Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/uMn4T5h5m11HJ5ixmHUmLg83oP0.roa
File: uMn4T5h5m11HJ5ixmHUmLg83oP0.roa (raw, json)
Hash identifier: 0XhsUR+2TRBfw/v6ov+uFHSv1mg9h+NoC0+bdDojBbI=
Subject key identifier: B8:C9:F8:4F:98:79:9B:5D:47:27:98:B1:98:75:26:2E:0F:37:A0:FD
Certificate issuer: /CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Certificate serial: 018CC5DD0B2BC29C0A2A8658EC11B0CCD905
Authority key identifier: 58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/uMn4T5h5m11HJ5ixmHUmLg83oP0.roa
Signing time: Mon 01 Jan 2024 16:30:47 +0000
ROA not before: Mon 01 Jan 2024 16:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8676
IP address blocks: 31.7.8.0/21 maxlen: 24
217.65.160.0/20 maxlen: 24
185.109.138.0/24 maxlen: 24
185.109.136.0/23 maxlen: 24
2a03:9f00::/32 maxlen: 32
2001:1420::/30 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:0b:2b:c2:9c:0a:2a:86:58:ec:11:b0:cc:d9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Validity
Not Before: Jan 1 16:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8c9f84f98799b5d472798b19875262e0f37a0fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d5:bf:af:66:e0:49:c0:46:ed:91:09:9b:fb:
01:b9:8e:49:64:05:72:83:ca:bf:53:86:aa:5d:ed:
59:9e:80:b1:0d:8e:e4:77:54:ff:ff:d0:8b:a3:ed:
a3:ed:87:1b:19:5f:86:6c:19:a2:2a:69:e2:2e:54:
35:99:21:a0:c3:f1:b3:44:93:6f:f6:d6:88:cd:3b:
30:f2:8e:0f:28:10:ea:f7:9d:9a:95:20:36:43:a9:
de:21:99:c4:7d:18:3a:a3:62:5d:ee:dc:d7:a6:71:
d9:c3:7f:a8:09:5a:f2:28:2c:4c:6c:27:32:4f:a3:
8e:e9:53:db:25:fb:c6:d3:c0:7e:81:2d:a4:30:60:
8b:97:73:5d:00:f0:39:00:9b:d2:f0:ef:c6:85:3c:
13:88:2c:ca:34:07:f0:62:56:45:29:2b:db:20:18:
65:9b:ad:0e:8c:e9:bb:c7:f2:8e:7a:f1:61:8f:c7:
1c:93:70:a3:f7:bb:32:c5:ac:6f:e6:90:c5:8a:a9:
3e:cb:78:a7:9b:c8:82:ff:52:9f:15:a1:f5:d1:a0:
0a:f8:6e:c0:d7:fb:c9:9f:7e:5c:70:a1:2e:f1:06:
b9:21:d0:4a:1d:03:e3:b1:29:1e:ea:ab:ea:dc:13:
22:08:a6:9f:1a:0b:d6:92:4b:16:3a:bd:57:28:6d:
a5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C9:F8:4F:98:79:9B:5D:47:27:98:B1:98:75:26:2E:0F:37:A0:FD
X509v3 Authority Key Identifier:
keyid:58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/uMn4T5h5m11HJ5ixmHUmLg83oP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.8.0/21
185.109.136.0-185.109.138.255
217.65.160.0/20
IPv6:
2001:1420::/30
2a03:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
82:4e:15:75:ba:78:e8:57:2e:5a:8e:60:eb:5f:39:9e:36:b2:
2f:7e:04:ba:9a:9f:58:74:ff:f9:64:db:e6:b2:86:c2:f5:08:
2e:24:19:db:54:cb:26:a6:36:31:50:f7:03:a2:56:ff:ef:d5:
2a:f3:56:90:dc:7b:5f:e5:82:04:6d:f3:74:cf:e6:6e:ea:b2:
45:0d:a5:c2:5d:44:59:b2:6c:8a:b7:39:1a:84:98:ff:f7:86:
b9:5f:64:27:c9:71:be:b8:20:61:5c:92:0a:cc:53:a8:83:b3:
33:03:11:f9:1e:0d:48:e4:a8:2e:e5:ae:a8:2c:98:99:b4:06:
64:e6:44:7f:d2:91:0f:cc:19:f4:0a:e7:ff:31:af:01:d4:12:
83:30:7f:8e:29:79:73:69:62:2f:d7:3e:da:d2:b0:24:48:47:
d1:54:43:4e:a5:14:1b:c4:47:b6:eb:4a:d2:05:70:d3:5c:29:
d3:cc:19:db:e7:5c:3d:7a:ec:fb:19:b6:8c:c2:4f:a4:81:51:
3f:25:53:ac:ac:1c:cd:4f:85:04:0b:b2:85:bd:b5:81:00:ae:
3b:ff:ac:82:be:03:1e:d8:0b:65:e5:63:d7:73:e5:76:8b:83:
02:a3:c4:96:9d:89:e1:47:1e:be:6c:d6:68:f0:dc:23:07:2f:
74:42:c2:cc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzF3QsrwpwKKoZY7BGwzNkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmI4ZWUzYTc0N2VkOGI1Nzg2NTdjZGQ0NzM3NTg2ZjVm
ZGI5MzEwHhcNMjQwMTAxMTYzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM5Zjg0Zjk4Nzk5YjVkNDcyNzk4YjE5ODc1MjYyZTBmMzdhMGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudW/r2bgScBG7ZEJm/sBuY5JZAVy
g8q/U4aqXe1ZnoCxDY7kd1T//9CLo+2j7YcbGV+GbBmiKmniLlQ1mSGgw/GzRJNv
9taIzTsw8o4PKBDq952alSA2Q6neIZnEfRg6o2Jd7tzXpnHZw3+oCVryKCxMbCcy
T6OO6VPbJfvG08B+gS2kMGCLl3NdAPA5AJvS8O/GhTwTiCzKNAfwYlZFKSvbIBhl
m60OjOm7x/KOevFhj8cck3Cj97syxaxv5pDFiqk+y3inm8iC/1KfFaH10aAK+G7A
1/vJn35ccKEu8Qa5IdBKHQPjsSke6qvq3BMiCKafGgvWkksWOr1XKG2l1wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLjJ+E+YeZtdRyeYsZh1Ji4PN6D9MB8GA1UdIwQY
MBaAFFi7juOnR+2LV4ZXzdRzdYb1/bkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDkt
YTgzZjkxNDAzNWIzLzEvdU1uNFQ1aDVtMTFISjVpeG1IVW1MZzgzb1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDktYTgzZjkxNDAzNWIz
LzEvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAgBAIAATAaAwQDHwcIMAwD
BAO5bYgDBAC5bYoDBATZQaAwFAQCAAIwDgMFAiABFCADBQAqA58AMA0GCSqGSIb3
DQEBCwUAA4IBAQCCThV1unjoVy5ajmDrXzmeNrIvfgS6mp9YdP/5ZNvmsobC9Qgu
JBnbVMsmpjYxUPcDolb/79Uq81aQ3Htf5YIEbfN0z+Zu6rJFDaXCXURZsmyKtzka
hJj/94a5X2QnyXG+uCBhXJIKzFOog7MzAxH5Hg1I5Kgu5a6oLJiZtAZk5kR/0pEP
zBn0Cuf/Ma8B1BKDMH+OKXlzaWIv1z7a0rAkSEfRVENOpRQbxEe260rSBXDTXCnT
zBnb51w9euz7GbaMwk+kgVE/JVOsrBzNT4UEC7KFvbWBAK47/6yCvgMe2Atl5WPX
c+V2i4MCo8SWnYnhRx6+bNZo8NwjBy90QsLM
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:26 2025 by rpki-client