Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/uRL4GAuGf8NwNlwJ0toNZs9UEgQ.roa
File: uRL4GAuGf8NwNlwJ0toNZs9UEgQ.roa (raw, json)
Hash identifier: FeNZ51GFh3iLAz4k+GGdeF9JNkQcMOaV880h5OiefZA=
Subject key identifier: B9:12:F8:18:0B:86:7F:C3:70:36:5C:09:D2:DA:0D:66:CF:54:12:04
Certificate issuer: /CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Certificate serial: 01958A2F99FCEF1F552E90DF80B260733854
Authority key identifier: 59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/uRL4GAuGf8NwNlwJ0toNZs9UEgQ.roa
Signing time: Wed 12 Mar 2025 11:48:50 +0000
ROA not before: Wed 12 Mar 2025 11:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9186
IP address blocks: 185.31.156.0/22 maxlen: 22
185.31.156.0/24 maxlen: 24
185.31.157.0/24 maxlen: 24
185.31.158.0/24 maxlen: 24
185.204.111.0/24 maxlen: 24
185.248.35.0/24 maxlen: 24
194.39.124.0/22 maxlen: 22
194.39.125.0/24 maxlen: 24
194.39.127.0/24 maxlen: 24
2a00:bc20::/32 maxlen: 32
2a05:df40::/29 maxlen: 29
2a10:7b40::/29 maxlen: 29
2a10:a4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 25 Mar 2025 11:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:2f:99:fc:ef:1f:55:2e:90:df:80:b2:60:73:38:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59e4d6fab77ac779f49bf6fc8ab81e23ad467576
Validity
Not Before: Mar 12 11:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b912f8180b867fc370365c09d2da0d66cf541204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:45:b3:5b:19:aa:30:10:8b:59:04:8d:86:1e:
1b:e8:fe:b4:58:ba:a4:e1:c9:ba:b3:52:61:73:41:
bd:20:dd:e7:9c:95:51:28:c5:df:79:9e:e2:99:ce:
ae:c9:de:96:e8:ed:7a:c4:c4:1a:5a:ce:04:fe:94:
78:a9:31:ff:7c:f5:6c:e5:a4:6e:4c:56:a0:84:99:
d2:01:6d:28:26:9f:6f:04:c5:97:b2:e1:ca:4b:2c:
c5:dd:df:25:19:92:0c:77:dd:a7:64:e0:14:95:bb:
d8:ab:73:6b:7c:62:8e:8f:5c:c5:65:a9:8a:78:90:
d6:13:18:63:69:37:3c:cb:e5:36:42:7c:1d:d8:bc:
ac:a2:82:52:91:ed:1a:7d:31:c9:76:64:02:3a:d3:
21:82:6c:8f:49:ee:49:8d:7f:b3:20:20:0d:ff:89:
04:0f:8f:8c:30:27:a6:c0:19:5d:19:be:8b:86:13:
98:a6:c5:eb:13:fe:fb:b8:3f:35:b0:61:44:7b:2e:
33:ac:1f:a9:09:3e:ac:b2:ae:ff:12:95:f1:bd:78:
79:c3:03:1b:d6:35:ab:4e:c8:37:f7:23:86:31:55:
d1:fa:83:b0:1f:0b:c6:22:c7:b0:b7:71:e8:69:d5:
e2:a4:8e:2b:01:60:d8:73:5c:c5:21:8e:7f:de:e8:
d7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:12:F8:18:0B:86:7F:C3:70:36:5C:09:D2:DA:0D:66:CF:54:12:04
X509v3 Authority Key Identifier:
keyid:59:E4:D6:FA:B7:7A:C7:79:F4:9B:F6:FC:8A:B8:1E:23:AD:46:75:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WeTW-rd6x3n0m_b8irgeI61GdXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/uRL4GAuGf8NwNlwJ0toNZs9UEgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/674225-ac77-47a0-acd1-293fca2d51ea/1/WeTW-rd6x3n0m_b8irgeI61GdXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.156.0/22
185.204.111.0/24
185.248.35.0/24
194.39.124.0/22
IPv6:
2a00:bc20::/32
2a05:df40::/29
2a10:7b40::/29
2a10:a4c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:89:83:e5:68:5b:94:0a:9a:fd:1e:b8:31:b7:67:5f:b4:99:
46:87:4b:84:c5:0b:02:27:4e:6e:83:9a:64:c1:08:a5:27:3d:
f4:f2:23:3d:d9:79:6a:c4:95:96:d9:d0:dd:65:a6:11:0e:90:
92:90:1b:4f:4b:7b:3f:7a:d2:b8:9f:6e:44:40:7a:a2:be:68:
b8:5b:3b:d0:c9:50:e8:eb:92:3f:89:f8:79:a4:b0:2a:09:19:
43:80:00:84:66:b7:93:92:2f:c4:71:a0:cc:0d:26:f8:cf:29:
34:c3:8e:d3:dd:9a:fb:9e:f7:84:79:f4:01:f4:7e:af:9b:95:
db:83:84:c0:19:f8:c5:b2:c0:27:db:4c:4b:77:8d:39:c5:7e:
ae:8e:e9:83:e4:fc:48:a8:43:33:78:3f:e2:1c:89:13:4e:56:
16:81:64:58:36:db:35:ca:b3:61:2d:ac:df:4a:21:66:01:fe:
d1:b3:5e:15:1f:56:6a:b0:79:05:a6:27:af:ca:5c:48:bd:d5:
97:01:a8:73:0a:c3:ca:da:58:28:94:ff:bf:c0:42:68:b9:23:
53:9b:94:dc:f9:0a:b7:29:64:7a:76:64:ab:06:3c:1e:b8:8b:
59:61:bb:59:a4:33:60:15:72:86:76:83:3c:94:9e:1e:80:b0:
dc:1f:d2:6c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZWKL5n87x9VLpDfgLJgczhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZTRkNmZhYjc3YWM3NzlmNDliZjZmYzhhYjgxZTIzYWQ0
Njc1NzYwHhcNMjUwMzEyMTE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTEyZjgxODBiODY3ZmMzNzAzNjVjMDlkMmRhMGQ2NmNmNTQxMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0WzWxmqMBCLWQSNhh4b6P60WLqk
4cm6s1Jhc0G9IN3nnJVRKMXfeZ7imc6uyd6W6O16xMQaWs4E/pR4qTH/fPVs5aRu
TFaghJnSAW0oJp9vBMWXsuHKSyzF3d8lGZIMd92nZOAUlbvYq3NrfGKOj1zFZamK
eJDWExhjaTc8y+U2Qnwd2LysooJSke0afTHJdmQCOtMhgmyPSe5JjX+zICAN/4kE
D4+MMCemwBldGb6LhhOYpsXrE/77uD81sGFEey4zrB+pCT6ssq7/EpXxvXh5wwMb
1jWrTsg39yOGMVXR+oOwHwvGIsewt3HoadXipI4rAWDYc1zFIY5/3ujXBQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLkS+BgLhn/DcDZcCdLaDWbPVBIEMB8GA1UdIwQY
MBaAFFnk1vq3esd59Jv2/Iq4HiOtRnV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEt
MjkzZmNhMmQ1MWVhLzEvdVJMNEdBdUdmOE53Tmx3SjB0b05aczlVRWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82NzQyMjUtYWM3Ny00N2EwLWFjZDEtMjkzZmNhMmQ1MWVh
LzEvV2VUVy1yZDZ4M24wbV9iOGlyZ2VJNjFHZFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQCuR+cAwQA
ucxvAwQAufgjAwQCwid8MCIEAgACMBwDBQAqALwgAwUDKgXfQAMFAyoQe0ADBQMq
EKTAMA0GCSqGSIb3DQEBCwUAA4IBAQA5iYPlaFuUCpr9Hrgxt2dftJlGh0uExQsC
J05ug5pkwQilJz308iM92XlqxJWW2dDdZaYRDpCSkBtPS3s/etK4n25EQHqivmi4
WzvQyVDo65I/ifh5pLAqCRlDgACEZreTki/EcaDMDSb4zyk0w47T3Zr7nveEefQB
9H6vm5Xbg4TAGfjFssAn20xLd405xX6ujumD5PxIqEMzeD/iHIkTTlYWgWRYNts1
yrNhLazfSiFmAf7Rs14VH1ZqsHkFpievylxIvdWXAahzCsPK2lgolP+/wEJouSNT
m5Tc+Qq3KWR6dmSrBjweuItZYbtZpDNgFXKGdoM8lJ4egLDcH9Js
-----END CERTIFICATE-----
Generated at Sun May 4 14:11:03 2025 by rpki-client