Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/UxtAYwkdCkjRLIdYVTn0iG5OfDQ.roa
File: UxtAYwkdCkjRLIdYVTn0iG5OfDQ.roa (raw, json)
Hash identifier: s6mpj78dSqriRUK0x90zjM27DBHYAyeRi21dkA+wDD8=
Subject key identifier: 53:1B:40:63:09:1D:0A:48:D1:2C:87:58:55:39:F4:88:6E:4E:7C:34
Certificate issuer: /CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Certificate serial: 018CC50038979A4CC05865A2AD3EC5FE1476
Authority key identifier: D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/UxtAYwkdCkjRLIdYVTn0iG5OfDQ.roa
Signing time: Mon 01 Jan 2024 12:29:35 +0000
ROA not before: Mon 01 Jan 2024 12:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43342
IP address blocks: 91.135.179.0/24 maxlen: 24
91.135.178.0/23 maxlen: 23
91.135.178.0/24 maxlen: 24
91.135.181.0/24 maxlen: 24
91.135.180.0/24 maxlen: 24
91.135.180.0/22 maxlen: 23
91.135.186.0/24 maxlen: 24
91.135.185.0/24 maxlen: 24
91.135.184.0/22 maxlen: 23
91.135.184.0/24 maxlen: 24
91.135.183.0/24 maxlen: 24
91.135.182.0/24 maxlen: 24
91.135.187.0/24 maxlen: 24
91.135.191.0/24 maxlen: 24
91.135.190.0/24 maxlen: 24
91.135.190.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:38:97:9a:4c:c0:58:65:a2:ad:3e:c5:fe:14:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Validity
Not Before: Jan 1 12:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=531b4063091d0a48d12c87585539f4886e4e7c34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:85:da:29:c8:d8:1d:fc:fd:c9:34:e2:bc:89:
43:20:40:aa:60:b0:da:d8:70:6e:a2:45:04:b2:83:
b8:85:bb:88:6f:ce:b5:00:45:37:b7:02:97:a6:92:
a7:4f:96:b8:f5:38:42:94:a3:1c:6a:8d:cb:bd:96:
ea:5f:51:e6:35:94:fc:72:73:02:8a:73:29:30:22:
b6:c7:e7:49:cc:dc:4e:66:e4:87:28:e5:ba:da:6a:
93:51:aa:a6:b8:06:f1:ed:d9:d6:cc:75:60:29:ea:
bc:78:fe:40:74:12:14:ea:81:3c:70:94:49:a4:b6:
6e:a6:6b:ef:73:b2:b6:4e:d1:36:f1:c5:26:80:5b:
c4:dc:80:a5:28:a5:7c:18:0e:5f:a3:df:25:54:9b:
06:54:28:36:6c:96:7a:24:50:82:31:c6:ba:81:e2:
88:aa:44:c8:56:6e:42:ca:b6:00:42:70:62:a7:fc:
31:17:28:52:03:43:7a:1b:2d:85:8b:26:7b:38:f2:
de:f4:c6:df:16:5d:68:61:e4:90:8d:41:df:2c:6e:
20:d9:02:8c:8a:83:33:55:aa:a7:7a:1f:45:12:62:
21:69:82:48:8c:54:17:25:c3:58:b2:98:6f:bb:9b:
89:a7:47:6b:0a:51:6b:82:c2:92:7b:2c:9a:8b:e8:
bb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1B:40:63:09:1D:0A:48:D1:2C:87:58:55:39:F4:88:6E:4E:7C:34
X509v3 Authority Key Identifier:
keyid:D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/UxtAYwkdCkjRLIdYVTn0iG5OfDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.178.0-91.135.187.255
91.135.190.0/23
Signature Algorithm: sha256WithRSAEncryption
52:9b:22:77:b4:7d:26:85:e7:8b:db:70:f5:e3:19:b1:8a:8f:
45:c1:27:41:01:ae:48:c4:e7:ce:eb:6f:9d:8a:9e:08:a2:0a:
00:2f:25:4e:98:6c:d3:0e:fa:f1:26:98:e4:9e:ee:93:b3:c6:
b0:48:6d:20:48:fb:44:a4:6b:a8:10:5f:50:8a:10:9d:53:06:
10:93:a5:74:99:35:59:38:ed:0a:dd:a1:4d:a2:d9:ad:0f:9b:
4d:12:08:2d:c1:3c:de:d3:c7:33:f4:f5:bc:c2:93:00:b3:99:
9d:f2:d4:8d:30:3d:6b:16:d1:fd:43:99:ad:39:1b:4d:ad:82:
d2:c5:f7:3e:9c:74:67:f1:18:20:2b:8d:2b:2d:2b:0d:6b:d3:
40:7e:7d:f6:c4:09:38:fb:07:42:01:18:9a:f5:c1:59:e5:4b:
4b:4c:1a:b6:7f:14:4f:18:85:41:88:47:c0:20:b3:10:7b:f9:
7c:de:14:2c:6f:5a:ee:e4:fa:3a:79:eb:83:2d:0d:09:d8:43:
89:8f:23:a0:f5:55:99:41:8a:0a:b2:ce:ac:63:e0:93:1b:04:
2b:a6:e2:43:6c:4d:87:17:9e:ca:60:b9:76:8f:bd:f7:6d:ca:
24:48:7e:54:36:62:4b:3d:5d:67:8c:ab:38:65:30:d5:06:29:
cf:6b:bf:27
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFADiXmkzAWGWirT7F/hR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzVkN2E4YmFjMDQ3N2Y1NTA5ZGZmMTFiOTE5NWNhNjBk
Zjg3ZGEwHhcNMjQwMTAxMTIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFiNDA2MzA5MWQwYTQ4ZDEyYzg3NTg1NTM5ZjQ4ODZlNGU3YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIXaKcjYHfz9yTTivIlDIECqYLDa
2HBuokUEsoO4hbuIb861AEU3twKXppKnT5a49ThClKMcao3LvZbqX1HmNZT8cnMC
inMpMCK2x+dJzNxOZuSHKOW62mqTUaqmuAbx7dnWzHVgKeq8eP5AdBIU6oE8cJRJ
pLZupmvvc7K2TtE28cUmgFvE3IClKKV8GA5fo98lVJsGVCg2bJZ6JFCCMca6geKI
qkTIVm5CyrYAQnBip/wxFyhSA0N6Gy2FiyZ7OPLe9MbfFl1oYeSQjUHfLG4g2QKM
ioMzVaqneh9FEmIhaYJIjFQXJcNYsphvu5uJp0drClFrgsKSeyyai+i7UQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFMbQGMJHQpI0SyHWFU59IhuTnw0MB8GA1UdIwQY
MBaAFNJ116i6wEd/VQnf8RuRlcpg34faMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQt
NTY1YjE0NDcwMzdiLzEvVXh0QVl3a2RDa2pSTElkWVZUbjBpRzVPZkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQtNTY1YjE0NDcwMzdi
LzEvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFbh7ID
BAJbh7gDBAFbh74wDQYJKoZIhvcNAQELBQADggEBAFKbIne0fSaF54vbcPXjGbGK
j0XBJ0EBrkjE587rb52KngiiCgAvJU6YbNMO+vEmmOSe7pOzxrBIbSBI+0Ska6gQ
X1CKEJ1TBhCTpXSZNVk47QrdoU2i2a0Pm00SCC3BPN7TxzP09bzCkwCzmZ3y1I0w
PWsW0f1Dma05G02tgtLF9z6cdGfxGCArjSstKw1r00B+ffbECTj7B0IBGJr1wVnl
S0tMGrZ/FE8YhUGIR8AgsxB7+XzeFCxvWu7k+jp564MtDQnYQ4mPI6D1VZlBigqy
zqxj4JMbBCum4kNsTYcXnspguXaPvfdtyiRIflQ2Yks9XWeMqzhlMNUGKc9rvyc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:15 2025 by rpki-client