Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/uPM6NX9b-7q8Uw284C83KV3CPgI.roa
File: uPM6NX9b-7q8Uw284C83KV3CPgI.roa (raw, json)
Hash identifier: H/sZZ4xBwLHnFwE5+n8FwPIZhKgfwRHxcLRDK7Z6P/0=
Subject key identifier: B8:F3:3A:35:7F:5B:FB:BA:BC:53:0D:BC:E0:2F:37:29:5D:C2:3E:02
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0195141CBD9A43A44D1743CBD8107B341359
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/uPM6NX9b-7q8Uw284C83KV3CPgI.roa
Signing time: Mon 17 Feb 2025 13:33:02 +0000
ROA not before: Mon 17 Feb 2025 13:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.136.36.0/22 maxlen: 24
185.38.26.0/23 maxlen: 24
194.31.164.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 05:56:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:14:1c:bd:9a:43:a4:4d:17:43:cb:d8:10:7b:34:13:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Feb 17 13:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8f33a357f5bfbbabc530dbce02f37295dc23e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:94:ca:24:c6:00:d1:c6:fc:a8:06:21:5f:22:
7a:cb:e0:0a:64:9f:d7:df:e9:87:75:8e:f0:70:bf:
a0:b4:2e:be:08:77:8d:dd:6a:02:e2:b7:38:dc:79:
2e:08:ef:f0:c3:83:f5:bb:8e:69:db:6f:39:08:74:
95:81:28:f8:1a:4f:20:bb:45:ab:6d:c8:bc:31:99:
91:92:1b:1f:80:6f:f7:e4:92:df:27:bf:63:76:9c:
d2:5d:a5:fe:ea:1f:e2:74:a7:83:87:b8:f9:7f:46:
54:a3:dc:64:b3:a5:b4:54:bb:6a:5f:de:6e:0c:2f:
03:28:0c:f3:7a:90:6d:82:6d:de:33:fc:58:30:c1:
2a:2a:bc:55:54:f8:61:dc:93:7c:d7:9b:8d:3c:3a:
fb:ef:b5:99:86:03:35:63:4c:1b:f6:e8:c4:9c:b9:
3f:da:36:57:88:0a:39:aa:2a:9a:95:90:a9:16:a4:
ff:8f:55:fc:56:6c:7f:62:15:77:cc:65:3b:c3:73:
84:17:29:49:82:33:e9:79:1b:af:52:f8:f8:85:9e:
77:aa:20:8d:f5:17:b3:8c:a9:56:56:7e:38:fc:c9:
4f:65:51:a5:ed:f1:6f:ed:26:80:55:b9:35:fa:64:
d1:aa:d9:01:d5:74:c0:31:7e:08:2a:d1:eb:9c:7b:
2a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F3:3A:35:7F:5B:FB:BA:BC:53:0D:BC:E0:2F:37:29:5D:C2:3E:02
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/uPM6NX9b-7q8Uw284C83KV3CPgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.36.0/22
185.38.26.0/23
194.31.164.0/22
Signature Algorithm: sha256WithRSAEncryption
65:c0:1a:5f:23:f2:5c:44:46:59:dd:e7:e2:4a:e7:38:65:b9:
93:47:22:60:f5:66:99:8e:7d:68:fd:02:48:66:a0:b3:45:10:
99:02:71:53:84:23:5c:65:82:ff:92:ab:2d:62:9f:b7:97:e4:
b0:f6:79:7d:b2:e5:5c:45:d5:a0:5c:a3:1c:81:1b:86:1d:b8:
12:c5:cc:3c:a4:9e:2c:72:12:02:d0:20:c0:0d:ba:fd:0c:31:
8c:16:ba:7c:82:28:fa:27:33:05:85:37:8b:dd:80:c8:23:1b:
6d:17:9b:05:8f:3c:26:b0:11:45:e2:23:bb:09:56:fb:93:ba:
27:bd:e9:df:eb:3c:9c:f7:dc:95:b2:f9:f8:b5:18:62:1e:f8:
63:6b:07:e0:fe:e9:59:8c:5a:91:c9:a4:e3:a2:99:4e:a3:87:
a8:2a:8c:a2:8b:c1:4d:d5:da:5b:9d:04:a3:15:fd:6b:d4:cc:
1e:ab:2b:76:dd:0a:df:ad:60:86:61:4b:91:86:66:91:bd:f6:
bb:34:7c:50:2a:4b:2a:de:00:a2:d9:92:ce:bc:f7:23:8b:fe:
b1:b3:89:16:1c:17:a3:72:5a:e5:0f:31:91:4e:c5:c0:40:8d:
46:14:2e:62:63:ec:ec:4d:c6:43:10:c1:0b:4d:72:13:e8:28:
4e:77:89:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUUHL2aQ6RNF0PL2BB7NBNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwMjE3MTMzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGYzM2EzNTdmNWJmYmJhYmM1MzBkYmNlMDJmMzcyOTVkYzIzZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZTKJMYA0cb8qAYhXyJ6y+AKZJ/X
3+mHdY7wcL+gtC6+CHeN3WoC4rc43HkuCO/ww4P1u45p2285CHSVgSj4Gk8gu0Wr
bci8MZmRkhsfgG/35JLfJ79jdpzSXaX+6h/idKeDh7j5f0ZUo9xks6W0VLtqX95u
DC8DKAzzepBtgm3eM/xYMMEqKrxVVPhh3JN815uNPDr777WZhgM1Y0wb9ujEnLk/
2jZXiAo5qiqalZCpFqT/j1X8Vmx/YhV3zGU7w3OEFylJgjPpeRuvUvj4hZ53qiCN
9RezjKlWVn44/MlPZVGl7fFv7SaAVbk1+mTRqtkB1XTAMX4IKtHrnHsqMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLjzOjV/W/u6vFMNvOAvNyldwj4CMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvdVBNNk5YOWItN3E4VXcyODRDODNLVjNDUGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYgkAwQB
uSYaAwQCwh+kMA0GCSqGSIb3DQEBCwUAA4IBAQBlwBpfI/JcREZZ3efiSuc4ZbmT
RyJg9WaZjn1o/QJIZqCzRRCZAnFThCNcZYL/kqstYp+3l+Sw9nl9suVcRdWgXKMc
gRuGHbgSxcw8pJ4schIC0CDADbr9DDGMFrp8gij6JzMFhTeL3YDIIxttF5sFjzwm
sBFF4iO7CVb7k7onvenf6zyc99yVsvn4tRhiHvhjawfg/ulZjFqRyaTjoplOo4eo
Koyii8FN1dpbnQSjFf1r1Mweqyt23QrfrWCGYUuRhmaRvfa7NHxQKksq3gCi2ZLO
vPcji/6xs4kWHBejclrlDzGRTsXAQI1GFC5iY+zsTcZDEMELTXIT6ChOd4lm
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:46:28 2025 by rpki-client