Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/Ujn208E_fAGVGgafzPbI924tp1A.roa
File: Ujn208E_fAGVGgafzPbI924tp1A.roa (raw, json)
Hash identifier: OjQ9JtPny8HUBHucMsGNkbecOetPNIbrxe5kxKLw9e0=
Subject key identifier: 52:39:F6:D3:C1:3F:7C:01:95:1A:06:9F:CC:F6:C8:F7:6E:2D:A7:50
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 019428236591F6E401B058B73F7C31415914
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/Ujn208E_fAGVGgafzPbI924tp1A.roa
Signing time: Thu 02 Jan 2025 17:49:55 +0000
ROA not before: Thu 02 Jan 2025 17:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8903
IP address blocks: 77.72.104.0/21 maxlen: 24
84.18.0.0/19 maxlen: 24
92.60.160.0/20 maxlen: 24
176.98.220.0/22 maxlen: 24
185.66.60.0/22 maxlen: 24
185.145.224.0/22 maxlen: 24
185.155.64.0/22 maxlen: 24
185.173.44.0/22 maxlen: 24
185.187.180.0/22 maxlen: 24
185.224.76.0/22 maxlen: 24
193.34.240.0/22 maxlen: 24
195.5.64.0/19 maxlen: 24
212.49.128.0/18 maxlen: 24
212.49.189.0/24 maxlen: 24
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 23
212.66.163.0/24 maxlen: 24
212.66.164.0/22 maxlen: 22
212.66.168.0/21 maxlen: 21
212.66.176.0/20 maxlen: 24
212.163.0.0/16 maxlen: 24
213.9.128.0/17 maxlen: 24
213.192.192.0/18 maxlen: 24
213.192.193.0/24 maxlen: 24
213.192.195.0/24 maxlen: 24
213.192.200.0/22 maxlen: 22
213.192.203.0/24 maxlen: 24
213.192.206.0/23 maxlen: 23
213.192.212.0/22 maxlen: 22
213.192.213.0/24 maxlen: 24
213.192.216.0/21 maxlen: 21
213.192.224.0/22 maxlen: 22
213.192.228.0/23 maxlen: 23
213.192.232.0/22 maxlen: 22
213.192.238.0/24 maxlen: 24
213.192.239.0/24 maxlen: 24
213.192.240.0/24 maxlen: 24
213.192.241.0/24 maxlen: 24
213.192.242.0/23 maxlen: 23
213.192.244.0/23 maxlen: 23
213.192.246.0/24 maxlen: 24
213.192.247.0/24 maxlen: 24
213.192.248.0/21 maxlen: 21
213.192.249.0/24 maxlen: 24
213.192.251.0/24 maxlen: 24
213.192.252.0/23 maxlen: 23
213.192.253.0/24 maxlen: 24
213.192.254.0/24 maxlen: 24
213.192.255.0/24 maxlen: 24
2001:ac0::/29 maxlen: 29
2001:ac0::/32 maxlen: 48
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
2a0d:59c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 Jan 2025 17:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:65:91:f6:e4:01:b0:58:b7:3f:7c:31:41:59:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Jan 2 17:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5239f6d3c13f7c01951a069fccf6c8f76e2da750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8b:30:97:11:cc:02:6e:96:48:6a:af:d0:06:
a1:db:77:11:ef:4e:df:39:9c:9c:ac:a6:1d:87:3c:
4a:d5:b1:fc:5d:e1:ca:a6:26:bf:6e:c4:70:93:ae:
aa:09:ac:f5:52:89:06:78:86:aa:0a:ac:57:6e:c4:
01:5d:7c:94:2a:69:d0:c5:e3:9b:60:ad:11:3a:9c:
e6:7f:f8:14:ed:0b:b0:a6:f0:3a:9a:4d:fb:25:00:
ee:8d:23:ef:a2:03:26:3b:38:2a:30:84:11:da:31:
31:37:7c:99:a7:4e:00:93:27:14:33:06:99:a6:b7:
f6:f5:90:e9:2c:bf:01:f8:d8:ca:5e:4d:84:ad:68:
25:de:ac:9e:f9:99:1b:16:36:3b:68:81:2f:4d:5c:
fd:bc:b1:35:84:d8:c8:4f:09:7f:c7:da:62:c7:1a:
c8:fd:e4:63:14:c5:1c:aa:4a:cb:69:79:dc:65:67:
2d:39:7c:bb:27:ac:2f:29:5f:98:5c:33:b7:7a:6e:
67:3a:39:27:8f:94:7c:9b:13:86:b8:63:99:6d:59:
b2:8e:99:45:cb:47:20:08:cf:74:52:d6:5c:96:8b:
02:57:32:3b:63:a2:9b:df:b4:7e:15:d2:54:84:6e:
16:c1:8b:27:04:cf:69:3f:df:ba:77:0f:a2:da:0a:
b3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:39:F6:D3:C1:3F:7C:01:95:1A:06:9F:CC:F6:C8:F7:6E:2D:A7:50
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/Ujn208E_fAGVGgafzPbI924tp1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.104.0/21
84.18.0.0/19
92.60.160.0/20
176.98.220.0/22
185.66.60.0/22
185.145.224.0/22
185.155.64.0/22
185.173.44.0/22
185.187.180.0/22
185.224.76.0/22
193.34.240.0/22
195.5.64.0/19
212.49.128.0/18
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/29
2a0d:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:0c:87:ac:a0:76:72:e5:e3:34:5c:a3:4b:cb:63:65:28:4a:
32:9d:ee:32:03:33:87:48:1c:42:21:9b:7c:16:89:3e:0f:4b:
f0:19:d1:7a:c2:e9:bb:48:07:8d:75:f2:47:51:46:f8:c4:e2:
5e:9b:ca:d9:e6:0c:29:e9:d5:01:d0:c1:31:1b:39:4f:7d:52:
df:ff:c5:c2:50:7e:25:45:77:99:69:97:98:3a:81:78:c6:32:
5b:a3:fa:f0:7f:9e:a4:3d:5d:ef:42:5f:43:48:46:63:73:cc:
cc:f9:f8:80:cc:54:91:6b:a2:b9:00:b0:af:74:70:6e:81:c0:
94:fe:c9:51:a7:3f:0c:f5:be:6d:9d:6d:5d:f2:c4:22:6d:bf:
68:a1:94:b8:80:1c:c7:42:ec:de:a9:df:9f:15:76:3a:ca:c2:
c9:13:20:f3:1d:d0:33:e3:c4:22:bc:fe:e1:a3:2d:12:b4:2b:
c2:b5:19:0f:e6:2f:fa:a2:53:a9:f9:42:94:22:97:4e:33:29:
25:6d:35:0b:c2:10:2f:05:11:4e:c9:cc:0f:1b:8b:69:7f:e6:
4a:5d:cb:9b:e3:a5:c2:75:32:e7:a3:83:dc:44:11:5c:ad:ec:
5b:ef:3b:6d:7e:1c:b5:92:12:92:7b:38:67:88:b1:fa:3c:33:
d2:64:10:69
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZQoI2WR9uQBsFi3P3wxQVkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjUwMTAyMTc0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjM5ZjZkM2MxM2Y3YzAxOTUxYTA2OWZjY2Y2YzhmNzZlMmRhNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYswlxHMAm6WSGqv0Aah23cR707f
OZycrKYdhzxK1bH8XeHKpia/bsRwk66qCaz1UokGeIaqCqxXbsQBXXyUKmnQxeOb
YK0ROpzmf/gU7QuwpvA6mk37JQDujSPvogMmOzgqMIQR2jExN3yZp04AkycUMwaZ
prf29ZDpLL8B+NjKXk2ErWgl3qye+ZkbFjY7aIEvTVz9vLE1hNjITwl/x9pixxrI
/eRjFMUcqkrLaXncZWctOXy7J6wvKV+YXDO3em5nOjknj5R8mxOGuGOZbVmyjplF
y0cgCM90UtZclosCVzI7Y6Kb37R+FdJUhG4WwYsnBM9pP9+6dw+i2gqziQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFFI59tPBP3wBlRoGn8z2yPduLadQMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvVWpuMjA4RV9mQUdWR2dhZnpQYkk5MjR0cDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBzBAIAATBtAwQDTUho
AwQFVBIAAwQEXDygAwQCsGLcAwQCuUI8AwQCuZHgAwQCuZtAAwQCua0sAwQCubu0
AwQCueBMAwQCwSLwAwQFwwVAAwQG1DGAMAwDBADUQqEDBAbUQoADAwDUowMEB9UJ
gAMEBtXAwDAUBAIAAjAOAwUDIAEKwAMFAyoNWcAwDQYJKoZIhvcNAQELBQADggEB
AKkMh6ygdnLl4zRco0vLY2UoSjKd7jIDM4dIHEIhm3wWiT4PS/AZ0XrC6btIB411
8kdRRvjE4l6bytnmDCnp1QHQwTEbOU99Ut//xcJQfiVFd5lpl5g6gXjGMluj+vB/
nqQ9Xe9CX0NIRmNzzMz5+IDMVJFrorkAsK90cG6BwJT+yVGnPwz1vm2dbV3yxCJt
v2ihlLiAHMdC7N6p358VdjrKwskTIPMd0DPjxCK8/uGjLRK0K8K1GQ/mL/qiU6n5
QpQil04zKSVtNQvCEC8FEU7JzA8bi2l/5kpdy5vjpcJ1Muejg9xEEVyt7FvvO21+
HLWSEpJ7OGeIsfo8M9JkEGk=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:13:09 2025 by rpki-client