Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/UjTB4nUUnDWcJ--XXqnG-Otx_sk.roa
File: UjTB4nUUnDWcJ--XXqnG-Otx_sk.roa (raw, json)
Hash identifier: IOF9XFzeDR2vPBSqYaCuqIh1mDfNToUxXdetMi11EXU=
Subject key identifier: 52:34:C1:E2:75:14:9C:35:9C:27:EF:97:5E:A9:C6:F8:EB:71:FE:C9
Certificate issuer: /CN=509bc63e68c90932b4fc28997fc3bf78de3b3743
Certificate serial: 0195AE95D4DF6AE87D0EE4E04DF65EB2F5DE
Authority key identifier: 50:9B:C6:3E:68:C9:09:32:B4:FC:28:99:7F:C3:BF:78:DE:3B:37:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJvGPmjJCTK0_CiZf8O_eN47N0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/UjTB4nUUnDWcJ--XXqnG-Otx_sk.roa
Signing time: Wed 19 Mar 2025 13:26:49 +0000
ROA not before: Wed 19 Mar 2025 13:26:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198065
IP address blocks: 185.164.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Mar 2025 09:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:95:d4:df:6a:e8:7d:0e:e4:e0:4d:f6:5e:b2:f5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509bc63e68c90932b4fc28997fc3bf78de3b3743
Validity
Not Before: Mar 19 13:26:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5234c1e275149c359c27ef975ea9c6f8eb71fec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b0:45:78:d1:df:21:39:17:05:3c:d1:b2:19:
9e:5b:2e:3c:39:40:58:5b:25:c8:2c:05:87:9d:9c:
12:dc:cd:b8:64:bd:40:d0:ba:4f:07:5c:93:57:e2:
89:b8:9f:de:25:de:cb:e2:ed:f3:59:0e:95:1e:fc:
27:e3:60:c7:fe:d3:36:4c:ee:d4:5f:4f:53:0b:51:
48:23:98:70:b4:c8:66:8a:b9:18:ae:b7:8f:46:e4:
08:c1:ea:37:5c:51:3c:17:e1:a8:8c:45:dd:98:85:
de:68:4c:cd:c1:36:77:8e:7d:94:5a:43:28:97:5f:
be:a8:93:6b:20:d2:f7:84:9d:f8:90:f3:bc:81:97:
88:0e:1d:56:48:df:fc:02:91:57:69:5a:6f:8f:64:
96:3d:41:9a:57:09:7c:ff:cd:72:72:59:49:c6:1e:
24:e8:94:76:ba:21:2f:b7:4c:3d:0f:b7:72:6c:be:
f3:16:6a:47:6c:0d:fe:5a:9a:f6:ef:c5:e0:67:4d:
43:84:44:66:5c:7a:50:e3:cf:5c:25:75:7a:a9:45:
9f:7e:70:a5:7a:49:42:f2:2f:2a:93:d0:6b:1d:73:
ee:45:8f:d9:ae:e7:10:b3:b0:f1:32:8c:a1:b1:1d:
56:c1:52:85:3f:10:52:3f:4c:0e:a4:7d:be:0f:02:
2a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:34:C1:E2:75:14:9C:35:9C:27:EF:97:5E:A9:C6:F8:EB:71:FE:C9
X509v3 Authority Key Identifier:
keyid:50:9B:C6:3E:68:C9:09:32:B4:FC:28:99:7F:C3:BF:78:DE:3B:37:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJvGPmjJCTK0_CiZf8O_eN47N0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/UjTB4nUUnDWcJ--XXqnG-Otx_sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/UJvGPmjJCTK0_CiZf8O_eN47N0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.78.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e2:14:9e:6a:4a:7b:10:b4:e5:aa:af:ba:db:e6:e4:ef:1e:
c9:4b:5f:d3:76:5d:43:b5:b7:7b:08:df:e5:89:10:1a:ae:e8:
a6:d4:5f:6a:67:aa:8d:3f:5c:f8:fa:8e:07:12:e7:4b:1d:aa:
9e:4a:ce:b0:89:05:e4:20:ad:00:8f:35:dc:13:9e:21:62:3b:
38:04:c3:03:fd:0d:93:2d:fd:a8:2b:a4:61:1b:b4:bd:9b:f6:
5e:e4:71:fc:20:c1:93:6c:07:90:be:ef:01:52:52:ec:af:2f:
f9:fd:5a:51:73:00:24:0c:bb:ba:b2:3c:8a:e5:78:a6:b5:73:
9e:eb:8b:50:9c:17:34:41:be:42:31:44:ca:2a:8d:4e:60:a2:
7b:ad:00:10:44:f9:76:86:1b:5d:98:5e:47:36:72:b4:38:97:
65:fc:4c:dd:3a:53:7b:d1:d7:b8:ff:d3:7b:8b:43:ab:e6:3c:
e1:7f:05:dd:bc:af:48:8d:dd:f9:f6:c0:b1:24:25:dd:3a:04:
62:96:ae:45:2c:21:10:0d:26:58:93:42:37:26:7c:d8:c4:a0:
b1:75:76:c1:45:39:67:ac:90:e4:6e:d9:58:30:ed:5b:af:63:
7d:40:07:a3:2a:69:85:ca:e9:4b:11:36:4d:1d:58:c2:e4:07:
06:60:20:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWuldTfauh9DuTgTfZesvXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWJjNjNlNjhjOTA5MzJiNGZjMjg5OTdmYzNiZjc4ZGUz
YjM3NDMwHhcNMjUwMzE5MTMyNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjM0YzFlMjc1MTQ5YzM1OWMyN2VmOTc1ZWE5YzZmOGViNzFmZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbBFeNHfITkXBTzRshmeWy48OUBY
WyXILAWHnZwS3M24ZL1A0LpPB1yTV+KJuJ/eJd7L4u3zWQ6VHvwn42DH/tM2TO7U
X09TC1FII5hwtMhmirkYrrePRuQIweo3XFE8F+GojEXdmIXeaEzNwTZ3jn2UWkMo
l1++qJNrINL3hJ34kPO8gZeIDh1WSN/8ApFXaVpvj2SWPUGaVwl8/81ycllJxh4k
6JR2uiEvt0w9D7dybL7zFmpHbA3+Wpr278XgZ01DhERmXHpQ489cJXV6qUWffnCl
eklC8i8qk9BrHXPuRY/ZrucQs7DxMoyhsR1WwVKFPxBSP0wOpH2+DwIqdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFI0weJ1FJw1nCfvl16pxvjrcf7JMB8GA1UdIwQY
MBaAFFCbxj5oyQkytPwomX/Dv3jeOzdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUp2R1BtakpDVEswX0NpWmY4T19lTjQ3TjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zNGM1YjItYjZlMy00YjIzLWE2MDkt
MTZlZDNjZDBjNzJhLzEvVWpUQjRuVVVuRFdjSi0tWFhxbkctT3R4X3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zNGM1YjItYjZlMy00YjIzLWE2MDktMTZlZDNjZDBjNzJh
LzEvVUp2R1BtakpDVEswX0NpWmY4T19lTjQ3TjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaROMA0G
CSqGSIb3DQEBCwUAA4IBAQAP4hSeakp7ELTlqq+62+bk7x7JS1/Tdl1Dtbd7CN/l
iRAaruim1F9qZ6qNP1z4+o4HEudLHaqeSs6wiQXkIK0AjzXcE54hYjs4BMMD/Q2T
Lf2oK6RhG7S9m/Ze5HH8IMGTbAeQvu8BUlLsry/5/VpRcwAkDLu6sjyK5XimtXOe
64tQnBc0Qb5CMUTKKo1OYKJ7rQAQRPl2hhtdmF5HNnK0OJdl/EzdOlN70de4/9N7
i0Or5jzhfwXdvK9Ijd359sCxJCXdOgRilq5FLCEQDSZYk0I3JnzYxKCxdXbBRTln
rJDkbtlYMO1br2N9QAejKmmFyulLETZNHVjC5AcGYCDM
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:11:13 2025 by rpki-client