Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/uqjhIxW67I5lD2xVS7aBKJhih7E.roa
File: uqjhIxW67I5lD2xVS7aBKJhih7E.roa (raw, json)
Hash identifier: 99zu/57IPXNWKlMXYmdb13obkf4bjamMNB1BtCtwOCE=
Subject key identifier: BA:A8:E1:23:15:BA:EC:8E:65:0F:6C:55:4B:B6:81:28:98:62:87:B1
Certificate issuer: /CN=43aeb8ff55bd46500b27db9cf1dec256276b2b6a
Certificate serial: 0194258E8DC94CC151FBD25E33252FC72C12
Authority key identifier: 43:AE:B8:FF:55:BD:46:50:0B:27:DB:9C:F1:DE:C2:56:27:6B:2B:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q664_1W9RlALJ9uc8d7CVidrK2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/uqjhIxW67I5lD2xVS7aBKJhih7E.roa
Signing time: Thu 02 Jan 2025 05:48:06 +0000
ROA not before: Thu 02 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41960
IP address blocks: 185.246.30.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 09:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:8d:c9:4c:c1:51:fb:d2:5e:33:25:2f:c7:2c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43aeb8ff55bd46500b27db9cf1dec256276b2b6a
Validity
Not Before: Jan 2 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=baa8e12315baec8e650f6c554bb68128986287b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:98:c3:4c:99:99:3a:48:2d:5a:b8:b2:9d:
ba:61:17:e1:c8:5a:62:0e:da:9c:2c:20:2f:25:06:
2e:ea:5a:2b:ec:cf:b8:09:ab:73:02:2a:44:bb:5d:
e2:e6:4b:d3:f4:20:bc:c7:f9:31:5f:0a:4b:9e:98:
3f:96:8b:39:60:cd:0b:4f:22:13:70:66:d4:cc:7d:
20:22:35:59:79:58:f0:38:e7:7c:00:4d:cc:7d:ae:
35:5b:27:dd:63:bd:22:39:35:c1:52:84:25:a3:6f:
fb:aa:01:df:bb:87:56:9d:c5:18:2f:e2:1f:59:80:
c4:63:d0:c4:3f:a2:d8:a1:42:5a:ef:c1:e7:8a:c4:
67:8c:15:7c:92:c0:ad:95:37:ff:5d:83:86:e2:6b:
c2:32:9b:9e:a1:b5:ee:bf:30:27:d8:0c:82:8f:db:
c3:23:90:c3:2f:3f:4a:42:82:fb:a5:7c:9e:41:4f:
4c:c8:73:31:dc:8f:a0:64:78:05:9d:a2:21:28:02:
c4:f9:e3:82:0c:d0:91:69:64:8a:c4:d6:72:be:9b:
df:34:aa:83:d4:fc:fe:d7:e7:28:37:5f:fd:2b:01:
71:b6:30:79:23:d9:00:1c:b2:aa:04:7c:56:78:19:
e9:24:af:2b:c3:0f:2b:3a:9f:20:e9:50:6d:d5:c6:
ec:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A8:E1:23:15:BA:EC:8E:65:0F:6C:55:4B:B6:81:28:98:62:87:B1
X509v3 Authority Key Identifier:
keyid:43:AE:B8:FF:55:BD:46:50:0B:27:DB:9C:F1:DE:C2:56:27:6B:2B:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q664_1W9RlALJ9uc8d7CVidrK2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/uqjhIxW67I5lD2xVS7aBKJhih7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/Q664_1W9RlALJ9uc8d7CVidrK2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.30.0/23
Signature Algorithm: sha256WithRSAEncryption
54:58:90:48:9c:07:2d:2d:fe:52:eb:dc:04:06:1e:7e:df:03:
78:a7:14:f0:93:fd:e2:4f:60:7d:10:66:44:1e:e8:87:c0:e7:
dd:ee:6d:91:03:1b:51:1b:88:30:93:ce:a7:83:9d:42:48:d7:
f8:16:52:fe:bd:c5:4a:20:09:b3:13:be:64:59:46:18:a3:24:
76:9d:bc:03:2b:1b:e5:dd:f1:99:f0:34:37:28:13:7c:17:af:
01:10:14:b1:2f:b5:8a:5b:7f:89:61:51:cc:c2:6f:95:3a:e8:
c7:15:c7:8d:69:71:1e:40:4b:7c:5b:9e:bc:78:6a:23:b3:13:
cf:dd:12:c9:44:f0:d9:3e:39:e7:82:21:b3:d9:cc:4a:c1:d3:
8f:ab:9c:4a:fb:2d:34:4c:90:c6:d1:e4:fa:0b:db:7b:c9:91:
be:a8:bc:ba:ab:5f:e2:ec:96:71:a9:ca:62:20:33:8a:f3:fb:
aa:62:0f:bd:d4:ab:be:bb:bf:9d:25:47:3f:90:02:43:01:0b:
33:83:37:c8:ae:18:37:0e:40:f8:6e:4f:0a:9c:79:9e:7d:58:
de:9e:1a:bb:c4:81:85:4b:c5:08:9e:d1:3b:26:3e:e2:16:63:
f3:a8:78:0e:1c:60:c3:f2:bd:1b:ef:62:92:b5:93:49:7f:73:
43:22:ca:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljo3JTMFR+9JeMyUvxywSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWViOGZmNTViZDQ2NTAwYjI3ZGI5Y2YxZGVjMjU2Mjc2
YjJiNmEwHhcNMjUwMTAyMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE4ZTEyMzE1YmFlYzhlNjUwZjZjNTU0YmI2ODEyODk4NjI4N2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriSYw0yZmTpILVq4sp26YRfhyFpi
DtqcLCAvJQYu6lor7M+4CatzAipEu13i5kvT9CC8x/kxXwpLnpg/los5YM0LTyIT
cGbUzH0gIjVZeVjwOOd8AE3Mfa41WyfdY70iOTXBUoQlo2/7qgHfu4dWncUYL+If
WYDEY9DEP6LYoUJa78HnisRnjBV8ksCtlTf/XYOG4mvCMpueobXuvzAn2AyCj9vD
I5DDLz9KQoL7pXyeQU9MyHMx3I+gZHgFnaIhKALE+eOCDNCRaWSKxNZyvpvfNKqD
1Pz+1+coN1/9KwFxtjB5I9kAHLKqBHxWeBnpJK8rww8rOp8g6VBt1cbsMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLqo4SMVuuyOZQ9sVUu2gSiYYoexMB8GA1UdIwQY
MBaAFEOuuP9VvUZQCyfbnPHewlYnaytqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTY2NF8xVzlSbEFMSjl1YzhkN0NWaWRySzJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8zYjZmYjQtNTJlOC00NGUyLWFiZTgt
MmMyZmJhZDJmMDExLzEvdXFqaEl4VzY3STVsRDJ4VlM3YUJLSmhpaDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8zYjZmYjQtNTJlOC00NGUyLWFiZTgtMmMyZmJhZDJmMDEx
LzEvUTY2NF8xVzlSbEFMSjl1YzhkN0NWaWRySzJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufYeMA0G
CSqGSIb3DQEBCwUAA4IBAQBUWJBInActLf5S69wEBh5+3wN4pxTwk/3iT2B9EGZE
HuiHwOfd7m2RAxtRG4gwk86ng51CSNf4FlL+vcVKIAmzE75kWUYYoyR2nbwDKxvl
3fGZ8DQ3KBN8F68BEBSxL7WKW3+JYVHMwm+VOujHFceNaXEeQEt8W568eGojsxPP
3RLJRPDZPjnngiGz2cxKwdOPq5xK+y00TJDG0eT6C9t7yZG+qLy6q1/i7JZxqcpi
IDOK8/uqYg+91Ku+u7+dJUc/kAJDAQszgzfIrhg3DkD4bk8KnHmefVjenhq7xIGF
S8UIntE7Jj7iFmPzqHgOHGDD8r0b72KStZNJf3NDIsrt
-----END CERTIFICATE-----
Generated at Thu May 1 11:11:27 2025 by rpki-client