Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/UQlhTqKOVV0wVbYJVh19shDZMm8.roa
File: UQlhTqKOVV0wVbYJVh19shDZMm8.roa (raw, json)
Hash identifier: 5bBhQGhiNTYu13KnDaAIdXrc5ov39PX1QDMLuzx49IQ=
Subject key identifier: 51:09:61:4E:A2:8E:55:5D:30:55:B6:09:56:1D:7D:B2:10:D9:32:6F
Certificate issuer: /CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Certificate serial: 0193B968E819574B946A73D0F73324E05E96
Authority key identifier: 3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/UQlhTqKOVV0wVbYJVh19shDZMm8.roa
Signing time: Thu 12 Dec 2024 05:48:00 +0000
ROA not before: Thu 12 Dec 2024 05:48:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 213.190.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b9:68:e8:19:57:4b:94:6a:73:d0:f7:33:24:e0:5e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Validity
Not Before: Dec 12 05:48:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5109614ea28e555d3055b609561d7db210d9326f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0f:a2:5b:f2:fb:1c:f6:5d:1c:db:c3:39:f7:
f3:19:ad:9b:ea:c2:c0:3a:ad:4f:76:b8:45:31:64:
e8:64:49:48:12:bc:57:ba:1d:5a:97:84:c7:22:09:
44:26:69:43:7a:c5:07:d4:e9:9a:47:21:d0:72:c4:
ea:1f:86:96:c2:62:e9:4f:6d:cd:55:d3:fa:f2:c2:
ac:4b:52:d8:5d:25:9a:74:b2:a4:d5:3e:ee:f4:0d:
15:5f:7c:a0:0c:ce:20:07:bb:ac:16:af:c8:09:c7:
9b:1e:45:ce:14:03:83:e5:88:e8:4f:5e:58:8a:7f:
77:1e:0a:a7:31:ba:a1:a8:04:6a:f5:43:85:20:2f:
00:e3:35:d4:5d:66:cb:8d:ef:a5:c2:f7:3c:7a:3a:
19:68:0d:f3:c9:d3:fe:93:87:13:c5:08:00:99:35:
5e:e1:52:b2:86:26:83:be:73:00:75:b5:76:3d:b1:
62:5d:2a:5e:5c:c1:39:2c:5f:95:4c:4f:3d:bc:25:
1e:4e:5c:68:39:5c:83:e7:84:e6:43:c7:30:91:70:
9c:81:a7:1d:22:cc:e0:09:9c:60:3f:c2:66:50:cc:
ec:32:03:ca:90:98:f1:8c:bd:da:59:22:8c:d5:f2:
e9:b2:07:ed:52:1b:e0:ed:ab:95:63:6e:5f:10:da:
30:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:09:61:4E:A2:8E:55:5D:30:55:B6:09:56:1D:7D:B2:10:D9:32:6F
X509v3 Authority Key Identifier:
keyid:3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/UQlhTqKOVV0wVbYJVh19shDZMm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.190.14.0/24
Signature Algorithm: sha256WithRSAEncryption
70:9a:d0:57:de:85:71:98:c6:84:5c:d6:65:51:10:d2:80:8e:
40:ff:b1:06:e8:1d:18:fb:fa:7e:d3:c1:21:24:ef:9d:9d:8a:
d4:92:ee:f1:bf:5d:49:3a:51:09:38:f8:8b:1b:ba:99:81:26:
85:69:f6:0a:a0:20:f0:2a:36:4a:da:54:90:47:53:fb:5a:e6:
83:e7:49:90:3e:4b:03:fd:bc:b7:a7:9f:4b:43:6b:66:66:e7:
15:2b:dd:f1:36:b2:be:94:d2:95:1e:e3:cb:0f:ac:86:16:65:
dd:83:92:d0:c7:b3:b8:2b:20:c6:bc:1e:65:50:0c:2a:c3:64:
8f:92:34:38:a7:fe:8b:a8:35:74:fb:c3:48:81:18:ea:6d:7a:
81:5c:56:fe:74:3b:47:a1:a6:b1:d8:66:49:a2:31:d6:4d:b7:
ba:c6:45:bd:3a:b7:ec:2b:3b:77:96:72:7d:68:96:b3:c6:c6:
6b:52:13:1a:63:b2:51:62:c7:3e:95:d4:a5:49:39:f7:db:ac:
ae:0f:2c:17:86:7a:4b:44:bf:31:8c:64:f4:0d:0b:02:2f:de:
5c:50:1d:e6:07:71:0b:0f:0c:e4:84:51:d6:6f:cb:38:9b:d3:
5e:77:d7:d5:a5:f0:e4:47:15:ca:1d:26:58:3b:72:03:af:03:
03:7c:ae:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO5aOgZV0uUanPQ9zMk4F6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDlhMTc3YmI1ZGZiNmVhYmU0Y2FkNzlkZWY4ZjhiMDA1
ZGY2NTYwHhcNMjQxMjEyMDU0ODAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTA5NjE0ZWEyOGU1NTVkMzA1NWI2MDk1NjFkN2RiMjEwZDkzMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3A+iW/L7HPZdHNvDOffzGa2b6sLA
Oq1PdrhFMWToZElIErxXuh1al4THIglEJmlDesUH1OmaRyHQcsTqH4aWwmLpT23N
VdP68sKsS1LYXSWadLKk1T7u9A0VX3ygDM4gB7usFq/ICcebHkXOFAOD5YjoT15Y
in93HgqnMbqhqARq9UOFIC8A4zXUXWbLje+lwvc8ejoZaA3zydP+k4cTxQgAmTVe
4VKyhiaDvnMAdbV2PbFiXSpeXME5LF+VTE89vCUeTlxoOVyD54TmQ8cwkXCcgacd
IszgCZxgP8JmUMzsMgPKkJjxjL3aWSKM1fLpsgftUhvg7auVY25fENowsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEJYU6ijlVdMFW2CVYdfbIQ2TJvMB8GA1UdIwQY
MBaAFDvZoXe7Xftuq+TK153vj4sAXfZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUt
ZTM4MDMwYjY5ZDVhLzEvVVFsaFRxS09WVjB3VmJZSlZoMTlzaERaTW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUtZTM4MDMwYjY5ZDVh
LzEvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1b4OMA0G
CSqGSIb3DQEBCwUAA4IBAQBwmtBX3oVxmMaEXNZlURDSgI5A/7EG6B0Y+/p+08Eh
JO+dnYrUku7xv11JOlEJOPiLG7qZgSaFafYKoCDwKjZK2lSQR1P7WuaD50mQPksD
/by3p59LQ2tmZucVK93xNrK+lNKVHuPLD6yGFmXdg5LQx7O4KyDGvB5lUAwqw2SP
kjQ4p/6LqDV0+8NIgRjqbXqBXFb+dDtHoaax2GZJojHWTbe6xkW9OrfsKzt3lnJ9
aJazxsZrUhMaY7JRYsc+ldSlSTn326yuDywXhnpLRL8xjGT0DQsCL95cUB3mB3EL
DwzkhFHWb8s4m9Ned9fVpfDkRxXKHSZYO3IDrwMDfK6R
-----END CERTIFICATE-----
Generated at Mon May 5 01:22:52 2025 by rpki-client