Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/uU2wrUmaEtgcTiVSDguhpy_A9G8.roa
File: uU2wrUmaEtgcTiVSDguhpy_A9G8.roa (raw, json)
Hash identifier: wb9Wh2KlfREtnxjvc1HxJKuNwPEu9eo1wK36BJ66Aqc=
Subject key identifier: B9:4D:B0:AD:49:9A:12:D8:1C:4E:25:52:0E:0B:A1:A7:2F:C0:F4:6F
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0194266C28AC7372E89114438A48B351EEEB
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/uU2wrUmaEtgcTiVSDguhpy_A9G8.roa
Signing time: Thu 02 Jan 2025 09:50:09 +0000
ROA not before: Thu 02 Jan 2025 09:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 5.178.108.0/24 maxlen: 24
31.192.246.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.218.0/23 maxlen: 24
45.12.219.0/24 maxlen: 24
185.5.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 21:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:28:ac:73:72:e8:91:14:43:8a:48:b3:51:ee:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 2 09:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b94db0ad499a12d81c4e25520e0ba1a72fc0f46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2a:e6:07:2a:7d:d9:41:f0:b7:c4:2e:25:09:
dd:42:44:4c:89:bf:a3:44:71:e4:5e:3a:1d:b4:c7:
77:33:16:a2:d1:d7:18:f9:6e:98:c6:94:71:b8:33:
89:85:04:c1:73:41:75:cd:68:56:76:fb:62:78:ef:
e8:c3:14:69:a0:ea:27:43:75:95:08:41:d3:94:ab:
1a:e4:11:1c:7b:58:93:5f:30:8a:f9:5d:ca:f9:ac:
c1:e0:a3:a8:98:de:87:82:0a:b2:6b:42:b9:2a:f4:
9f:d2:c7:ea:2a:17:bb:0a:a4:45:af:14:85:98:2c:
8d:9b:be:82:a7:2f:b3:b6:87:96:cd:ce:b2:d7:dc:
b9:cf:b9:a4:39:5d:f1:5f:72:51:f2:ed:fe:e7:da:
58:b1:1c:96:aa:8c:0b:b0:0a:66:af:c8:b0:99:12:
9b:e5:ce:8f:94:e0:ba:e0:15:b3:26:42:8c:d9:54:
b9:28:4c:f9:05:b1:db:bc:9f:b4:6a:cf:d0:23:d2:
ca:bd:c0:5a:6e:50:ad:ae:80:63:c4:6c:2d:f0:f5:
be:73:cf:fe:6f:25:16:ca:ff:59:9d:12:1b:82:ba:
a3:05:9b:90:a7:de:4d:71:4a:07:34:e3:8c:5d:f4:
5f:a7:5f:c9:85:99:02:df:90:d0:4a:b5:e4:47:38:
98:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4D:B0:AD:49:9A:12:D8:1C:4E:25:52:0E:0B:A1:A7:2F:C0:F4:6F
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/uU2wrUmaEtgcTiVSDguhpy_A9G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.108.0/24
31.192.246.0/24
45.12.217.0-45.12.219.255
185.5.37.0/24
Signature Algorithm: sha256WithRSAEncryption
98:64:5d:55:59:cd:a8:ee:cf:bd:3e:23:22:31:1c:c9:b1:d2:
b5:ea:b7:f2:4c:94:4e:d8:6a:f2:b6:9b:b0:4a:f8:48:23:1c:
9a:75:d3:84:55:40:73:38:47:d0:56:25:91:b9:a2:f0:0c:33:
0e:38:66:65:6d:a3:69:16:a4:2c:d6:d7:8a:cb:d7:23:82:79:
e1:91:e8:7c:2f:c3:e9:cf:26:f3:3c:c4:f3:0b:90:d4:07:c4:
0d:70:ec:de:ec:49:43:7d:59:4e:b8:a4:80:a2:55:eb:dd:ec:
cc:db:dd:0d:a6:48:a3:6a:41:48:60:95:9e:4d:32:86:b2:0b:
77:8e:7f:9c:34:5d:f7:16:e4:bd:a1:b5:90:41:b2:04:20:00:
be:08:0e:a9:2c:03:c2:a3:e8:50:2c:29:11:26:ed:74:bd:1a:
33:31:7f:40:b6:a8:cb:01:9a:3a:4c:26:8e:42:a7:fc:90:c0:
f0:b4:a6:96:96:69:42:9b:e6:09:05:57:01:f5:58:2b:6b:b1:
45:bc:d0:2b:30:ad:3b:43:a5:24:9d:30:da:4e:90:49:a2:73:
01:95:52:eb:0d:c9:31:c6:d8:9e:80:01:c4:7a:23:67:63:48:
0a:70:8b:c8:d4:be:98:6d:f2:0a:1b:23:1e:0e:98:9b:97:67:
05:4c:e3:90
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQmbCisc3LokRRDikizUe7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMTAyMDk1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRkYjBhZDQ5OWExMmQ4MWM0ZTI1NTIwZTBiYTFhNzJmYzBmNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3irmByp92UHwt8QuJQndQkRMib+j
RHHkXjodtMd3Mxai0dcY+W6YxpRxuDOJhQTBc0F1zWhWdvtieO/owxRpoOonQ3WV
CEHTlKsa5BEce1iTXzCK+V3K+azB4KOomN6Hggqya0K5KvSf0sfqKhe7CqRFrxSF
mCyNm76Cpy+ztoeWzc6y19y5z7mkOV3xX3JR8u3+59pYsRyWqowLsApmr8iwmRKb
5c6PlOC64BWzJkKM2VS5KEz5BbHbvJ+0as/QI9LKvcBablCtroBjxGwt8PW+c8/+
byUWyv9ZnRIbgrqjBZuQp95NcUoHNOOMXfRfp1/JhZkC35DQSrXkRziYQwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLlNsK1JmhLYHE4lUg4LoacvwPRvMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvdVUyd3JVbWFFdGdjVGlWU0RndWhweV9BOUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABbJsAwQA
H8D2MAwDBAAtDNkDBAItDNgDBAC5BSUwDQYJKoZIhvcNAQELBQADggEBAJhkXVVZ
zajuz70+IyIxHMmx0rXqt/JMlE7YavK2m7BK+EgjHJp104RVQHM4R9BWJZG5ovAM
Mw44ZmVto2kWpCzW14rL1yOCeeGR6Hwvw+nPJvM8xPMLkNQHxA1w7N7sSUN9WU64
pICiVevd7Mzb3Q2mSKNqQUhglZ5NMoayC3eOf5w0XfcW5L2htZBBsgQgAL4IDqks
A8Kj6FAsKREm7XS9GjMxf0C2qMsBmjpMJo5Cp/yQwPC0ppaWaUKb5gkFVwH1WCtr
sUW80CswrTtDpSSdMNpOkEmicwGVUusNyTHG2J6AAcR6I2djSApwi8jUvpht8gob
Ix4OmJuXZwVM45A=
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:15:17 2025 by rpki-client