Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/UuHQ6YcI7DhPXE33Yr-4yecpx4U.roa
File: UuHQ6YcI7DhPXE33Yr-4yecpx4U.roa (raw, json)
Hash identifier: xmZlRmCrgDlcRSQPZo+A4U5i/YQnsC4qHKOxf4M/Yec=
Subject key identifier: 52:E1:D0:E9:87:08:EC:38:4F:5C:4D:F7:62:BF:B8:C9:E7:29:C7:85
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019482735F6BFBF0926ACC612BD9186E9CE8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/UuHQ6YcI7DhPXE33Yr-4yecpx4U.roa
Signing time: Mon 20 Jan 2025 06:43:06 +0000
ROA not before: Mon 20 Jan 2025 06:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210878
IP address blocks: 31.135.3.0/24 maxlen: 24
64.43.76.0/24 maxlen: 24
64.43.92.0/22 maxlen: 22
77.36.59.0/24 maxlen: 24
91.235.166.0/24 maxlen: 24
91.237.195.0/24 maxlen: 24
91.246.201.0/24 maxlen: 24
109.207.131.0/24 maxlen: 24
193.36.202.0/24 maxlen: 24
193.221.82.0/24 maxlen: 24
195.80.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 13:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:82:73:5f:6b:fb:f0:92:6a:cc:61:2b:d9:18:6e:9c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 20 06:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52e1d0e98708ec384f5c4df762bfb8c9e729c785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:46:90:17:57:2f:e9:4d:32:29:7b:be:dc:23:
21:6e:28:02:84:28:3e:d8:80:7f:be:d9:77:ec:68:
b7:2a:e5:5d:6e:5a:7e:69:ce:c1:83:09:92:14:ec:
20:93:6a:15:50:85:0f:dc:b1:f3:3b:90:28:d6:20:
e2:03:cb:34:5c:12:85:2f:61:92:7e:ae:dd:94:2d:
90:4a:b0:20:12:3d:33:59:68:15:e0:7f:8b:d8:05:
1b:ae:24:c9:3f:59:b2:3a:ad:12:2b:a8:4e:b8:c3:
70:8d:b1:e4:35:22:04:5e:0b:60:75:61:ec:a1:40:
52:d9:b9:f1:dc:da:82:2c:e9:f2:97:a9:26:c3:fa:
b6:28:a3:56:1e:bc:20:1d:f8:10:df:8b:3f:76:60:
24:33:f3:83:2e:e0:e6:ca:d9:5d:1a:61:f4:75:ed:
cd:c4:d9:e4:8b:75:2c:52:7a:38:b5:7b:f3:f9:15:
35:5d:7d:d8:66:6c:01:28:19:4b:ae:ec:c6:1f:ed:
f1:d3:e4:ac:2d:e9:35:57:e4:52:e2:b2:89:bf:fb:
fc:d6:1f:1f:59:ed:f1:ac:23:e4:7b:6e:02:a9:24:
31:bd:85:45:8f:34:7b:40:96:31:3d:0d:23:07:4b:
36:d6:7a:ae:53:fd:62:e3:3f:b4:22:21:6c:84:55:
99:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E1:D0:E9:87:08:EC:38:4F:5C:4D:F7:62:BF:B8:C9:E7:29:C7:85
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/UuHQ6YcI7DhPXE33Yr-4yecpx4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.3.0/24
64.43.76.0/24
64.43.92.0/22
77.36.59.0/24
91.235.166.0/24
91.237.195.0/24
91.246.201.0/24
109.207.131.0/24
193.36.202.0/24
193.221.82.0/24
195.80.142.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:5e:36:e3:63:ff:85:53:60:0c:35:d5:d7:ae:20:d6:e7:18:
a7:36:e8:26:9b:ae:4d:a1:58:5f:36:7f:55:82:ac:cd:15:4d:
c2:6d:4f:a6:a2:5f:41:19:1b:e9:60:09:fc:f4:ef:27:98:75:
16:40:ea:e8:23:3a:b4:74:4a:4b:ed:06:bb:13:b8:eb:b1:95:
36:d9:28:b3:13:e1:9c:9e:b4:05:8a:27:39:59:5d:1f:ef:55:
95:9b:d1:1f:c6:62:f2:3b:d8:9e:85:57:e4:a2:7b:af:fb:26:
ba:91:24:d6:e3:63:15:b9:08:91:2e:9a:93:3f:ea:f3:6c:7a:
73:08:68:68:e9:a1:1a:4d:2a:7e:64:3f:a1:95:29:67:8d:09:
06:ac:8c:f1:21:41:80:6e:11:c0:bc:95:c6:5b:ea:2a:ef:32:
00:9e:42:87:91:9a:0e:6e:62:19:58:79:fd:61:ad:78:f9:0e:
78:0d:0b:32:87:c5:90:d7:74:2a:f4:36:5e:f4:90:26:99:6c:
f1:98:fd:0f:e2:b6:cf:4a:3e:3e:75:bd:8b:cc:3a:e2:39:97:
38:22:e2:01:5c:ae:c3:af:84:db:b4:3a:c7:82:03:4d:4c:c5:
6e:d3:a1:2b:55:7c:86:53:33:1e:ff:14:ee:9c:27:ca:b1:cb:
20:f1:7d:2e
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZSCc19r+/CSasxhK9kYbpzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTIwMDY0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmUxZDBlOTg3MDhlYzM4NGY1YzRkZjc2MmJmYjhjOWU3MjljNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EaQF1cv6U0yKXu+3CMhbigChCg+
2IB/vtl37Gi3KuVdblp+ac7BgwmSFOwgk2oVUIUP3LHzO5Ao1iDiA8s0XBKFL2GS
fq7dlC2QSrAgEj0zWWgV4H+L2AUbriTJP1myOq0SK6hOuMNwjbHkNSIEXgtgdWHs
oUBS2bnx3NqCLOnyl6kmw/q2KKNWHrwgHfgQ34s/dmAkM/ODLuDmytldGmH0de3N
xNnki3UsUno4tXvz+RU1XX3YZmwBKBlLruzGH+3x0+SsLek1V+RS4rKJv/v81h8f
We3xrCPke24CqSQxvYVFjzR7QJYxPQ0jB0s21nquU/1i4z+0IiFshFWZHQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFLh0OmHCOw4T1xN92K/uMnnKceFMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvVXVIUTZZY0k3RGhQWEUzM1lyLTR5ZWNweDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAH4cDAwQA
QCtMAwQCQCtcAwQATSQ7AwQAW+umAwQAW+3DAwQAW/bJAwQAbc+DAwQAwSTKAwQA
wd1SAwQAw1COMA0GCSqGSIb3DQEBCwUAA4IBAQAOXjbjY/+FU2AMNdXXriDW5xin
Nugmm65NoVhfNn9VgqzNFU3CbU+mol9BGRvpYAn89O8nmHUWQOroIzq0dEpL7Qa7
E7jrsZU22SizE+GcnrQFiic5WV0f71WVm9EfxmLyO9iehVfkonuv+ya6kSTW42MV
uQiRLpqTP+rzbHpzCGho6aEaTSp+ZD+hlSlnjQkGrIzxIUGAbhHAvJXGW+oq7zIA
nkKHkZoObmIZWHn9Ya14+Q54DQsyh8WQ13Qq9DZe9JAmmWzxmP0P4rbPSj4+db2L
zDriOZc4IuIBXK7Dr4TbtDrHggNNTMVu06ErVXyGUzMe/xTunCfKscsg8X0u
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:00:32 2025 by rpki-client