Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/miEls5GKtu2pH8MGadrA8H-yWcs.roa
File: miEls5GKtu2pH8MGadrA8H-yWcs.roa (raw, json)
Hash identifier: Q8VVw7TLs6hnOIJvXM7ELU8OLZN2aVZxVUVi3VW16J0=
Subject key identifier: 9A:21:25:B3:91:8A:B6:ED:A9:1F:C3:06:69:DA:C0:F0:7F:B2:59:CB
Certificate issuer: /CN=3680651aba066b4084a7ed20d7f5201b2296c197
Certificate serial: 0191E56553C96BE1C6E648C8F77AC987C3BC
Authority key identifier: 36:80:65:1A:BA:06:6B:40:84:A7:ED:20:D7:F5:20:1B:22:96:C1:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NoBlGroGa0CEp-0g1_UgGyKWwZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/miEls5GKtu2pH8MGadrA8H-yWcs.roa
Signing time: Thu 12 Sep 2024 08:41:48 +0000
ROA not before: Thu 12 Sep 2024 08:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35725
IP address blocks: 89.33.32.0/21 maxlen: 21
89.33.48.0/21 maxlen: 21
178.138.0.0/16 maxlen: 16
178.138.0.0/18 maxlen: 18
178.138.32.0/22 maxlen: 22
178.138.38.0/24 maxlen: 24
178.138.39.0/24 maxlen: 24
178.138.40.0/23 maxlen: 23
178.138.62.0/24 maxlen: 24
178.138.96.0/23 maxlen: 23
178.138.98.0/23 maxlen: 23
178.138.104.0/24 maxlen: 24
178.138.126.0/23 maxlen: 23
178.138.192.0/23 maxlen: 23
178.138.194.0/23 maxlen: 23
193.104.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 10:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:65:53:c9:6b:e1:c6:e6:48:c8:f7:7a:c9:87:c3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3680651aba066b4084a7ed20d7f5201b2296c197
Validity
Not Before: Sep 12 08:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a2125b3918ab6eda91fc30669dac0f07fb259cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6f:1a:bb:79:01:9c:ef:be:b2:b9:f7:80:b3:
b2:f0:d0:ad:ee:b5:4b:75:b2:4b:cf:8d:9f:7d:b8:
f9:0c:ba:e1:12:e7:f4:ed:6c:ff:2a:6f:e4:ab:32:
bf:77:65:d5:46:86:ad:ae:02:08:dd:fa:f7:c9:47:
4a:95:62:cb:92:1c:83:11:4c:76:bd:fb:53:7c:07:
ca:3f:17:59:c4:d9:eb:4b:20:c7:6d:f2:af:e7:d0:
3b:f0:45:b8:fc:8e:17:28:2d:09:0f:f4:03:19:fd:
6f:59:50:85:30:cb:6d:bb:33:d1:0f:2d:fe:71:27:
d3:bd:be:63:ca:93:4e:9a:df:61:83:e2:24:b9:bf:
4a:26:a4:69:0d:c6:11:a8:54:60:a5:12:97:21:b0:
97:99:2f:7c:5c:5a:c1:25:6c:ff:2b:0b:30:37:93:
db:e3:d9:af:76:c8:47:d1:44:3a:61:c6:2a:8e:03:
2e:77:d4:96:a8:78:f2:4d:6a:3e:e6:35:27:89:60:
4c:cb:b1:e9:f1:2c:98:37:56:ca:4d:98:49:60:56:
ca:34:fe:0c:d5:d6:0e:6c:cb:ee:cc:ae:14:42:a9:
88:16:4a:e9:3b:79:d4:2b:22:28:9a:63:f1:e5:1e:
70:e7:e6:cd:b6:60:ba:95:54:93:32:71:52:19:b0:
d0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:21:25:B3:91:8A:B6:ED:A9:1F:C3:06:69:DA:C0:F0:7F:B2:59:CB
X509v3 Authority Key Identifier:
keyid:36:80:65:1A:BA:06:6B:40:84:A7:ED:20:D7:F5:20:1B:22:96:C1:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NoBlGroGa0CEp-0g1_UgGyKWwZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/miEls5GKtu2pH8MGadrA8H-yWcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/NoBlGroGa0CEp-0g1_UgGyKWwZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.32.0/21
89.33.48.0/21
178.138.0.0/16
193.104.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:8c:af:01:15:33:86:e4:ef:40:58:d0:bf:b2:4e:a1:80:69:
a9:2e:39:a8:90:3c:c4:ea:34:a7:45:df:a4:6b:52:c5:06:29:
33:a2:40:00:30:07:37:7d:70:1f:17:85:b5:bf:cd:e5:f8:6b:
f3:3c:09:7e:f2:aa:ca:5e:ae:f9:f0:c8:5c:14:c1:0a:25:c3:
85:7f:1e:63:f7:04:89:ed:4b:c4:1b:dd:a7:cb:80:7f:84:75:
94:cb:5a:f7:dc:7e:df:1b:00:dc:f9:35:8a:2b:5b:07:cb:0b:
5f:02:ab:2a:78:2f:59:42:99:d1:32:48:fb:39:a3:42:29:35:
71:38:99:1a:18:d8:94:ec:2e:3e:08:93:7c:b5:6b:b6:33:91:
65:27:17:fa:f1:11:b6:8c:bf:e5:22:30:de:07:c6:a0:cf:ab:
eb:41:16:45:1d:32:c6:e1:20:03:57:05:32:cd:c3:f3:1d:76:
34:b1:aa:ca:3b:f6:1e:40:7e:ea:c5:37:ac:c8:7f:0c:40:77:
ab:c4:06:0f:4b:f6:d1:df:8f:0b:cc:c3:04:e8:a8:84:43:c0:
6c:82:09:ea:4b:d6:5d:cc:9c:3b:ad:2d:32:0d:ad:78:50:80:
dd:bc:e5:51:16:5d:d5:35:ba:75:07:4c:84:fd:71:ff:57:79:
ae:e0:7d:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZHlZVPJa+HG5kjI93rJh8O8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ODA2NTFhYmEwNjZiNDA4NGE3ZWQyMGQ3ZjUyMDFiMjI5
NmMxOTcwHhcNMjQwOTEyMDg0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTIxMjViMzkxOGFiNmVkYTkxZmMzMDY2OWRhYzBmMDdmYjI1OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA228au3kBnO++srn3gLOy8NCt7rVL
dbJLz42ffbj5DLrhEuf07Wz/Km/kqzK/d2XVRoatrgII3fr3yUdKlWLLkhyDEUx2
vftTfAfKPxdZxNnrSyDHbfKv59A78EW4/I4XKC0JD/QDGf1vWVCFMMttuzPRDy3+
cSfTvb5jypNOmt9hg+Ikub9KJqRpDcYRqFRgpRKXIbCXmS98XFrBJWz/KwswN5Pb
49mvdshH0UQ6YcYqjgMud9SWqHjyTWo+5jUniWBMy7Hp8SyYN1bKTZhJYFbKNP4M
1dYObMvuzK4UQqmIFkrpO3nUKyIommPx5R5w5+bNtmC6lVSTMnFSGbDQtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJohJbORirbtqR/DBmnawPB/slnLMB8GA1UdIwQY
MBaAFDaAZRq6BmtAhKftINf1IBsilsGXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm9CbEdyb0dhMENFcC0wZzFfVWdHeUtXd1pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9kMTBiOTQtNDEwNS00NWUyLWE3MDct
NTIyNGNmMTNmNTg2LzEvbWlFbHM1R0t0dTJwSDhNR2FkckE4SC15V2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9kMTBiOTQtNDEwNS00NWUyLWE3MDctNTIyNGNmMTNmNTg2
LzEvTm9CbEdyb0dhMENFcC0wZzFfVWdHeUtXd1pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQDWSEgAwQD
WSEwAwMAsooDBADBaPcwDQYJKoZIhvcNAQELBQADggEBAH2MrwEVM4bk70BY0L+y
TqGAaakuOaiQPMTqNKdF36RrUsUGKTOiQAAwBzd9cB8XhbW/zeX4a/M8CX7yqspe
rvnwyFwUwQolw4V/HmP3BIntS8Qb3afLgH+EdZTLWvfcft8bANz5NYorWwfLC18C
qyp4L1lCmdEySPs5o0IpNXE4mRoY2JTsLj4Ik3y1a7YzkWUnF/rxEbaMv+UiMN4H
xqDPq+tBFkUdMsbhIANXBTLNw/MddjSxqso79h5AfurFN6zIfwxAd6vEBg9L9tHf
jwvMwwToqIRDwGyCCepL1l3MnDutLTINrXhQgN285VEWXdU1unUHTIT9cf9Xea7g
fQU=
-----END CERTIFICATE-----
Generated at Tue Jun 17 08:49:41 2025 by rpki-client