Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/5CYUkRPxeinx_UinqFZhj8RAiuA.roa
File: 5CYUkRPxeinx_UinqFZhj8RAiuA.roa (raw, json)
Hash identifier: hZ0jWCtg1r4Cp+zUj+7qnMWlMWLyC/IAaxpvvCKJcGs=
Subject key identifier: E4:26:14:91:13:F1:7A:29:F1:FD:48:A7:A8:56:61:8F:C4:40:8A:E0
Certificate issuer: /CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Certificate serial: 01921DAC10E19E89C06D4C197DA7BE52C761
Authority key identifier: 50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/5CYUkRPxeinx_UinqFZhj8RAiuA.roa
Signing time: Mon 23 Sep 2024 06:57:48 +0000
ROA not before: Mon 23 Sep 2024 06:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41722
IP address blocks: 91.142.80.0/24 maxlen: 24
91.142.81.0/24 maxlen: 24
91.142.82.0/24 maxlen: 24
91.142.83.0/24 maxlen: 24
91.142.84.0/24 maxlen: 24
91.142.85.0/24 maxlen: 24
91.142.86.0/24 maxlen: 24
91.142.87.0/24 maxlen: 24
91.142.88.0/24 maxlen: 24
91.142.89.0/24 maxlen: 24
91.142.90.0/24 maxlen: 24
91.142.91.0/24 maxlen: 24
91.142.92.0/24 maxlen: 24
91.142.93.0/24 maxlen: 24
91.142.94.0/24 maxlen: 24
91.142.95.0/24 maxlen: 24
178.249.68.0/24 maxlen: 24
178.249.69.0/24 maxlen: 24
178.249.70.0/24 maxlen: 24
178.249.71.0/24 maxlen: 24
178.250.152.0/24 maxlen: 24
178.250.153.0/24 maxlen: 24
178.250.154.0/24 maxlen: 24
178.250.155.0/24 maxlen: 24
185.53.20.0/24 maxlen: 24
185.53.21.0/24 maxlen: 24
185.53.22.0/24 maxlen: 24
185.53.23.0/24 maxlen: 24
185.73.212.0/24 maxlen: 24
185.73.213.0/24 maxlen: 24
185.73.214.0/24 maxlen: 24
185.73.215.0/24 maxlen: 24
185.147.80.0/24 maxlen: 24
185.147.81.0/24 maxlen: 24
185.147.82.0/24 maxlen: 24
185.147.83.0/24 maxlen: 24
185.162.92.0/24 maxlen: 24
185.162.93.0/24 maxlen: 24
185.162.94.0/23 maxlen: 23
185.162.94.0/24 maxlen: 24
185.162.95.0/24 maxlen: 24
185.174.165.0/24 maxlen: 24
185.174.166.0/24 maxlen: 24
185.174.167.0/24 maxlen: 24
2a03:21c0::/32 maxlen: 32
2a07:a500::/32 maxlen: 32
2a07:a501::/32 maxlen: 32
2a07:a502::/32 maxlen: 32
2a07:a503::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Sep 2024 12:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1d:ac:10:e1:9e:89:c0:6d:4c:19:7d:a7:be:52:c7:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Validity
Not Before: Sep 23 06:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e426149113f17a29f1fd48a7a856618fc4408ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f4:06:30:14:71:7f:16:04:ca:64:49:ac:5b:
eb:c8:e3:28:8a:e1:14:73:a6:32:72:b6:ed:67:a3:
26:ff:03:4b:af:0f:59:5c:22:32:aa:90:bc:f1:82:
14:15:dd:99:52:65:fe:e8:c5:b0:fe:f7:94:f6:a0:
97:64:10:02:50:b6:4b:70:f6:5f:e2:66:20:9b:36:
e8:d4:45:ab:ec:df:9a:3f:39:bb:5b:c2:ac:a4:cd:
03:c9:d3:8a:a6:65:63:ce:6d:d4:e4:5f:f9:23:dc:
45:fa:10:86:d4:aa:cb:69:b2:e8:14:da:cc:fe:e2:
4e:98:90:63:2a:f4:72:4e:6a:e7:e5:eb:a1:4b:e8:
35:47:59:d8:2e:8b:fd:d6:59:56:2b:7f:dc:a3:4b:
fe:ef:10:b4:a7:a9:ad:93:72:39:0e:92:88:10:6c:
0b:6c:f9:ee:21:ec:3f:2b:a6:d3:d4:f5:44:49:66:
ec:40:a1:b7:d1:fe:b0:13:82:53:61:22:53:46:04:
0e:83:7d:ca:b4:99:1f:a7:a4:9c:36:69:c5:3d:63:
35:48:30:e6:04:17:ef:de:dc:bc:c2:00:4e:8f:17:
e0:ab:57:20:e2:68:c4:a3:a3:d5:d8:c1:01:b3:85:
b4:8c:ac:09:9c:c0:64:4b:53:8f:48:a6:13:b5:4e:
28:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:26:14:91:13:F1:7A:29:F1:FD:48:A7:A8:56:61:8F:C4:40:8A:E0
X509v3 Authority Key Identifier:
keyid:50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/5CYUkRPxeinx_UinqFZhj8RAiuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/UPLWshZg-tH2Di350L18bM-VwxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.80.0/20
178.249.68.0/22
178.250.152.0/22
185.53.20.0/22
185.73.212.0/22
185.147.80.0/22
185.162.92.0/22
185.174.165.0-185.174.167.255
IPv6:
2a03:21c0::/32
2a07:a500::/30
Signature Algorithm: sha256WithRSAEncryption
98:0a:f8:b4:88:2b:fd:95:90:ac:59:ea:a3:4e:fb:e8:01:d4:
74:82:3c:d6:20:1c:51:80:b0:5d:53:59:67:88:cb:d6:a7:ae:
71:2e:ea:6f:1d:61:18:d0:32:37:58:66:a4:f4:72:e8:df:04:
eb:80:34:82:66:2c:fe:df:b3:a8:aa:92:ac:6a:c2:2d:62:55:
e7:33:f6:d1:97:43:f3:e1:49:e5:1b:be:ce:6c:88:a7:e8:a1:
88:57:aa:89:b1:98:32:37:e8:5b:9a:a5:0f:0b:17:55:50:46:
c9:89:da:77:29:25:e8:0a:47:97:bf:f2:88:5e:e7:97:b0:17:
97:8c:25:2b:96:60:ce:43:01:a4:2b:f9:4e:97:0a:c2:ba:73:
7b:a2:2c:a4:d3:15:ca:34:06:1e:37:b2:af:d7:79:38:11:df:
83:c7:9a:ae:3e:63:7a:1a:4e:04:cc:36:8b:58:3b:8d:d1:a5:
29:88:7c:56:fb:98:ee:07:fc:4f:2e:89:00:0e:7f:df:65:80:
ac:7d:78:cc:d2:e5:f5:b9:8e:d0:09:fd:af:80:46:63:0d:0c:
01:b6:b3:cb:c6:f9:5c:89:9d:ca:bb:9b:7e:02:15:4e:96:6f:
37:83:80:f6:42:ea:8e:e7:11:ad:0e:81:1f:b0:5c:77:cf:a5:
af:55:9f:a1
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZIdrBDhnonAbUwZfae+UsdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjJkNmIyMTY2MGZhZDFmNjBlMmRmOWQwYmQ3YzZjY2Y5
NWMzMTEwHhcNMjQwOTIzMDY1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDI2MTQ5MTEzZjE3YTI5ZjFmZDQ4YTdhODU2NjE4ZmM0NDA4YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PQGMBRxfxYEymRJrFvryOMoiuEU
c6YycrbtZ6Mm/wNLrw9ZXCIyqpC88YIUFd2ZUmX+6MWw/veU9qCXZBACULZLcPZf
4mYgmzbo1EWr7N+aPzm7W8KspM0DydOKpmVjzm3U5F/5I9xF+hCG1KrLabLoFNrM
/uJOmJBjKvRyTmrn5euhS+g1R1nYLov91llWK3/co0v+7xC0p6mtk3I5DpKIEGwL
bPnuIew/K6bT1PVESWbsQKG30f6wE4JTYSJTRgQOg33KtJkfp6ScNmnFPWM1SDDm
BBfv3ty8wgBOjxfgq1cg4mjEo6PV2MEBs4W0jKwJnMBkS1OPSKYTtU4obwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFOQmFJET8Xop8f1Ip6hWYY/EQIrgMB8GA1UdIwQY
MBaAFFDy1rIWYPrR9g4t+dC9fGzPlcMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYt
YWIzZGQ1ZGM2NzA5LzEvNUNZVWtSUHhlaW54X1VpbnFGWmhqOFJBaXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYtYWIzZGQ1ZGM2NzA5
LzEvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQEW45QAwQC
svlEAwQCsvqYAwQCuTUUAwQCuUnUAwQCuZNQAwQCuaJcMAwDBAC5rqUDBAO5rqAw
FAQCAAIwDgMFACoDIcADBQIqB6UAMA0GCSqGSIb3DQEBCwUAA4IBAQCYCvi0iCv9
lZCsWeqjTvvoAdR0gjzWIBxRgLBdU1lniMvWp65xLupvHWEY0DI3WGak9HLo3wTr
gDSCZiz+37OoqpKsasItYlXnM/bRl0Pz4UnlG77ObIin6KGIV6qJsZgyN+hbmqUP
CxdVUEbJidp3KSXoCkeXv/KIXueXsBeXjCUrlmDOQwGkK/lOlwrCunN7oiyk0xXK
NAYeN7Kv13k4Ed+Dx5quPmN6Gk4EzDaLWDuN0aUpiHxW+5juB/xPLokADn/fZYCs
fXjM0uX1uY7QCf2vgEZjDQwBtrPLxvlciZ3Ku5t+AhVOlm83g4D2QuqO5xGtDoEf
sFx3z6WvVZ+h
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:49:58 2025 by rpki-client