Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UhE3-Gayrt91PjRl5i7jwgbTmKA.roa
File: UhE3-Gayrt91PjRl5i7jwgbTmKA.roa (raw, json)
Hash identifier: 9aZDbWtKllRn1z0ixivXpLO8SOYRbYMp+7GVmqOLvG0=
Subject key identifier: 52:11:37:F8:66:B2:AE:DF:75:3E:34:65:E6:2E:E3:C2:06:D3:98:A0
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 0191F585711E739A5F4A0BE7FF5635CEB692
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UhE3-Gayrt91PjRl5i7jwgbTmKA.roa
Signing time: Sun 15 Sep 2024 11:50:48 +0000
ROA not before: Sun 15 Sep 2024 11:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 91.216.138.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
119.13.224.0/20 maxlen: 20
134.199.64.0/19 maxlen: 19
136.227.160.0/19 maxlen: 19
193.37.136.0/24 maxlen: 24
193.105.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Sep 2024 14:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f5:85:71:1e:73:9a:5f:4a:0b:e7:ff:56:35:ce:b6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Sep 15 11:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=521137f866b2aedf753e3465e62ee3c206d398a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0b:d9:da:51:88:f7:92:cb:4f:b5:9e:83:ab:
b4:27:48:a9:2e:29:4d:53:c3:08:26:ba:4e:92:11:
58:f9:80:a9:77:29:93:da:fd:ce:45:33:16:b5:0f:
c8:03:e7:a3:c7:97:28:71:2c:04:ce:b6:58:68:c7:
df:24:8d:19:e4:e0:16:7e:54:fb:03:a8:c2:55:0d:
e2:83:79:87:7d:30:a5:3e:d1:f7:70:ea:6a:00:df:
37:04:f5:a0:bb:3a:9f:8e:2d:49:33:ce:1a:42:9f:
4f:f5:ad:b1:27:c2:76:c8:5b:11:ca:49:d4:44:a1:
ac:6b:ed:9e:76:0c:68:9f:f9:f0:9c:1e:c7:88:28:
8f:6a:c0:ee:f2:c2:a8:fb:8f:5b:d3:a2:d4:ae:d1:
19:94:6f:48:ab:90:ef:f6:f2:5e:60:1a:20:34:d4:
99:b6:d0:61:1d:9f:6a:69:25:09:56:57:4d:87:da:
32:08:5c:7a:f3:20:42:e5:ec:da:4d:8a:b7:06:3e:
87:3d:28:98:ff:f7:1b:6c:2c:8b:72:1b:05:a1:e2:
25:ee:e6:fd:f8:66:53:f2:ef:bd:42:e9:d9:d9:da:
d0:ee:5a:ce:06:86:64:71:ff:df:ee:57:f6:97:14:
b7:76:a9:09:51:67:a9:2b:a8:98:c0:c7:fd:7f:2b:
cc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:11:37:F8:66:B2:AE:DF:75:3E:34:65:E6:2E:E3:C2:06:D3:98:A0
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UhE3-Gayrt91PjRl5i7jwgbTmKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.138.0/24
91.229.228.0/24
93.180.208.0/22
119.13.224.0/20
134.199.64.0/19
136.227.160.0/19
193.37.136.0/24
193.105.176.0/24
Signature Algorithm: sha256WithRSAEncryption
68:64:93:53:93:f0:0b:65:65:07:8d:3a:4e:4a:26:ca:3d:85:
28:b8:95:30:de:a4:62:61:74:c5:b7:00:b3:df:ba:a7:be:62:
74:26:c2:ee:a9:3d:ba:4c:c5:45:c7:b5:4d:20:bf:67:bc:bd:
65:9a:7b:57:b7:a8:c8:dd:32:47:6b:f6:43:07:f9:87:5a:c6:
9c:fb:2e:b9:6a:ed:57:e3:d4:ff:ae:c8:dc:22:a9:12:8b:c3:
4c:4a:a5:57:66:78:42:16:77:b9:ba:85:32:1a:ca:61:85:e7:
2c:40:f9:e3:44:da:1d:ac:ec:77:36:5d:0a:57:32:b3:ae:69:
ab:77:1d:c6:67:af:3c:d0:79:3b:7e:e2:53:72:cb:71:8f:6e:
e5:1e:7a:f3:8a:98:bd:1a:2a:e6:2b:d6:48:a1:61:e2:bd:5a:
52:ec:a9:c8:bf:02:16:d4:a1:0a:c0:6d:71:de:e0:d2:22:f5:
a8:c7:f2:5a:24:54:a1:5e:e8:e9:e8:ee:16:65:c0:28:88:96:
d3:55:ac:09:a9:5d:05:3d:74:61:77:8f:2b:48:96:b4:bc:3d:
67:f6:e6:bf:59:e4:cd:08:86:f2:60:00:af:11:5f:d2:cb:b5:
48:b9:34:32:84:66:95:29:63:30:35:60:82:fa:9d:28:fd:fa:
79:77:c8:d8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZH1hXEec5pfSgvn/1Y1zraSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjQwOTE1MTE1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjExMzdmODY2YjJhZWRmNzUzZTM0NjVlNjJlZTNjMjA2ZDM5OGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAvZ2lGI95LLT7Weg6u0J0ipLilN
U8MIJrpOkhFY+YCpdymT2v3ORTMWtQ/IA+ejx5cocSwEzrZYaMffJI0Z5OAWflT7
A6jCVQ3ig3mHfTClPtH3cOpqAN83BPWguzqfji1JM84aQp9P9a2xJ8J2yFsRyknU
RKGsa+2edgxon/nwnB7HiCiPasDu8sKo+49b06LUrtEZlG9Iq5Dv9vJeYBogNNSZ
ttBhHZ9qaSUJVldNh9oyCFx68yBC5ezaTYq3Bj6HPSiY//cbbCyLchsFoeIl7ub9
+GZT8u+9QunZ2drQ7lrOBoZkcf/f7lf2lxS3dqkJUWepK6iYwMf9fyvMdwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFIRN/hmsq7fdT40ZeYu48IG05igMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvVWhFMy1HYXlydDkxUGpSbDVpN2p3Z2JUbUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAW9iKAwQA
W+XkAwQCXbTQAwQEdw3gAwQFhsdAAwQFiOOgAwQAwSWIAwQAwWmwMA0GCSqGSIb3
DQEBCwUAA4IBAQBoZJNTk/ALZWUHjTpOSibKPYUouJUw3qRiYXTFtwCz37qnvmJ0
JsLuqT26TMVFx7VNIL9nvL1lmntXt6jI3TJHa/ZDB/mHWsac+y65au1X49T/rsjc
IqkSi8NMSqVXZnhCFne5uoUyGsphhecsQPnjRNodrOx3Nl0KVzKzrmmrdx3GZ688
0Hk7fuJTcstxj27lHnrzipi9GirmK9ZIoWHivVpS7KnIvwIW1KEKwG1x3uDSIvWo
x/JaJFShXujp6O4WZcAoiJbTVawJqV0FPXRhd48rSJa0vD1n9ua/WeTNCIbyYACv
EV/Sy7VIuTQyhGaVKWMwNWCC+p0o/fp5d8jY
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:28:41 2025 by rpki-client