Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/UTfZZSLqjbV1b8j5TUYR5Vzy_C4.roa
File: UTfZZSLqjbV1b8j5TUYR5Vzy_C4.roa (raw, json)
Hash identifier: afv6e1K0oUB1wMQJgOwOvShcyd+lLD2cZw6tI0PhiEQ=
Subject key identifier: 51:37:D9:65:22:EA:8D:B5:75:6F:C8:F9:4D:46:11:E5:5C:F2:FC:2E
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 01946A2F8A3A9343B685106B83221FA4886F
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/UTfZZSLqjbV1b8j5TUYR5Vzy_C4.roa
Signing time: Wed 15 Jan 2025 13:38:07 +0000
ROA not before: Wed 15 Jan 2025 13:38:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1820
IP address blocks: 31.172.136.0/21 maxlen: 32
31.172.142.0/24 maxlen: 32
31.223.224.0/21 maxlen: 32
80.92.224.0/20 maxlen: 32
82.117.244.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
85.90.223.0/24 maxlen: 32
91.226.1.0/24 maxlen: 32
91.231.127.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
92.119.220.0/22 maxlen: 32
128.0.168.0/21 maxlen: 32
185.16.228.0/22 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
185.45.244.0/22 maxlen: 32
185.170.192.0/22 maxlen: 32
193.16.47.0/24 maxlen: 32
193.104.182.0/24 maxlen: 32
193.111.0.0/23 maxlen: 32
193.111.48.0/22 maxlen: 32
195.66.93.0/24 maxlen: 32
195.177.72.0/22 maxlen: 32
212.110.129.0/24 maxlen: 32
212.110.130.0/23 maxlen: 32
212.110.132.0/23 maxlen: 32
212.110.134.0/23 maxlen: 32
212.110.136.0/22 maxlen: 32
212.110.140.0/23 maxlen: 32
212.110.142.0/23 maxlen: 32
212.110.152.0/23 maxlen: 32
212.110.154.0/23 maxlen: 32
217.20.160.0/19 maxlen: 32
217.20.160.0/20 maxlen: 32
217.20.164.0/22 maxlen: 32
217.20.176.0/20 maxlen: 32
217.20.184.0/22 maxlen: 32
2a01:6b0::/32 maxlen: 128
2a13:8800::/29 maxlen: 128
Validation: Failed, certificate revoked on Fri 04 Apr 2025 00:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6a:2f:8a:3a:93:43:b6:85:10:6b:83:22:1f:a4:88:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Jan 15 13:38:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5137d96522ea8db5756fc8f94d4611e55cf2fc2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2d:28:92:ce:25:10:80:9e:69:89:10:f6:2c:
cd:73:0c:6d:1d:f9:e5:a3:35:1a:fc:21:13:d4:6b:
11:74:4b:d1:d9:ca:08:05:7c:06:b4:3b:68:7a:91:
cb:ae:b3:d1:fe:e8:34:62:75:98:4a:63:c2:c5:f0:
bf:49:f1:c7:ae:6e:f4:14:56:2a:6a:9c:3a:95:32:
35:39:c3:42:76:cc:b7:22:2b:74:a2:d8:de:61:48:
d8:88:af:f4:ea:53:21:b8:07:a5:4c:e6:fe:af:92:
56:02:e7:5a:83:48:5c:b4:74:01:b6:93:2d:ff:73:
a8:09:61:ec:7c:f0:60:15:24:f5:69:f0:25:5b:9d:
4a:62:88:a4:36:92:7d:06:26:6d:d4:53:54:46:47:
6e:9d:6c:99:53:03:8e:dd:2f:1e:11:30:cb:e0:bb:
aa:c5:0b:85:4c:91:83:00:cc:05:4e:7a:bd:16:bc:
01:1a:78:3f:71:ff:21:24:fa:ff:3f:ce:50:4f:e0:
6c:96:3e:42:f8:55:ba:a3:e4:42:ad:aa:06:d9:59:
22:ca:26:03:90:dd:1e:8f:1d:ba:ab:54:41:22:e6:
0e:f6:b2:11:5a:fc:2c:b2:58:83:b2:d6:f0:35:6c:
4a:81:cf:08:98:f1:a7:d5:6b:bb:ca:f5:03:3a:f4:
cc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:37:D9:65:22:EA:8D:B5:75:6F:C8:F9:4D:46:11:E5:5C:F2:FC:2E
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/UTfZZSLqjbV1b8j5TUYR5Vzy_C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
31.223.224.0/21
80.92.224.0/20
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
91.226.1.0/24
91.231.127.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.16.228.0/22
185.38.208.0/23
185.39.196.0/22
185.45.244.0/22
185.170.192.0/22
193.16.47.0/24
193.104.182.0/24
193.111.0.0/23
193.111.48.0/22
195.66.93.0/24
195.177.72.0/22
212.110.129.0-212.110.143.255
212.110.152.0/22
217.20.160.0/19
IPv6:
2a01:6b0::/32
2a13:8800::/29
Signature Algorithm: sha256WithRSAEncryption
50:a5:73:01:a7:14:96:b3:ae:31:8d:bf:3b:c3:9f:a8:5d:19:
3f:ad:99:90:db:c0:dd:27:0d:70:69:cf:66:04:f8:0f:ab:e0:
1e:1e:9d:a3:44:76:28:91:08:85:16:aa:26:89:f6:70:9f:0f:
ad:4a:f8:91:95:5d:54:20:3f:6c:73:26:5c:3b:fb:91:ab:49:
3a:a9:e8:a7:28:a6:7a:7a:97:af:4d:b0:7b:a2:79:23:74:ad:
a6:c5:c0:9f:28:96:b9:af:57:5f:70:a6:69:52:fe:47:7d:cf:
c4:4f:b4:47:ff:9b:97:02:75:1f:2f:96:ed:d8:9f:35:88:4d:
36:fc:ec:03:75:a0:a6:e2:6e:b6:ea:ee:25:53:9b:32:bc:74:
55:f3:ac:6e:3d:c4:a0:0c:a1:a4:69:de:f8:13:a9:eb:21:6d:
e8:13:ed:ba:ef:8e:10:00:02:40:a3:4a:8d:29:91:36:62:13:
1b:17:b3:8e:a3:3a:c6:50:f4:89:67:67:c8:8d:96:66:e4:0b:
f8:f6:02:b8:30:8d:34:a6:fa:5d:ca:4e:2e:f3:47:2f:d5:42:
6f:a5:84:16:61:f4:5f:d4:69:94:db:df:2f:ba:7e:02:02:d4:
c9:29:af:da:da:2d:91:e0:1c:58:39:9a:7a:7e:14:4f:5c:a2:
bb:6e:7f:1e
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZRqL4o6k0O2hRBrgyIfpIhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjUwMTE1MTMzODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM3ZDk2NTIyZWE4ZGI1NzU2ZmM4Zjk0ZDQ2MTFlNTVjZjJmYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy0oks4lEICeaYkQ9izNcwxtHfnl
ozUa/CET1GsRdEvR2coIBXwGtDtoepHLrrPR/ug0YnWYSmPCxfC/SfHHrm70FFYq
apw6lTI1OcNCdsy3Iit0otjeYUjYiK/06lMhuAelTOb+r5JWAudag0hctHQBtpMt
/3OoCWHsfPBgFST1afAlW51KYoikNpJ9BiZt1FNURkdunWyZUwOO3S8eETDL4Luq
xQuFTJGDAMwFTnq9FrwBGng/cf8hJPr/P85QT+Bslj5C+FW6o+RCraoG2VkiyiYD
kN0ejx26q1RBIuYO9rIRWvwssliDstbwNWxKgc8ImPGn1Wu7yvUDOvTM2QIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFFE32WUi6o21dW/I+U1GEeVc8vwuMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvVVRmWlpTTHFqYlYxYjhqNVRVWVI1Vnp5X0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBpQQCAAEwgZ4DBAMf
rIgDBAMf3+ADBARQXOADBABSdfQDBABVWtMDBABVWt8DBABb4gEDBABb538DBARc
PLADBAJcd9wDBAOAAKgDBAK5EOQDBAG5JtADBAK5J8QDBAK5LfQDBAK5qsADBADB
EC8DBADBaLYDBAHBbwADBALBbzADBADDQl0DBALDsUgwDAMEANRugQMEBNRugAME
AtRumAMEBdkUoDAUBAIAAjAOAwUAKgEGsAMFAyoTiAAwDQYJKoZIhvcNAQELBQAD
ggEBAFClcwGnFJazrjGNvzvDn6hdGT+tmZDbwN0nDXBpz2YE+A+r4B4enaNEdiiR
CIUWqiaJ9nCfD61K+JGVXVQgP2xzJlw7+5GrSTqp6Kcopnp6l69NsHuieSN0rabF
wJ8olrmvV19wpmlS/kd9z8RPtEf/m5cCdR8vlu3YnzWITTb87AN1oKbibrbq7iVT
mzK8dFXzrG49xKAMoaRp3vgTqeshbegT7brvjhAAAkCjSo0pkTZiExsXs46jOsZQ
9IlnZ8iNlmbkC/j2ArgwjTSm+l3KTi7zRy/VQm+lhBZh9F/UaZTb3y+6fgIC1Mkp
r9raLZHgHFg5mnp+FE9cortufx4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:19:14 2025 by rpki-client