Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/U5Su_ACI-zJ9USCOgTdo1xTETYw.roa
File: U5Su_ACI-zJ9USCOgTdo1xTETYw.roa (raw, json)
Hash identifier: TDxTwyBo77eN1C19vxvnHH8OcrZGQ7IT/5ty+VTfENc=
Subject key identifier: 53:94:AE:FC:00:88:FB:32:7D:51:20:8E:81:37:68:D7:14:C4:4D:8C
Certificate issuer: /CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Certificate serial: 01947A458EE78B50F0AEC2B32209472FBAB2
Authority key identifier: E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/U5Su_ACI-zJ9USCOgTdo1xTETYw.roa
Signing time: Sat 18 Jan 2025 16:36:06 +0000
ROA not before: Sat 18 Jan 2025 16:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213168
IP address blocks: 91.211.145.0/24 maxlen: 24
212.104.212.0/23 maxlen: 23
2a13:8140::/48 maxlen: 48
2a13:8140:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 18 Jan 2025 18:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7a:45:8e:e7:8b:50:f0:ae:c2:b3:22:09:47:2f:ba:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Validity
Not Before: Jan 18 16:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5394aefc0088fb327d51208e813768d714c44d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:61:82:e2:85:0e:89:99:79:47:15:9d:a6:50:
bb:28:9e:ea:1e:03:f1:93:65:e1:01:82:56:ef:cf:
cf:9a:75:af:1f:c9:0d:0a:0b:e9:42:76:4a:6d:f2:
c5:06:4d:e7:26:28:33:3c:1f:79:d5:6b:56:df:5a:
b9:81:92:ff:94:78:4a:87:f5:70:9c:dc:ce:d2:47:
4f:09:a3:1f:b5:58:9b:30:ed:f2:ff:f3:24:cb:5c:
f1:be:26:dd:4f:3f:c9:a6:2e:db:10:2a:62:96:33:
41:25:78:d9:31:12:be:81:ae:36:d6:cc:27:74:36:
32:ad:58:6e:2b:82:03:0f:5b:df:25:92:12:69:d7:
5b:42:de:f7:8b:b9:a1:8f:d2:9f:f2:44:db:4d:bd:
f9:ec:25:8b:a8:e9:cd:03:69:23:32:25:55:c5:12:
10:57:4c:98:93:bd:f7:1f:0c:36:84:12:c4:f6:fd:
19:a3:7c:6e:32:e9:41:b6:c4:02:4e:d3:28:df:23:
56:56:5d:80:f2:0d:9e:d0:3b:90:5e:53:a6:1b:c7:
db:2c:12:d9:18:23:46:d0:43:40:01:1d:f2:e6:64:
26:67:c1:5d:27:82:ae:98:88:2b:5a:d2:72:e5:33:
c7:95:b0:5b:36:bd:33:c5:5f:79:00:44:3b:43:83:
f9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:94:AE:FC:00:88:FB:32:7D:51:20:8E:81:37:68:D7:14:C4:4D:8C
X509v3 Authority Key Identifier:
keyid:E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/U5Su_ACI-zJ9USCOgTdo1xTETYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.145.0/24
212.104.212.0/23
IPv6:
2a13:8140::/47
Signature Algorithm: sha256WithRSAEncryption
1d:c8:ff:e0:76:44:bd:a2:42:bc:45:58:8b:12:2f:1f:b5:aa:
bc:be:ae:46:82:9e:3e:10:06:d8:da:d7:9c:ad:38:b6:77:18:
f6:27:79:b3:49:89:f2:5d:04:c1:20:ea:6b:21:d0:6c:e4:ce:
de:6c:a5:a8:c9:bd:31:c4:5b:14:4f:af:fd:ee:38:17:68:5e:
0b:bf:63:37:e9:e8:4a:87:91:d4:b7:17:85:db:da:c7:68:2b:
f2:48:67:e4:e1:9a:d6:1b:5a:cf:0c:84:fe:81:45:35:ae:f1:
ba:aa:f5:0b:4f:16:59:bd:fe:c0:48:84:18:36:71:e5:1d:02:
0a:8a:d6:b4:93:c9:5c:33:38:d8:d2:b6:bd:95:66:00:be:be:
75:b4:55:48:a5:ba:26:d7:7c:e2:62:20:e2:ea:d9:54:10:7c:
d5:d0:11:19:18:f3:6e:18:14:44:3d:08:6d:82:d8:fb:73:e3:
12:9b:7e:72:72:72:79:65:7b:b0:e3:6e:27:d0:db:96:43:25:
1a:56:83:25:68:d0:10:8a:0b:02:56:2b:4c:7d:87:3e:2e:5c:
1a:79:9a:fa:39:c9:43:ae:34:f0:00:6a:90:6d:18:39:f7:28:
38:da:fc:a5:9a:67:05:8e:4e:54:88:d1:8e:94:71:fa:64:3a:
ce:d4:2a:4b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZR6RY7ni1DwrsKzIglHL7qyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjYyYmJlOWVlYjVhM2Q2NmUxY2MyMjNhZGVkYzUzYjE3
N2M0ZWUwHhcNMjUwMTE4MTYzNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzk0YWVmYzAwODhmYjMyN2Q1MTIwOGU4MTM3NjhkNzE0YzQ0ZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2GC4oUOiZl5RxWdplC7KJ7qHgPx
k2XhAYJW78/PmnWvH8kNCgvpQnZKbfLFBk3nJigzPB951WtW31q5gZL/lHhKh/Vw
nNzO0kdPCaMftVibMO3y//Mky1zxvibdTz/Jpi7bECpiljNBJXjZMRK+ga421swn
dDYyrVhuK4IDD1vfJZISaddbQt73i7mhj9Kf8kTbTb357CWLqOnNA2kjMiVVxRIQ
V0yYk733Hww2hBLE9v0Zo3xuMulBtsQCTtMo3yNWVl2A8g2e0DuQXlOmG8fbLBLZ
GCNG0ENAAR3y5mQmZ8FdJ4KumIgrWtJy5TPHlbBbNr0zxV95AEQ7Q4P5CQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFOUrvwAiPsyfVEgjoE3aNcUxE2MMB8GA1UdIwQY
MBaAFOi2K76e61o9ZuHMIjre3FOxd8TuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgt
YjNjYmI1YWQyYWQwLzEvVTVTdV9BQ0kteko5VVNDT2dUZG8xeFRFVFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgtYjNjYmI1YWQyYWQw
LzEvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9ORAwQB
1GjUMA8EAgACMAkDBwEqE4FAAAAwDQYJKoZIhvcNAQELBQADggEBAB3I/+B2RL2i
QrxFWIsSLx+1qry+rkaCnj4QBtja15ytOLZ3GPYnebNJifJdBMEg6msh0Gzkzt5s
pajJvTHEWxRPr/3uOBdoXgu/Yzfp6EqHkdS3F4Xb2sdoK/JIZ+ThmtYbWs8MhP6B
RTWu8bqq9QtPFlm9/sBIhBg2ceUdAgqK1rSTyVwzONjStr2VZgC+vnW0VUiluibX
fOJiIOLq2VQQfNXQERkY824YFEQ9CG2C2Ptz4xKbfnJycnlle7DjbifQ25ZDJRpW
gyVo0BCKCwJWK0x9hz4uXBp5mvo5yUOuNPAAapBtGDn3KDja/KWaZwWOTlSI0Y6U
cfpkOs7UKks=
-----END CERTIFICATE-----
Generated at Fri May 9 18:49:54 2025 by rpki-client