Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/UTTripa3cZ-E4YKxrYv4DAimqlw.roa
File: UTTripa3cZ-E4YKxrYv4DAimqlw.roa (raw, json)
Hash identifier: Z4tiS+DDVTjOL70213Q+/FYHgfZPidzYP7w2S+s1b8g=
Subject key identifier: 51:34:EB:8A:96:B7:71:9F:84:E1:82:B1:AD:8B:F8:0C:08:A6:AA:5C
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 018CC3B72399B7ED842E14F3D6EE635800AC
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/UTTripa3cZ-E4YKxrYv4DAimqlw.roa
Signing time: Mon 01 Jan 2024 06:30:08 +0000
ROA not before: Mon 01 Jan 2024 06:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43197
IP address blocks: 185.105.229.0/24 maxlen: 24
185.105.228.0/22 maxlen: 22
185.105.228.0/24 maxlen: 24
185.105.231.0/24 maxlen: 24
185.105.230.0/24 maxlen: 24
109.68.232.0/21 maxlen: 21
109.68.233.0/24 maxlen: 24
109.68.232.0/24 maxlen: 24
109.68.237.0/24 maxlen: 24
109.68.236.0/24 maxlen: 24
109.68.235.0/24 maxlen: 24
109.68.234.0/24 maxlen: 24
109.68.239.0/24 maxlen: 24
109.68.238.0/24 maxlen: 24
2a0b:6bc0::/48 maxlen: 48
2a0b:6bc0:1::/64 maxlen: 64
2a0b:6bc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:23:99:b7:ed:84:2e:14:f3:d6:ee:63:58:00:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Jan 1 06:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5134eb8a96b7719f84e182b1ad8bf80c08a6aa5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:95:0f:4c:1c:5f:50:b1:af:6a:e2:53:a4:ab:
bf:1d:81:d7:83:5c:45:e5:f7:61:6e:89:24:ed:39:
39:96:e4:02:44:35:cc:ce:8f:af:73:43:8b:35:10:
21:d6:01:32:65:92:1b:81:44:d8:02:40:96:23:cf:
7b:ae:c3:e7:39:e8:31:65:75:3d:48:54:10:51:83:
ed:dd:b1:71:38:7f:de:6b:fc:b3:c4:cc:b4:73:4f:
a1:6c:00:15:58:b1:a3:da:c3:bd:2b:77:e2:95:81:
d4:24:6d:ab:1b:f5:bc:3b:1d:f3:67:38:e5:94:8e:
bf:af:f6:5c:fd:8e:90:c9:16:83:87:20:95:af:79:
c8:2a:a0:19:59:a5:f3:6e:b1:aa:76:70:2f:db:79:
99:4a:29:20:44:6a:27:98:b1:6f:1d:62:51:8b:58:
5e:46:77:1e:4d:8b:95:86:8d:fe:52:3c:c7:99:8a:
b0:ff:1c:02:6c:67:33:8e:fd:7a:95:3c:66:e9:4c:
f9:1a:67:88:83:bf:31:94:13:aa:86:45:eb:35:b7:
69:f4:0e:44:c1:4b:7f:02:15:a1:db:9e:92:92:19:
65:6f:10:d7:29:1b:de:00:2b:39:f9:2e:5f:16:d6:
c7:5d:ef:95:2b:9f:71:0e:b9:a8:d6:0c:ef:86:ee:
8c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:34:EB:8A:96:B7:71:9F:84:E1:82:B1:AD:8B:F8:0C:08:A6:AA:5C
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/UTTripa3cZ-E4YKxrYv4DAimqlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.232.0/21
185.105.228.0/22
IPv6:
2a0b:6bc0::/47
Signature Algorithm: sha256WithRSAEncryption
98:cf:b9:fc:df:1f:74:09:ff:75:71:0f:90:d0:2e:64:7b:4a:
0f:df:cd:4e:76:62:2a:27:5c:de:22:7d:31:cf:ce:ed:63:a5:
3c:b6:c2:4c:ca:7f:8c:e7:96:e9:e3:16:91:4f:86:db:c5:82:
c3:2f:97:52:62:16:e1:7b:3f:5a:70:05:45:db:09:db:ea:56:
8e:9e:ed:65:c7:94:8a:fd:60:38:a2:69:95:7c:65:99:e1:44:
79:3a:ce:5b:48:eb:36:9a:00:3a:b0:60:26:d5:35:44:78:e4:
78:37:b7:39:c9:7c:da:86:31:76:4c:72:28:71:3d:66:ef:06:
64:59:52:02:36:6d:2f:1b:df:a4:4b:df:f6:92:b1:86:1c:b3:
76:22:d9:4a:77:bc:c8:09:22:51:ca:c4:10:37:a9:2e:56:8a:
06:d1:df:80:8c:16:b9:1f:69:7b:b2:2e:ce:53:55:54:83:d0:
87:5a:01:43:a6:6e:81:d8:b1:a8:bd:f1:fc:e5:c1:a2:dc:f8:
5e:9d:14:8b:d9:63:eb:1f:ee:05:56:44:8b:16:ec:df:77:5c:
28:8d:ae:ea:b8:90:97:ed:7a:b9:13:9d:fe:ee:e7:b1:63:50:
fb:0f:95:71:09:0d:0a:ee:96:51:11:d2:61:fa:c8:54:5d:d5:
3e:38:e4:fa
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtyOZt+2ELhTz1u5jWACsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjQwMTAxMDYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM0ZWI4YTk2Yjc3MTlmODRlMTgyYjFhZDhiZjgwYzA4YTZhYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5UPTBxfULGvauJTpKu/HYHXg1xF
5fdhbokk7Tk5luQCRDXMzo+vc0OLNRAh1gEyZZIbgUTYAkCWI897rsPnOegxZXU9
SFQQUYPt3bFxOH/ea/yzxMy0c0+hbAAVWLGj2sO9K3filYHUJG2rG/W8Ox3zZzjl
lI6/r/Zc/Y6QyRaDhyCVr3nIKqAZWaXzbrGqdnAv23mZSikgRGonmLFvHWJRi1he
RnceTYuVho3+UjzHmYqw/xwCbGczjv16lTxm6Uz5GmeIg78xlBOqhkXrNbdp9A5E
wUt/AhWh256SkhllbxDXKRveACs5+S5fFtbHXe+VK59xDrmo1gzvhu6MHwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFE064qWt3GfhOGCsa2L+AwIpqpcMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEvVVRUcmlwYTNjWi1FNFlLeHJZdjREQWltcWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDbUToAwQC
uWnkMA8EAgACMAkDBwEqC2vAAAAwDQYJKoZIhvcNAQELBQADggEBAJjPufzfH3QJ
/3VxD5DQLmR7Sg/fzU52YionXN4ifTHPzu1jpTy2wkzKf4znlunjFpFPhtvFgsMv
l1JiFuF7P1pwBUXbCdvqVo6e7WXHlIr9YDiiaZV8ZZnhRHk6zltI6zaaADqwYCbV
NUR45Hg3tznJfNqGMXZMcihxPWbvBmRZUgI2bS8b36RL3/aSsYYcs3Yi2Up3vMgJ
IlHKxBA3qS5WigbR34CMFrkfaXuyLs5TVVSD0IdaAUOmboHYsai98fzlwaLc+F6d
FIvZY+sf7gVWRIsW7N93XCiNruq4kJfterkTnf7u57FjUPsPlXEJDQrullER0mH6
yFRd1T445Po=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:41:41 2025 by rpki-client