCoSG2RZdwaWh10DkDKVMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWQ2NzAwMmRjNzMwN2U4NTYzYjZlNDkzNGNjZDU3MjNh
NDRmM2UwHhcNMjQwOTMwMTExMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDJkN2EwNzZiYTRiYzBlYTcwZDEwNDlmY2RkNWY1NDE1YTNlMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEuQ7Q2fXT5mxz/iDTM8JL0baYfJ
4yYOyNEFiv+u7t1RQM13MTEO2jwCnvEALlPYS05VegwRl9zEjD3tmafIw85s8mCo
K6tckLKmALYF43mWrMMp3tJFiJ0Jjj1IkV1kTX2E6Cf1xXFq+SgtclvzKxuougPo
BlZaeO5u57fI97l57GsgaYO4vZM3+BKnhJpJbNk6T7R5QCaN1p92Yn/QWJ4o64HB
Nzhk26hr7BJaMuByoXTbcx08XJoV5/pmGPfGYnCxjCkitrIlipnnX13tgd6cQOC5
W2+o190WgnOhMnmW0AWNvv/i4X2J5AzJd6sOo8ujyVESUJlJjmfObmr9EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFAtegdrpLwOpw0QSfzdX1QVo+ETMB8GA1UdIwQY
MBaAFDLtZwAtxzB+hWO25JNMzVcjpE8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMt
ZjFlOWJjNDFkOTJmLzEvVUMxNkIydWt2QTZuRFJCSl9OMWZWQldqNFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMtZjFlOWJjNDFkOTJm
LzEvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuSKAAwQC
ubQcMA0GCSqGSIb3DQEBCwUAA4IBAQCP/AS+wsw6b0e/anKOXwmnsRlIguK0/eOs
F2xdNtpZg19239Bh633BpA7taXEWL23aK3nS5I1S78x5nNuOaGaBWeFt1gwyRNuk
u+oPCtOwO1+j06ePtMOR6L8oKnZbZQ8a4NWOdUQit28pHXGS/IX61fb2Ch5cHQKW
D9gcKKk/GM0Q0hRX4nauWTDHDoR0zT+j6QYqI4dieNsMfl2Mo5iI5SZ25e0e+8Iv
dP1p5T3E787RNjaI76x8pOnWPeTigbcJD5htsw6dL4yM1dmY34m0KFUOsgrGpwW/
c+EKucuEdowj4IjsXGzNbZ0XzSu4BUpx9XOTmu4WsxtsXlhPAcU1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:14 2025 by rpki-client