Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/uDg4DhRYt2Mq0rGASet5vAcS2Cs.roa
File: uDg4DhRYt2Mq0rGASet5vAcS2Cs.roa (raw, json)
Hash identifier: bZX7AcJl3k7touoSWr3zaf6z4hOj6VYlqqaKJF+eBDI=
Subject key identifier: B8:38:38:0E:14:58:B7:63:2A:D2:B1:80:49:EB:79:BC:07:12:D8:2B
Certificate issuer: /CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Certificate serial: 019424B3B1FA22EFF1508D5DE21E41947CBC
Authority key identifier: 33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/uDg4DhRYt2Mq0rGASet5vAcS2Cs.roa
Signing time: Thu 02 Jan 2025 01:49:03 +0000
ROA not before: Thu 02 Jan 2025 01:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31214
IP address blocks: 5.11.64.0/20 maxlen: 20
31.192.128.0/19 maxlen: 19
37.60.208.0/20 maxlen: 20
83.219.128.0/19 maxlen: 19
91.109.128.0/19 maxlen: 19
109.111.128.0/19 maxlen: 19
178.210.0.0/19 maxlen: 19
185.16.136.0/22 maxlen: 22
185.234.120.0/22 maxlen: 22
185.238.76.0/22 maxlen: 22
185.251.216.0/22 maxlen: 22
193.39.220.0/22 maxlen: 22
194.50.12.0/22 maxlen: 22
213.149.0.0/19 maxlen: 19
2a03:5800::/32 maxlen: 32
2a06:50c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Jan 2025 08:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b1:fa:22:ef:f1:50:8d:5d:e2:1e:41:94:7c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Validity
Not Before: Jan 2 01:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b838380e1458b7632ad2b18049eb79bc0712d82b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c4:67:a9:f2:f9:15:1c:69:24:41:75:2e:2e:
08:11:49:14:da:a7:8b:f1:1b:d3:ba:5b:43:f7:59:
8a:ba:70:3f:ad:b4:9c:d2:d5:ef:37:73:5c:9b:5a:
8a:8a:57:5f:d6:97:cf:01:9d:69:6d:3a:4d:14:75:
a3:c0:cc:3c:96:09:3d:bd:37:36:a8:93:d1:bf:f6:
ee:c7:4d:6e:cf:a7:7d:d6:60:53:0e:d2:90:a6:c5:
79:b9:d2:c8:19:9a:47:82:50:25:b3:47:50:bd:9d:
4a:28:fd:1c:9e:4e:ba:36:67:e3:dc:8f:74:bf:cf:
38:eb:77:53:40:bd:38:f2:4b:70:45:50:f0:b6:62:
e5:ed:79:d1:35:4e:c4:3e:10:81:e0:b8:16:a6:f2:
34:3e:41:48:48:14:55:c3:a7:8e:93:ae:ea:0f:95:
51:27:a4:ca:cc:59:6c:d6:26:bd:27:20:bd:2c:18:
87:c8:7a:50:e9:59:7d:dc:5f:50:0a:d8:60:b5:bc:
03:e0:64:02:4d:9e:11:11:31:f3:98:24:00:b7:78:
82:01:74:9a:aa:4e:fd:1e:c2:1a:45:02:71:ca:56:
ea:2e:94:9e:94:05:91:5d:a9:27:45:25:c4:9d:86:
fa:2c:6f:69:97:25:4c:2f:c5:9e:28:8e:0e:68:5d:
4f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:38:38:0E:14:58:B7:63:2A:D2:B1:80:49:EB:79:BC:07:12:D8:2B
X509v3 Authority Key Identifier:
keyid:33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/uDg4DhRYt2Mq0rGASet5vAcS2Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.64.0/20
31.192.128.0/19
37.60.208.0/20
83.219.128.0/19
91.109.128.0/19
109.111.128.0/19
178.210.0.0/19
185.16.136.0/22
185.234.120.0/22
185.238.76.0/22
185.251.216.0/22
193.39.220.0/22
194.50.12.0/22
213.149.0.0/19
IPv6:
2a03:5800::/32
2a06:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:81:f5:7b:a4:d3:a2:a7:23:5f:da:63:56:4c:ff:72:93:fe:
de:3e:97:1a:2e:31:0c:3f:03:05:59:11:2a:ac:d0:4e:f3:bb:
c6:2d:6e:d4:57:7b:87:0a:0c:c9:8d:8e:0a:cc:12:dd:d2:6f:
1f:1d:69:72:78:3a:f5:f5:a5:49:68:c5:f7:13:29:af:5a:98:
de:c3:89:4b:14:af:ce:7e:c4:82:9a:42:62:98:69:0c:8b:c1:
2f:82:08:37:26:19:42:c7:47:ab:5f:80:49:3e:1a:12:5e:e7:
08:e6:94:ea:35:ae:86:8e:65:c7:14:bd:aa:3e:0a:30:e4:46:
68:fd:73:51:e5:9d:21:37:ee:f6:c5:b4:59:24:1f:3f:b5:89:
01:34:23:03:42:5f:17:50:a7:b0:a9:94:1c:1f:cd:58:15:ef:
0e:bf:31:7a:6b:de:57:fd:a8:c6:83:21:b0:43:00:4d:cc:2d:
fe:93:7c:ca:f4:18:b8:7e:57:5f:67:39:ee:6f:56:d0:8b:7d:
1f:e9:6b:ce:ab:ef:ec:dc:08:5e:e0:18:6d:18:af:01:96:48:
57:8b:a0:8f:c6:bc:61:31:a0:53:e7:68:a3:0a:c9:02:dc:91:
5b:4c:5a:96:d2:3a:62:e2:05:16:23:28:61:37:43:3b:90:53:
07:d1:9a:77
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZQks7H6Iu/xUI1d4h5BlHy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZmU4MGFlYTEwMGU5OGMwZGE1ZDFmZmVmOThiMzcxZDEx
ZWRkYTIwHhcNMjUwMTAyMDE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODM4MzgwZTE0NThiNzYzMmFkMmIxODA0OWViNzliYzA3MTJkODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosRnqfL5FRxpJEF1Li4IEUkU2qeL
8RvTultD91mKunA/rbSc0tXvN3Ncm1qKildf1pfPAZ1pbTpNFHWjwMw8lgk9vTc2
qJPRv/bux01uz6d91mBTDtKQpsV5udLIGZpHglAls0dQvZ1KKP0cnk66Nmfj3I90
v88463dTQL048ktwRVDwtmLl7XnRNU7EPhCB4LgWpvI0PkFISBRVw6eOk67qD5VR
J6TKzFls1ia9JyC9LBiHyHpQ6Vl93F9QCthgtbwD4GQCTZ4RETHzmCQAt3iCAXSa
qk79HsIaRQJxylbqLpSelAWRXaknRSXEnYb6LG9plyVML8WeKI4OaF1PEwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFLg4OA4UWLdjKtKxgEnrebwHEtgrMB8GA1UdIwQY
MBaAFDP+gK6hAOmMDaXR/++Ys3HRHt2iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV82QXJxRUE2WXdOcGRIXzc1aXpjZEVlM2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84MDI1MjUtNWMyYy00NTY0LWJhNWEt
NmNkNjU5YWNiZjA3LzEvdURnNERoUll0Mk1xMHJHQVNldDV2QWNTMkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84MDI1MjUtNWMyYy00NTY0LWJhNWEtNmNkNjU5YWNiZjA3
LzEvTV82QXJxRUE2WXdOcGRIXzc1aXpjZEVlM2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEBAULQAME
BR/AgAMEBCU80AMEBVPbgAMEBVttgAMEBW1vgAMEBbLSAAMEArkQiAMEArnqeAME
ArnuTAMEArn72AMEAsEn3AMEAsIyDAMEBdWVADAUBAIAAjAOAwUAKgNYAAMFACoG
UMAwDQYJKoZIhvcNAQELBQADggEBAAuB9Xuk06KnI1/aY1ZM/3KT/t4+lxouMQw/
AwVZESqs0E7zu8YtbtRXe4cKDMmNjgrMEt3Sbx8daXJ4OvX1pUloxfcTKa9amN7D
iUsUr85+xIKaQmKYaQyLwS+CCDcmGULHR6tfgEk+GhJe5wjmlOo1roaOZccUvao+
CjDkRmj9c1HlnSE37vbFtFkkHz+1iQE0IwNCXxdQp7CplBwfzVgV7w6/MXpr3lf9
qMaDIbBDAE3MLf6TfMr0GLh+V19nOe5vVtCLfR/pa86r7+zcCF7gGG0YrwGWSFeL
oI/GvGExoFPnaKMKyQLckVtMWpbSOmLiBRYjKGE3QzuQUwfRmnc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:48 2025 by rpki-client