Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/ujpKd3Yxu6wHwHe4Y6N6c3JGSMI.roa
File: ujpKd3Yxu6wHwHe4Y6N6c3JGSMI.roa (raw, json)
Hash identifier: yU7thQaqSmorfzxP/gSiwhPtFQrPBn13tbob8qOFNOA=
Subject key identifier: BA:3A:4A:77:76:31:BB:AC:07:C0:77:B8:63:A3:7A:73:72:46:48:C2
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 018A177EDFF1EEDC50E1D1C3EFC5DA62E470
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/ujpKd3Yxu6wHwHe4Y6N6c3JGSMI.roa
Signing time: Mon 21 Aug 2023 09:48:25 +0000
ROA not before: Mon 21 Aug 2023 09:48:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9125
IP address blocks: 93.93.192.0/21 maxlen: 21
92.42.253.0/24 maxlen: 24
92.42.252.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.145.0/24 maxlen: 24
178.254.140.0/22 maxlen: 22
178.254.165.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.116.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
178.254.187.0/24 maxlen: 24
185.157.44.0/24 maxlen: 24
109.111.254.0/24 maxlen: 24
217.169.208.0/22 maxlen: 22
217.169.208.0/20 maxlen: 20
217.169.212.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.216.0/22 maxlen: 22
217.169.220.0/22 maxlen: 22
5.172.34.0/24 maxlen: 24
5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.36.0/23 maxlen: 23
5.172.36.0/22 maxlen: 22
109.111.226.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.232.0/22 maxlen: 22
109.111.229.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.227.0/24 maxlen: 24
109.111.240.0/24 maxlen: 24
109.111.236.0/22 maxlen: 22
109.111.246.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 30 Aug 2023 12:35:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:7e:df:f1:ee:dc:50:e1:d1:c3:ef:c5:da:62:e4:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Aug 21 09:48:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba3a4a777631bbac07c077b863a37a73724648c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2c:98:71:e5:84:43:bc:f4:1b:18:7e:d8:2b:
98:ea:d2:f6:37:48:30:ca:37:80:54:a5:4d:37:91:
40:58:c3:b4:78:cb:dd:d6:85:33:df:30:c0:32:40:
a2:e0:b5:6f:62:3c:35:4f:a1:2f:83:6d:47:b2:c3:
f9:6c:14:74:35:85:1b:0d:fc:40:3b:dd:56:b3:bf:
1a:05:4c:de:35:c5:11:8d:8c:eb:bb:bb:26:24:a9:
05:53:fe:e5:40:53:59:61:7b:d6:3a:70:c3:a8:e7:
8a:85:71:d1:b9:e6:d5:cf:6c:48:e7:70:93:36:51:
8e:99:fe:a6:f9:e3:9c:bf:18:b5:40:38:45:de:60:
84:e5:18:c3:3c:30:78:24:50:45:c0:ac:53:7a:b5:
dc:ce:fe:cf:42:3e:02:7c:43:89:24:c4:8a:aa:f7:
5b:6f:9b:af:06:74:c9:62:af:43:23:30:5c:60:f9:
87:b3:68:02:af:46:f9:b7:3c:f9:ca:e1:49:ab:bc:
8d:e4:4b:b7:34:ce:50:3a:f6:05:0e:2e:e3:67:d8:
f2:f3:49:eb:fc:9e:4a:0a:b3:a3:32:19:95:f3:e0:
b0:84:b0:57:3b:ca:3a:13:e1:c1:ea:7b:0d:40:de:
ef:e2:01:66:f0:a2:59:0b:0e:4f:cb:df:c9:0f:9b:
a9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3A:4A:77:76:31:BB:AC:07:C0:77:B8:63:A3:7A:73:72:46:48:C2
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/ujpKd3Yxu6wHwHe4Y6N6c3JGSMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.75.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.248.255
109.111.250.0/24
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
1c:ab:a4:24:10:d9:f3:ba:a1:b2:e2:7b:f6:7d:22:79:32:6c:
31:94:02:7a:57:b6:7c:36:a9:67:70:9c:4c:00:9f:76:2b:7b:
3c:b5:c1:bd:12:88:61:1a:31:ff:73:f1:4e:6f:ff:f6:b7:b1:
64:ac:eb:a2:7d:19:34:0e:56:01:73:81:ea:69:c3:4c:b4:d4:
b7:33:a7:14:e8:d3:19:e7:01:7c:5f:a2:ee:f6:42:19:6f:72:
64:89:e5:04:88:fb:15:c5:3d:9d:5a:5b:ec:de:90:d9:2f:38:
57:ea:91:06:91:35:9c:34:36:b0:d8:b3:b2:7d:79:ae:50:a1:
56:9f:4e:a3:3b:52:7a:68:28:0f:75:a5:77:15:c5:9f:d9:52:
58:3b:e9:13:7d:ca:bb:4e:bc:48:c9:88:c5:4e:f9:70:a6:2b:
74:0d:28:fc:7e:20:37:0c:a1:6c:aa:6a:f6:61:b0:b1:70:75:
69:9e:6e:5e:72:c0:e7:6d:b1:99:bd:83:19:d0:d7:53:6e:82:
bb:de:60:c6:3c:a5:9e:cf:1f:1a:95:fd:a9:4d:4e:a4:f3:2d:
2e:29:6c:9e:92:f2:09:e6:19:4b:ca:2a:c3:12:19:87:43:30:
ec:d6:3f:f9:df:7e:e6:99:b6:28:b5:76:15:b3:1f:51:8e:a2:
5d:14:be:75
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAYoXft/x7txQ4dHD78XaYuRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwODIxMDk0ODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTNhNGE3Nzc2MzFiYmFjMDdjMDc3Yjg2M2EzN2E3MzcyNDY0OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSyYceWEQ7z0Gxh+2CuY6tL2N0gw
yjeAVKVNN5FAWMO0eMvd1oUz3zDAMkCi4LVvYjw1T6Evg21HssP5bBR0NYUbDfxA
O91Ws78aBUzeNcURjYzru7smJKkFU/7lQFNZYXvWOnDDqOeKhXHRuebVz2xI53CT
NlGOmf6m+eOcvxi1QDhF3mCE5RjDPDB4JFBFwKxTerXczv7PQj4CfEOJJMSKqvdb
b5uvBnTJYq9DIzBcYPmHs2gCr0b5tzz5yuFJq7yN5Eu3NM5QOvYFDi7jZ9jy80nr
/J5KCrOjMhmV8+CwhLBXO8o6E+HB6nsNQN7v4gFm8KJZCw5Py9/JD5upBwIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFLo6Snd2MbusB8B3uGOjenNyRkjCMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvdWpwS2QzWXh1NndId0hlNFk2TjZjM0pHU01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCB1wQCAAEwgdAwDAME
AAWsIQMEAwWsIDAMAwQAWRdBAwQAWRdGAwQAWRdLAwQAWRddAwQDXCr4AwQDXV3A
MAwDBARfjHADBAFfjHgDBAJfjHwwDAMEBW1v4AMEAG1v8DAMAwQAbW/zAwQAbW/4
AwQAbW/6MAwDBAJtb/wDBABtb/4DBAWy/oADBACy/qMDBACy/qUDBACy/qkDBACy
/qwDBACy/q8DBACy/rEwDAMEAbL+tgMEALL+uDAMAwQAsv67AwQGsv6AAwQAuZ0s
AwQAwWhEAwQE2anQMA0EAgACMAcDBQAqAgtYMA0GCSqGSIb3DQEBCwUAA4IBAQAc
q6QkENnzuqGy4nv2fSJ5MmwxlAJ6V7Z8NqlncJxMAJ92K3s8tcG9EohhGjH/c/FO
b//2t7FkrOuifRk0DlYBc4HqacNMtNS3M6cU6NMZ5wF8X6Lu9kIZb3JkieUEiPsV
xT2dWlvs3pDZLzhX6pEGkTWcNDaw2LOyfXmuUKFWn06jO1J6aCgPdaV3FcWf2VJY
O+kTfcq7TrxIyYjFTvlwpit0DSj8fiA3DKFsqmr2YbCxcHVpnm5ecsDnbbGZvYMZ
0NdTboK73mDGPKWezx8alf2pTU6k8y0uKWyekvIJ5hlLyirDEhmHQzDs1j/5337m
mbYotXYVsx9RjqJdFL51
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org