Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/aUL-KwxJs48qxZuNSqoACOmCIKg.roa
File: aUL-KwxJs48qxZuNSqoACOmCIKg.roa (raw, json)
Hash identifier: UobfjE6clIgV8sU6s1cuREJGPA1J1FohpvaXLGW0uNs=
Subject key identifier: 69:42:FE:2B:0C:49:B3:8F:2A:C5:9B:8D:4A:AA:00:08:E9:82:20:A8
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 018CC500E65EEC9A4BDE17ECFB491121B8DB
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/aUL-KwxJs48qxZuNSqoACOmCIKg.roa
Signing time: Mon 01 Jan 2024 12:30:19 +0000
ROA not before: Mon 01 Jan 2024 12:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25160
IP address blocks: 185.120.204.0/22 maxlen: 24
158.41.64.0/18 maxlen: 24
193.221.128.0/19 maxlen: 24
165.65.0.0/16 maxlen: 24
206.245.208.0/20 maxlen: 24
206.245.224.0/19 maxlen: 24
91.238.221.0/24 maxlen: 24
185.237.48.0/22 maxlen: 24
185.28.240.0/22 maxlen: 24
144.98.0.0/16 maxlen: 24
82.163.192.0/19 maxlen: 24
193.0.176.0/23 maxlen: 24
5.10.144.0/20 maxlen: 24
194.8.254.0/23 maxlen: 24
2a00:e346::/32 maxlen: 48
2a00:e347::/32 maxlen: 48
2a00:e345::/32 maxlen: 48
2a00:e340::/29 maxlen: 48
2a00:e342::/32 maxlen: 48
2a00:e340:3::/48 maxlen: 48
2a00:e341::/32 maxlen: 48
2a00:e344::/32 maxlen: 48
2a00:e344:3f00::/48 maxlen: 48
2a00:e340::/32 maxlen: 48
2a00:e343::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jul 2024 15:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e6:5e:ec:9a:4b:de:17:ec:fb:49:11:21:b8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Jan 1 12:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6942fe2b0c49b38f2ac59b8d4aaa0008e98220a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2f:d2:b6:96:93:fa:61:05:50:ca:e7:d4:df:
21:a2:ea:3b:9c:28:be:ef:44:86:b4:47:38:1f:a3:
8d:46:41:fc:60:da:7d:8d:b3:6c:e8:b0:7c:9a:0d:
d0:ff:07:9a:a5:48:3c:a5:61:58:d9:be:76:93:cc:
88:dc:2d:77:a3:5b:de:67:30:c5:2d:af:aa:d1:8e:
66:77:ba:88:68:93:30:76:1b:30:71:dc:fa:ff:74:
90:a4:29:d1:26:bd:0d:da:2e:7a:93:c9:cd:14:12:
65:2e:d4:4c:96:8e:3e:f9:91:f4:17:a4:3b:2a:4c:
32:e3:38:e2:5d:c6:a3:1f:d7:94:dd:7c:bb:b2:63:
eb:82:9a:f6:1b:34:07:de:67:05:47:df:a8:9c:61:
77:14:7f:cc:ce:ab:c4:16:37:3b:a6:97:0d:60:80:
c2:95:e2:89:8b:47:a5:40:01:7e:b5:e4:1e:dd:43:
7a:47:4d:68:4e:d8:eb:fd:76:92:4b:ed:84:69:d9:
31:23:44:e0:9a:61:3a:4b:f6:57:32:cf:bf:a0:62:
43:0e:68:01:8c:db:df:1d:2e:c0:d0:22:d4:fc:20:
ba:fc:36:1b:0e:c0:82:d6:50:63:f2:f1:0b:aa:ba:
3c:27:0b:ae:7a:ac:86:7d:1c:b9:61:92:62:cd:c6:
0a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:42:FE:2B:0C:49:B3:8F:2A:C5:9B:8D:4A:AA:00:08:E9:82:20:A8
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/aUL-KwxJs48qxZuNSqoACOmCIKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
82.163.192.0/19
91.238.221.0/24
144.98.0.0/16
158.41.64.0/18
165.65.0.0/16
185.28.240.0/22
185.120.204.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
206.245.208.0-206.245.255.255
IPv6:
2a00:e340::/29
Signature Algorithm: sha256WithRSAEncryption
5e:7e:69:f8:60:38:04:03:7c:21:4c:e6:1d:96:fa:ae:27:17:
60:4c:8e:41:88:03:32:74:e4:90:40:4e:25:e9:f5:c0:40:8a:
17:6b:b1:2b:71:95:59:be:05:34:e6:c0:fd:64:74:8f:cd:93:
b3:e1:1a:58:38:68:7d:b7:9e:fd:c6:41:91:1b:15:69:96:e5:
08:c8:fa:04:d8:54:7e:21:30:1d:e1:db:5d:66:70:e7:97:80:
81:15:31:40:3d:4a:37:6a:14:2e:76:b9:fe:52:fe:3a:1d:72:
a5:7b:1e:79:e0:db:b0:f6:92:5a:e1:d0:b7:bd:ea:47:7e:36:
34:0d:a0:24:b5:f0:7c:4a:21:f5:05:07:22:34:0e:87:35:88:
14:79:6c:bd:71:2c:d6:ba:1b:00:db:f9:fb:a3:19:c9:2e:d7:
eb:20:55:92:73:d8:f3:dd:79:d6:9a:26:28:d3:ed:bf:fd:c4:
82:c6:fc:2a:0c:31:9f:05:e8:f5:6e:f3:70:1a:b7:b8:70:61:
08:f8:c3:04:e8:c2:92:b9:ab:7c:3c:06:7d:af:bf:0f:2c:8d:
14:fc:41:3a:a7:f2:03:a5:4e:ae:89:0b:bb:55:5f:f2:17:02:
b2:f9:b5:57:79:79:08:d5:93:84:9e:c2:1d:ee:fa:19:b4:a6:
80:71:f6:18
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYzFAOZe7JpL3hfs+0kRIbjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjQwMTAxMTIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTQyZmUyYjBjNDliMzhmMmFjNTliOGQ0YWFhMDAwOGU5ODIyMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS/StpaT+mEFUMrn1N8houo7nCi+
70SGtEc4H6ONRkH8YNp9jbNs6LB8mg3Q/weapUg8pWFY2b52k8yI3C13o1veZzDF
La+q0Y5md7qIaJMwdhswcdz6/3SQpCnRJr0N2i56k8nNFBJlLtRMlo4++ZH0F6Q7
Kkwy4zjiXcajH9eU3Xy7smPrgpr2GzQH3mcFR9+onGF3FH/MzqvEFjc7ppcNYIDC
leKJi0elQAF+teQe3UN6R01oTtjr/XaSS+2EadkxI0TgmmE6S/ZXMs+/oGJDDmgB
jNvfHS7A0CLU/CC6/DYbDsCC1lBj8vELqro8JwuueqyGfRy5YZJizcYKCwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFGlC/isMSbOPKsWbjUqqAAjpgiCoMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvYVVMLUt3eEpzNDhxeFp1TlNxb0FDT21DSUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBZBAIAATBTAwQEBQqQAwQF
UqPAAwQAW+7dAwMAkGIDBAaeKUADAwClQQMEArkc8AMEArl4zAMEArntMAMEAcEA
sAMEBcHdgAMEAcII/jALAwQEzvXQAwMBzvQwDQQCAAIwBwMFAyoA40AwDQYJKoZI
hvcNAQELBQADggEBAF5+afhgOAQDfCFM5h2W+q4nF2BMjkGIAzJ05JBATiXp9cBA
ihdrsStxlVm+BTTmwP1kdI/Nk7PhGlg4aH23nv3GQZEbFWmW5QjI+gTYVH4hMB3h
211mcOeXgIEVMUA9SjdqFC52uf5S/jodcqV7Hnng27D2klrh0Le96kd+NjQNoCS1
8HxKIfUFByI0Doc1iBR5bL1xLNa6GwDb+fujGcku1+sgVZJz2PPdedaaJijT7b/9
xILG/CoMMZ8F6PVu83Aat7hwYQj4wwTowpK5q3w8Bn2vvw8sjRT8QTqn8gOlTq6J
C7tVX/IXArL5tVd5eQjVk4Sewh3u+hm0poBx9hg=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:59:32 2025 by rpki-client