Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UgnJVypmovz-NxEWnyT_VSDJobE.roa
File: UgnJVypmovz-NxEWnyT_VSDJobE.roa (raw, json)
Hash identifier: rrw7BkL8m/b5DzCwEjz62QbNrj9eJgqLFqMthny+C5g=
Subject key identifier: 52:09:C9:57:2A:66:A2:FC:FE:37:11:16:9F:24:FF:55:20:C9:A1:B1
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EEFB7871CBD9A83B234A3CB4AD46D46C8
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UgnJVypmovz-NxEWnyT_VSDJobE.roa
Signing time: Thu 18 Apr 2024 05:39:25 +0000
ROA not before: Thu 18 Apr 2024 05:39:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24699
IP address blocks: 80.66.144.0/20 maxlen: 20
81.20.96.0/20 maxlen: 20
88.85.160.0/20 maxlen: 20
212.124.16.0/20 maxlen: 20
212.124.27.0/24 maxlen: 24
212.124.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 11:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ef:b7:87:1c:bd:9a:83:b2:34:a3:cb:4a:d4:6d:46:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 18 05:39:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5209c9572a66a2fcfe3711169f24ff5520c9a1b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:12:d4:84:67:65:0d:21:19:0d:15:37:9c:01:
80:2d:d5:81:c6:98:d7:f3:8d:d6:a3:f2:c5:16:2f:
ac:52:b1:a4:87:a5:b5:3c:07:82:a8:1e:c3:29:b2:
26:b5:64:71:e5:96:26:a9:04:7f:ce:47:bd:26:c8:
95:6f:b0:c0:81:a4:96:74:9f:80:23:06:33:ae:3d:
38:0c:ff:d8:01:77:72:df:ef:6b:6a:04:2c:da:cf:
4d:64:a5:c1:d5:62:90:b7:eb:fe:60:11:4b:87:52:
b3:c2:2b:bb:90:78:3b:87:02:27:e3:5f:7f:72:84:
c9:e3:13:aa:ec:a3:af:7c:bd:d6:e9:46:ed:4b:92:
58:62:e6:b0:0f:f9:57:55:2f:d8:94:31:06:76:46:
39:00:cc:b5:a7:18:11:72:a6:59:a2:65:41:40:f4:
36:2a:da:9f:fd:60:0c:ef:eb:08:00:b2:d7:83:bc:
88:54:5d:bb:f6:27:48:df:5b:6b:dd:96:14:8b:93:
4d:8e:66:62:30:78:02:b2:e8:ab:74:75:30:29:b1:
f6:57:59:8a:bd:23:3a:6e:9d:4f:22:75:18:cf:b8:
d5:3a:1a:0b:d3:ba:e5:be:52:d4:93:83:da:1e:94:
48:c0:b8:df:84:36:af:c9:3a:18:47:28:a9:36:b2:
e4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:09:C9:57:2A:66:A2:FC:FE:37:11:16:9F:24:FF:55:20:C9:A1:B1
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UgnJVypmovz-NxEWnyT_VSDJobE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.144.0/20
81.20.96.0/20
88.85.160.0/20
212.124.16.0/20
Signature Algorithm: sha256WithRSAEncryption
41:5d:70:a4:65:44:dc:60:5f:cf:32:73:ef:9f:8b:4f:1e:09:
50:e5:7a:28:f0:bc:40:72:8c:94:f3:3c:d2:48:b5:46:fc:31:
22:44:0a:ac:dc:47:e1:79:ee:83:9c:6f:70:17:8e:77:fc:d4:
97:ad:99:cf:22:83:9f:d4:25:1e:f7:7b:cb:70:b1:91:26:72:
31:43:c1:c7:d4:2d:27:9f:a2:c1:e0:5e:bb:27:25:0b:0e:61:
09:48:95:99:d4:c8:ec:8b:8e:7e:c8:c6:df:3a:de:d2:d8:cd:
27:b7:b5:f9:75:a3:b5:4b:c4:9b:b2:61:98:ef:21:74:c7:a7:
c4:df:a0:54:a4:f7:ab:f0:d3:91:24:43:7b:33:07:14:47:bf:
c5:25:4d:58:1e:0c:fe:02:3a:ad:30:f2:57:a7:2e:64:a7:ac:
32:49:05:99:93:2a:1e:5f:47:bd:c8:63:a0:4b:e1:0c:2f:73:
fb:41:87:f9:06:9b:73:7a:d6:c2:63:33:a7:0c:35:a0:f5:ce:
f8:46:1e:cb:db:5d:f1:80:cf:ab:d3:9a:46:d6:6f:15:7e:e8:
57:0b:48:40:2f:7c:42:f7:6c:44:68:fa:25:73:92:e6:8c:3d:
e3:d2:58:78:4e:6b:a9:07:b7:b7:56:17:7e:9c:db:7a:19:45:
70:59:ed:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7vt4ccvZqDsjSjy0rUbUbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE4MDUzOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjA5Yzk1NzJhNjZhMmZjZmUzNzExMTY5ZjI0ZmY1NTIwYzlhMWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRLUhGdlDSEZDRU3nAGALdWBxpjX
843Wo/LFFi+sUrGkh6W1PAeCqB7DKbImtWRx5ZYmqQR/zke9JsiVb7DAgaSWdJ+A
IwYzrj04DP/YAXdy3+9ragQs2s9NZKXB1WKQt+v+YBFLh1Kzwiu7kHg7hwIn419/
coTJ4xOq7KOvfL3W6UbtS5JYYuawD/lXVS/YlDEGdkY5AMy1pxgRcqZZomVBQPQ2
Ktqf/WAM7+sIALLXg7yIVF279idI31tr3ZYUi5NNjmZiMHgCsuirdHUwKbH2V1mK
vSM6bp1PInUYz7jVOhoL07rlvlLUk4PaHpRIwLjfhDavyToYRyipNrLk5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFIJyVcqZqL8/jcRFp8k/1UgyaGxMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVWduSlZ5cG1vdnotTnhFV255VF9WU0RKb2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUEKQAwQE
URRgAwQEWFWgAwQE1HwQMA0GCSqGSIb3DQEBCwUAA4IBAQBBXXCkZUTcYF/PMnPv
n4tPHglQ5Xoo8LxAcoyU8zzSSLVG/DEiRAqs3Efhee6DnG9wF453/NSXrZnPIoOf
1CUe93vLcLGRJnIxQ8HH1C0nn6LB4F67JyULDmEJSJWZ1Mjsi45+yMbfOt7S2M0n
t7X5daO1S8SbsmGY7yF0x6fE36BUpPer8NORJEN7MwcUR7/FJU1YHgz+AjqtMPJX
py5kp6wySQWZkyoeX0e9yGOgS+EML3P7QYf5BptzetbCYzOnDDWg9c74Rh7L213x
gM+r05pG1m8VfuhXC0hAL3xC92xEaPolc5LmjD3j0lh4TmupB7e3Vhd+nNt6GUVw
We2h
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:38:14 2025 by rpki-client