Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/uzWHiaOMMkGV87uyeXXUITp3-dw.roa
File: uzWHiaOMMkGV87uyeXXUITp3-dw.roa (raw, json)
Hash identifier: TWX3C7X0z/u4++l4ME+e+45yNkKZthq+dlUt5nWTCnI=
Subject key identifier: BB:35:87:89:A3:8C:32:41:95:F3:BB:B2:79:75:D4:21:3A:77:F9:DC
Certificate issuer: /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial: 018CC727647A9723ED34DF3A47BB33AD8E43
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/uzWHiaOMMkGV87uyeXXUITp3-dw.roa
Signing time: Mon 01 Jan 2024 22:31:36 +0000
ROA not before: Mon 01 Jan 2024 22:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61236
IP address blocks: 91.238.72.0/23 maxlen: 24
185.14.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:64:7a:97:23:ed:34:df:3a:47:bb:33:ad:8e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Validity
Not Before: Jan 1 22:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb358789a38c324195f3bbb27975d4213a77f9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7b:d7:69:86:e6:71:32:da:0a:37:30:17:ad:
89:d7:fc:5b:9d:b3:9a:0d:4a:4b:90:01:34:30:67:
85:17:ac:97:24:1e:85:9c:bc:2e:e5:8a:81:ba:d1:
2d:a6:37:07:20:85:6e:53:b5:80:6f:3d:88:6b:0c:
d2:73:ba:f3:bf:8b:42:45:03:40:83:a0:29:63:1b:
99:ef:dc:93:a0:a7:7c:3e:31:0e:bf:25:99:cc:e1:
63:9f:d7:cf:04:c8:24:2c:db:ac:a5:9a:81:9a:e2:
93:35:45:da:99:6c:50:b1:ff:9b:c6:9c:8d:b7:93:
b9:ff:5d:6a:dc:f9:2d:a9:28:c2:93:fd:bd:8d:7a:
78:e3:12:92:9f:dc:42:7f:44:77:1b:4c:0f:11:83:
df:1a:10:c7:5c:fe:3e:b8:9c:b8:ba:43:7a:c4:95:
39:93:c0:e4:62:4d:72:4a:24:57:19:83:0e:6d:81:
14:7a:fc:d0:22:19:46:df:f8:c9:c1:00:b7:be:18:
d1:2c:0b:6a:1a:08:1e:47:52:f1:8d:bb:4b:a5:7c:
74:93:59:97:e4:72:4c:44:dc:40:3f:0a:c4:89:bf:
25:74:06:c1:3b:af:9f:dd:32:3d:46:6c:45:27:fd:
da:8b:c2:69:67:73:f8:6e:59:fa:1c:e9:72:7e:4e:
bd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:35:87:89:A3:8C:32:41:95:F3:BB:B2:79:75:D4:21:3A:77:F9:DC
X509v3 Authority Key Identifier:
keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/uzWHiaOMMkGV87uyeXXUITp3-dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.72.0/23
185.14.104.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:d0:05:56:0c:01:c3:52:c7:b3:1b:41:39:96:23:fc:58:dc:
df:08:29:fc:e5:86:1c:fa:58:69:a7:62:cf:8c:49:e1:15:fb:
87:5b:7a:e6:e4:06:bc:93:65:ca:23:06:18:17:2e:14:85:5b:
e8:cd:00:b2:97:cc:d8:6d:e1:fa:c5:e5:d4:f6:79:55:ca:19:
12:c8:a9:5e:63:81:5c:ac:c6:fa:30:f2:61:e7:13:cc:8d:44:
73:d2:d8:27:ac:93:32:24:4c:66:ac:c8:44:33:2e:1a:d7:17:
5d:80:71:4f:a8:db:c7:67:a9:1a:92:a9:c8:2b:61:5a:19:79:
f9:be:78:0a:ad:3d:2a:32:6b:e0:24:d9:5f:4d:54:6e:4b:30:
96:19:85:72:9e:ec:c1:30:d4:ae:cb:df:33:7e:c8:15:c4:4e:
e1:d6:93:48:a7:f3:c7:4f:2b:0f:f3:57:45:14:db:db:8f:70:
99:d4:ac:39:1e:da:52:b8:63:23:35:a8:bb:58:aa:f6:ba:bd:
85:46:40:0b:44:09:44:45:fd:97:aa:8e:bd:3b:d1:5f:9b:fb:
a1:3a:d6:2a:21:51:73:7f:92:db:ee:50:af:89:0c:f3:67:b7:
09:0a:5c:bc:ef:3d:a4:b5:ea:05:c1:65:bb:1d:e2:2e:f7:ab:
a3:7e:53:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ2R6lyPtNN86R7szrY5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWIwNzZkMTY3MDJjN2RiZWE5NzJlMjk3MmVmNTc2YTFm
MmM4NzMwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM1ODc4OWEzOGMzMjQxOTVmM2JiYjI3OTc1ZDQyMTNhNzdmOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXvXaYbmcTLaCjcwF62J1/xbnbOa
DUpLkAE0MGeFF6yXJB6FnLwu5YqButEtpjcHIIVuU7WAbz2IawzSc7rzv4tCRQNA
g6ApYxuZ79yToKd8PjEOvyWZzOFjn9fPBMgkLNuspZqBmuKTNUXamWxQsf+bxpyN
t5O5/11q3PktqSjCk/29jXp44xKSn9xCf0R3G0wPEYPfGhDHXP4+uJy4ukN6xJU5
k8DkYk1ySiRXGYMObYEUevzQIhlG3/jJwQC3vhjRLAtqGggeR1LxjbtLpXx0k1mX
5HJMRNxAPwrEib8ldAbBO6+f3TI9RmxFJ/3ai8JpZ3P4bln6HOlyfk69ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLs1h4mjjDJBlfO7snl11CE6d/ncMB8GA1UdIwQY
MBaAFMHrB20WcCx9vqly4pcu9Xah8shzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMt
NmMzMmE2YWIxZWYyLzEvdXpXSGlhT01Na0dWODd1eWVYWFVJVHAzLWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMtNmMzMmE2YWIxZWYy
LzEvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+5IAwQC
uQ5oMA0GCSqGSIb3DQEBCwUAA4IBAQCm0AVWDAHDUsezG0E5liP8WNzfCCn85YYc
+lhpp2LPjEnhFfuHW3rm5Aa8k2XKIwYYFy4UhVvozQCyl8zYbeH6xeXU9nlVyhkS
yKleY4FcrMb6MPJh5xPMjURz0tgnrJMyJExmrMhEMy4a1xddgHFPqNvHZ6kakqnI
K2FaGXn5vngKrT0qMmvgJNlfTVRuSzCWGYVynuzBMNSuy98zfsgVxE7h1pNIp/PH
TysP81dFFNvbj3CZ1Kw5HtpSuGMjNai7WKr2ur2FRkALRAlERf2Xqo69O9Ffm/uh
OtYqIVFzf5Lb7lCviQzzZ7cJCly87z2kteoFwWW7HeIu96ujflOs
-----END CERTIFICATE-----
Generated at Sat May 3 12:35:29 2025 by rpki-client