Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UmqPbHsZNWknb4I6_TkUjPxKdK0.roa
File: UmqPbHsZNWknb4I6_TkUjPxKdK0.roa (raw, json)
Hash identifier: rCTrROyG/QLG6cEdSQXJy1S9kpcI4qOo6GQRdu60m0k=
Subject key identifier: 52:6A:8F:6C:7B:19:35:69:27:6F:82:3A:FD:39:14:8C:FC:4A:74:AD
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0191988A40062DD7B54F49186DF8B903C5EC
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UmqPbHsZNWknb4I6_TkUjPxKdK0.roa
Signing time: Wed 28 Aug 2024 10:31:22 +0000
ROA not before: Wed 28 Aug 2024 10:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5591
IP address blocks: 91.210.252.0/22 maxlen: 22
217.22.172.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 30 Aug 2024 06:57:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:8a:40:06:2d:d7:b5:4f:49:18:6d:f8:b9:03:c5:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 28 10:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=526a8f6c7b193569276f823afd39148cfc4a74ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:30:63:9a:6b:8a:86:98:ff:c4:c3:30:31:54:
dd:91:df:ca:42:88:38:ed:aa:c5:83:2e:71:9c:02:
61:14:34:7a:5f:8c:a9:2c:d2:31:90:e5:45:49:e5:
54:bb:fb:89:4f:86:a7:a2:f3:34:61:cc:7d:e9:06:
28:a3:ca:9b:ef:b8:04:27:46:fc:f0:af:62:68:f1:
e0:c5:54:51:a5:3c:79:25:3f:be:51:55:79:e0:4e:
91:9c:57:27:e7:f6:01:26:79:1f:51:c3:59:08:ea:
c8:30:01:d2:f5:a1:12:94:06:cc:db:fe:22:70:a1:
2e:7c:cf:15:5a:ec:35:c2:79:72:28:66:ac:63:96:
e9:0a:75:34:31:01:84:f2:1c:59:99:db:f1:cc:4d:
93:3f:e1:ae:87:38:63:a0:9b:e7:86:32:cb:92:d9:
69:dd:78:6a:9e:30:d2:bc:f3:25:8c:00:87:ee:4a:
25:98:82:fb:3e:d7:97:ac:6a:68:b2:bb:22:e2:a0:
49:e0:5a:9d:f8:4b:83:1d:f8:f9:24:92:8a:f0:a8:
15:c9:0b:33:89:ea:a2:f7:11:88:d6:c0:6b:13:db:
52:e0:fe:03:7c:09:1c:7f:9e:15:86:72:0a:90:3e:
07:ed:e5:80:83:b3:98:4d:ce:6f:46:f6:81:0c:d3:
75:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6A:8F:6C:7B:19:35:69:27:6F:82:3A:FD:39:14:8C:FC:4A:74:AD
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/UmqPbHsZNWknb4I6_TkUjPxKdK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.252.0/22
217.22.172.0/23
Signature Algorithm: sha256WithRSAEncryption
79:24:9b:e6:86:4b:6f:15:ed:a6:23:46:53:fb:ec:c5:1a:33:
d0:9d:3a:1d:11:a7:ce:39:1b:34:33:f8:d1:60:c6:28:63:ac:
61:c0:4b:d1:99:2b:bb:3f:95:15:66:86:ea:d2:94:ff:fb:8d:
72:92:78:51:21:e2:1c:4d:26:53:94:e5:64:90:76:0a:66:7e:
09:ba:10:07:fd:a6:65:ca:8c:05:cc:47:0a:00:32:42:b1:48:
c0:b6:42:28:ae:8a:48:03:f7:b2:3b:4b:ed:da:17:10:50:87:
07:83:73:27:73:a7:63:c5:6f:a8:81:88:da:84:99:93:f0:ca:
66:34:b4:72:5e:dc:7a:3b:c1:8e:9b:e9:de:fd:98:e2:f9:00:
c3:c5:35:a0:dd:2b:49:64:bc:aa:82:6d:d3:c2:3d:ae:ec:f1:
4e:97:55:14:8a:a7:48:12:b2:83:0b:54:8d:99:f5:64:22:9f:
41:e9:16:79:a5:38:5b:de:14:c2:10:1e:b9:79:38:10:70:39:
a3:94:3e:49:93:7d:bd:df:c3:8f:70:4c:1a:5b:7e:01:d1:1a:
a5:ed:46:2f:99:3a:4a:63:8e:62:96:ce:90:38:96:b4:b6:46:
46:36:35:fe:44:a6:88:21:c3:ef:69:7f:53:db:6e:a3:25:b7:
7f:9f:5e:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGYikAGLde1T0kYbfi5A8XsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI4MTAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZhOGY2YzdiMTkzNTY5Mjc2ZjgyM2FmZDM5MTQ4Y2ZjNGE3NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TBjmmuKhpj/xMMwMVTdkd/KQog4
7arFgy5xnAJhFDR6X4ypLNIxkOVFSeVUu/uJT4anovM0Ycx96QYoo8qb77gEJ0b8
8K9iaPHgxVRRpTx5JT++UVV54E6RnFcn5/YBJnkfUcNZCOrIMAHS9aESlAbM2/4i
cKEufM8VWuw1wnlyKGasY5bpCnU0MQGE8hxZmdvxzE2TP+GuhzhjoJvnhjLLktlp
3XhqnjDSvPMljACH7kolmIL7PteXrGposrsi4qBJ4Fqd+EuDHfj5JJKK8KgVyQsz
ieqi9xGI1sBrE9tS4P4DfAkcf54VhnIKkD4H7eWAg7OYTc5vRvaBDNN1EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJqj2x7GTVpJ2+COv05FIz8SnStMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVW1xUGJIc1pOV2tuYjRJNl9Ua1VqUHhLZEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9L8AwQB
2RasMA0GCSqGSIb3DQEBCwUAA4IBAQB5JJvmhktvFe2mI0ZT++zFGjPQnTodEafO
ORs0M/jRYMYoY6xhwEvRmSu7P5UVZobq0pT/+41yknhRIeIcTSZTlOVkkHYKZn4J
uhAH/aZlyowFzEcKADJCsUjAtkIoropIA/eyO0vt2hcQUIcHg3Mnc6djxW+ogYja
hJmT8MpmNLRyXtx6O8GOm+ne/Zji+QDDxTWg3StJZLyqgm3Twj2u7PFOl1UUiqdI
ErKDC1SNmfVkIp9B6RZ5pThb3hTCEB65eTgQcDmjlD5Jk32938OPcEwaW34B0Rql
7UYvmTpKY45ils6QOJa0tkZGNjX+RKaIIcPvaX9T226jJbd/n15Q
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:17:59 2025 by rpki-client