Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UQH5oubdvSPYmjgxP-bR533pDto.roa
File: UQH5oubdvSPYmjgxP-bR533pDto.roa (raw, json)
Hash identifier: l5IMGAuzQDbh3H3EAbIuVvoL+FQn2F/HG0FPf0zBjRc=
Subject key identifier: 51:01:F9:A2:E6:DD:BD:23:D8:9A:38:31:3F:E6:D1:E7:7D:E9:0E:DA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0193A5ADAB33058CB39C227BDC813B207E53
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UQH5oubdvSPYmjgxP-bR533pDto.roa
Signing time: Sun 08 Dec 2024 09:50:42 +0000
ROA not before: Sun 08 Dec 2024 09:50:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.202.192.0/24 maxlen: 24
37.202.203.0/24 maxlen: 24
37.202.204.0/24 maxlen: 24
37.202.205.0/24 maxlen: 24
37.202.206.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 10:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a5:ad:ab:33:05:8c:b3:9c:22:7b:dc:81:3b:20:7e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Dec 8 09:50:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5101f9a2e6ddbd23d89a38313fe6d1e77de90eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e4:dc:0e:e3:f5:fb:e7:f0:87:b4:a7:02:b4:
07:72:8d:62:ae:70:b4:d6:25:50:00:d2:47:21:70:
ca:1b:b6:78:55:e9:01:f9:0e:d1:12:61:08:b7:c1:
af:40:54:5f:4d:3c:a2:a4:1f:b3:b4:d2:4f:af:87:
40:82:49:f8:88:77:b2:14:ca:65:91:e9:73:73:95:
5d:f3:37:d1:c6:be:e1:79:1c:23:92:b9:73:d0:27:
3f:f5:27:27:3b:16:b9:81:f1:3a:6d:8d:c2:13:0f:
4d:8e:fb:70:1d:e9:2e:f9:df:93:61:df:49:19:47:
fb:f8:98:09:87:9e:34:7a:1d:99:be:c9:41:5b:7d:
92:78:c0:91:2f:1e:17:8e:0a:5a:0e:28:b7:57:01:
25:71:0b:60:2b:ef:7c:75:d5:61:52:7b:ba:c1:3b:
b9:16:05:c1:ca:82:f3:f2:27:9b:98:24:76:e3:da:
4d:64:b7:14:60:d2:36:c8:7e:29:8f:7b:2b:22:11:
34:4f:93:7d:cc:92:4e:66:c9:5f:b6:76:df:df:a9:
bb:40:ff:58:75:6e:4c:e1:cf:95:b6:14:04:0c:b6:
03:ed:34:c0:f3:0c:66:a5:ec:f4:25:63:6e:77:aa:
1d:18:c4:e4:1e:8a:f6:0d:f7:b9:ee:88:ac:43:2f:
60:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:01:F9:A2:E6:DD:BD:23:D8:9A:38:31:3F:E6:D1:E7:7D:E9:0E:DA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UQH5oubdvSPYmjgxP-bR533pDto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.192.0/24
37.202.203.0-37.202.206.255
37.202.208.0-37.202.210.255
37.202.212.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:27:81:54:2c:c7:c2:5e:61:be:87:93:8c:21:af:6a:13:fa:
57:f0:7a:26:92:97:68:f2:70:ae:1b:cd:2f:d9:27:d6:c1:a2:
4c:b2:74:79:87:ba:7f:34:3c:bc:45:c9:c6:4f:fd:fb:7f:10:
a4:c8:8b:0d:70:f6:7e:9a:f9:7f:63:21:f9:88:03:94:79:12:
7e:d4:ca:23:db:1a:45:79:70:3e:24:bc:b0:a4:c1:5c:56:e3:
4d:24:3c:36:31:c4:31:2c:24:38:8a:ee:0a:5b:41:23:d8:e3:
a4:97:98:f3:a8:bb:37:42:30:a2:5f:a2:80:00:f3:00:a0:c4:
45:a3:6c:55:e3:d6:d9:4f:69:2a:71:05:59:2d:44:fa:67:29:
db:bb:bc:93:ca:12:b7:12:59:eb:0e:8f:71:09:fb:a3:af:b8:
a3:dc:55:27:6a:e6:4f:59:4d:cd:e0:67:28:16:76:bc:25:66:
cb:f7:03:18:89:10:65:f6:16:52:7e:e2:bb:a3:e6:d1:33:05:
6d:8a:14:00:dc:5b:73:e2:df:63:fd:81:76:94:8e:01:f7:c9:
cf:ab:96:68:46:e2:18:cc:86:41:05:e6:7d:94:10:95:55:fa:
01:0a:4f:cc:e8:8a:85:80:2a:dd:35:aa:57:51:a0:14:bd:0e:
d6:bd:86:9e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZOlraszBYyznCJ73IE7IH5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMjA4MDk1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTAxZjlhMmU2ZGRiZDIzZDg5YTM4MzEzZmU2ZDFlNzdkZTkwZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+TcDuP1++fwh7SnArQHco1irnC0
1iVQANJHIXDKG7Z4VekB+Q7REmEIt8GvQFRfTTyipB+ztNJPr4dAgkn4iHeyFMpl
kelzc5Vd8zfRxr7heRwjkrlz0Cc/9ScnOxa5gfE6bY3CEw9NjvtwHeku+d+TYd9J
GUf7+JgJh540eh2ZvslBW32SeMCRLx4XjgpaDii3VwElcQtgK+98ddVhUnu6wTu5
FgXByoLz8iebmCR249pNZLcUYNI2yH4pj3srIhE0T5N9zJJOZslftnbf36m7QP9Y
dW5M4c+VthQEDLYD7TTA8wxmpez0JWNud6odGMTkHor2Dfe57oisQy9gWQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFEB+aLm3b0j2Jo4MT/m0ed96Q7aMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVVFINW91YmR2U1BZbWpneFAtYlI1MzNwRHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAJcrAMAwD
BAAlyssDBAAlys4wDAMEBCXK0AMEACXK0gMEASXK1DANBgkqhkiG9w0BAQsFAAOC
AQEAXieBVCzHwl5hvoeTjCGvahP6V/B6JpKXaPJwrhvNL9kn1sGiTLJ0eYe6fzQ8
vEXJxk/9+38QpMiLDXD2fpr5f2Mh+YgDlHkSftTKI9saRXlwPiS8sKTBXFbjTSQ8
NjHEMSwkOIruCltBI9jjpJeY86i7N0Iwol+igADzAKDERaNsVePW2U9pKnEFWS1E
+mcp27u8k8oStxJZ6w6PcQn7o6+4o9xVJ2rmT1lNzeBnKBZ2vCVmy/cDGIkQZfYW
Un7iu6Pm0TMFbYoUANxbc+LfY/2BdpSOAffJz6uWaEbiGMyGQQXmfZQQlVX6AQpP
zOiKhYAq3TWqV1GgFL0O1r2Gng==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:10:59 2025 by rpki-client