Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/UDpK0uTH8ulfX-BRue_LxyYrybg.roa
File: UDpK0uTH8ulfX-BRue_LxyYrybg.roa (raw, json)
Hash identifier: Dp6K5s4cXqR6PiC8AlLBrRSOz+xKT0xrh8fKR2pD1Ns=
Subject key identifier: 50:3A:4A:D2:E4:C7:F2:E9:5F:5F:E0:51:B9:EF:CB:C7:26:2B:C9:B8
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B6425A2B6A4DCE034EB2590EA0F24
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/UDpK0uTH8ulfX-BRue_LxyYrybg.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204666
IP address blocks: 45.153.192.0/22 maxlen: 24
45.153.194.0/24 maxlen: 24
45.153.195.0/24 maxlen: 24
185.188.101.0/24 maxlen: 24
185.188.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Apr 2025 08:52:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:64:25:a2:b6:a4:dc:e0:34:eb:25:90:ea:0f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=503a4ad2e4c7f2e95f5fe051b9efcbc7262bc9b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b2:b7:14:7b:83:7c:64:d6:99:0c:6a:1b:b5:
fd:57:74:bc:d2:2b:fe:d8:b0:fe:de:99:c3:92:f1:
a1:56:a0:af:65:05:47:20:49:ce:c0:a2:9c:30:fe:
58:e4:12:97:b7:1d:ab:91:32:f5:81:b2:aa:98:1e:
69:97:98:21:48:bf:3e:54:f5:9c:89:9c:5a:dc:71:
c7:e1:cf:06:6a:2f:e9:94:66:54:04:f9:e2:94:3c:
f1:13:5b:28:bc:9a:b9:93:d5:be:0b:d2:14:34:bc:
d1:f4:2f:6b:ec:8a:47:20:ce:64:8e:c2:ee:e7:23:
1c:b4:2e:90:4d:b1:17:13:61:ff:bb:5b:46:49:4a:
90:51:a1:2b:9e:0c:17:87:25:73:87:7b:3d:9b:57:
a9:58:6a:fa:0b:e1:7e:fb:41:25:ef:fd:5b:cb:3d:
6e:fb:8a:47:fe:7a:06:ef:5a:60:c9:9d:a0:0f:47:
21:a3:6d:a3:2b:23:60:51:19:3b:c2:3e:34:1e:19:
52:ea:2a:1c:fc:81:8e:12:ea:a5:d1:e2:e2:50:0a:
2f:d8:7e:7d:ac:cf:25:1e:38:e4:70:08:34:4e:73:
e7:62:8e:ed:f2:be:be:f9:33:0a:da:9f:11:bb:b1:
04:f9:b3:6a:49:53:ff:7c:80:93:6b:96:8f:e0:62:
00:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3A:4A:D2:E4:C7:F2:E9:5F:5F:E0:51:B9:EF:CB:C7:26:2B:C9:B8
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/UDpK0uTH8ulfX-BRue_LxyYrybg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.192.0/22
185.188.101.0/24
185.188.103.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:73:c0:c1:6f:84:a3:05:80:cd:11:16:0f:15:93:a0:53:e4:
45:06:6b:f9:59:21:c6:71:fe:a6:75:da:b1:c1:82:e3:0a:48:
50:85:d3:99:f2:4a:87:df:fb:7f:38:77:7e:85:92:7b:2e:10:
3d:93:76:3e:ca:11:a7:b6:9d:8f:5a:ae:85:d9:21:b5:91:a1:
a2:20:10:b4:25:28:a1:b7:91:99:15:30:70:55:69:42:1c:29:
45:73:97:29:f5:62:e8:3b:39:83:2f:30:6a:45:78:0f:44:b1:
26:47:b7:70:27:dd:d1:c7:7d:4c:29:80:67:90:2e:0b:dc:9f:
9a:9c:26:71:38:85:38:5f:85:b6:e8:f0:ae:bf:62:48:1e:d9:
b3:69:89:e7:96:27:17:32:d7:e9:0b:fe:51:df:67:88:25:53:
19:3f:e0:ae:6a:7e:ed:fa:de:d0:09:01:e1:1e:13:a4:c5:a9:
68:cb:a9:2b:55:b3:e3:37:08:21:75:0b:2c:3f:a0:44:79:72:
f1:26:b8:fe:f3:76:6b:de:db:75:34:02:b0:8d:b6:b6:8b:99:
9f:b3:64:8a:7e:27:d6:0f:5b:bb:ae:e4:f4:9f:c7:1f:99:52:
66:dc:56:10:9e:8a:60:9a:c8:fc:23:f7:7f:62:9b:e2:8d:ee:
c4:53:aa:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQma2Qlorak3OA06yWQ6g8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDNhNGFkMmU0YzdmMmU5NWY1ZmUwNTFiOWVmY2JjNzI2MmJjOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLK3FHuDfGTWmQxqG7X9V3S80iv+
2LD+3pnDkvGhVqCvZQVHIEnOwKKcMP5Y5BKXtx2rkTL1gbKqmB5pl5ghSL8+VPWc
iZxa3HHH4c8Gai/plGZUBPnilDzxE1sovJq5k9W+C9IUNLzR9C9r7IpHIM5kjsLu
5yMctC6QTbEXE2H/u1tGSUqQUaErngwXhyVzh3s9m1epWGr6C+F++0El7/1byz1u
+4pH/noG71pgyZ2gD0cho22jKyNgURk7wj40HhlS6ioc/IGOEuql0eLiUAov2H59
rM8lHjjkcAg0TnPnYo7t8r6++TMK2p8Ru7EE+bNqSVP/fICTa5aP4GIAQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFA6StLkx/LpX1/gUbnvy8cmK8m4MB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvVURwSzB1VEg4dWxmWC1CUnVlX0x4eVlyeWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZnAAwQA
ubxlAwQAubxnMA0GCSqGSIb3DQEBCwUAA4IBAQCbc8DBb4SjBYDNERYPFZOgU+RF
Bmv5WSHGcf6mddqxwYLjCkhQhdOZ8kqH3/t/OHd+hZJ7LhA9k3Y+yhGntp2PWq6F
2SG1kaGiIBC0JSiht5GZFTBwVWlCHClFc5cp9WLoOzmDLzBqRXgPRLEmR7dwJ93R
x31MKYBnkC4L3J+anCZxOIU4X4W26PCuv2JIHtmzaYnnlicXMtfpC/5R32eIJVMZ
P+Cuan7t+t7QCQHhHhOkxaloy6krVbPjNwghdQssP6BEeXLxJrj+83Zr3tt1NAKw
jba2i5mfs2SKfifWD1u7ruT0n8cfmVJm3FYQnopgmsj8I/d/Ypvije7EU6pB
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:13:23 2025 by rpki-client