Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/otue4oQPVnxFAva3K536XUcqNkw.roa
File: otue4oQPVnxFAva3K536XUcqNkw.roa (raw, json)
Hash identifier: M3IilujcAS7MhwAKeJUB9bNkPq7ekfLwnXnlWzGl8Cw=
Subject key identifier: A2:DB:9E:E2:84:0F:56:7C:45:02:F6:B7:2B:9D:FA:5D:47:2A:36:4C
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0196AA262CFAB81C3EB80599BD4625A0C8C0
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/otue4oQPVnxFAva3K536XUcqNkw.roa
Signing time: Wed 07 May 2025 09:49:10 +0000
ROA not before: Wed 07 May 2025 09:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209737
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 May 2025 14:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:26:2c:fa:b8:1c:3e:b8:05:99:bd:46:25:a0:c8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 7 09:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2db9ee2840f567c4502f6b72b9dfa5d472a364c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e4:da:fe:b6:85:25:08:8f:25:36:2f:44:9e:
88:75:4f:b7:b2:1d:96:4a:df:0b:c1:0c:a0:e6:ae:
a5:67:85:c7:36:37:fc:2d:e9:1a:fa:a1:24:ae:1a:
ac:42:79:bc:12:f3:db:03:f1:15:fb:4c:5f:bd:2a:
91:98:07:50:76:93:bf:18:97:c7:5d:cf:fd:74:dd:
0d:9b:2d:14:32:3f:ee:a2:31:75:f9:ca:d7:28:9c:
46:4c:d8:0a:15:1a:cd:bd:3f:63:be:49:9a:bb:87:
61:49:95:95:85:ce:8c:90:29:f5:d5:8b:fc:de:ea:
5b:0a:24:1c:ce:80:04:fd:8b:71:fc:39:19:b1:33:
c5:30:c8:51:b5:73:9d:10:30:72:dd:95:12:8a:e8:
bd:f8:6e:64:74:b3:ed:80:0b:5d:8c:ae:3a:04:40:
58:3c:ad:89:a2:cb:b9:df:f7:da:e9:6f:2c:71:21:
08:27:dc:78:8d:31:77:0a:6f:c1:08:8a:ff:18:26:
3a:44:42:79:79:87:a1:a8:23:7b:f5:a0:d4:bc:85:
61:ce:91:75:f7:4c:b4:fd:7b:95:db:51:40:5c:84:
34:5f:a8:41:79:88:e5:df:46:99:73:bd:5f:00:e7:
59:20:ac:a8:31:37:30:a1:ba:44:6e:d0:83:96:c0:
cc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DB:9E:E2:84:0F:56:7C:45:02:F6:B7:2B:9D:FA:5D:47:2A:36:4C
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/otue4oQPVnxFAva3K536XUcqNkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0/24
109.236.51.0/24
185.86.6.0/24
185.254.28.0/23
193.35.152.0/24
Signature Algorithm: sha256WithRSAEncryption
48:bb:53:06:c0:3b:47:0c:ae:75:47:f8:da:f4:cb:ee:3c:01:
69:10:97:f9:7a:57:22:1f:f7:bd:6d:9c:df:58:f6:c3:3b:45:
1b:27:97:7e:cf:de:0d:df:bf:a1:86:15:ad:64:4a:c4:34:36:
41:41:93:ca:50:93:3a:e9:a6:68:ba:d3:77:de:f5:36:b5:54:
c1:a9:31:39:b1:da:f7:05:17:b3:b7:77:64:c9:45:54:92:53:
cc:1b:98:8d:84:33:19:42:65:b0:5c:da:eb:14:39:fb:16:2f:
f3:e8:4a:2d:23:3d:de:7d:9d:12:96:f5:f0:fd:a7:37:73:10:
37:23:f7:11:2e:06:77:98:75:15:e7:fa:21:db:6d:23:86:d5:
50:f4:02:1d:95:ee:61:80:64:6e:34:68:ff:6b:98:1a:c6:81:
59:6a:a2:ef:d6:50:3b:38:bc:f5:e8:e4:f5:c9:ae:30:b0:69:
91:96:ec:8e:5a:73:c6:8b:50:b8:5d:e9:6f:91:a4:d1:41:2a:
01:2a:b7:d7:d1:e7:45:c4:f1:ea:ce:db:39:e2:fd:71:40:5b:
f7:b3:7d:33:10:4d:1c:1f:d3:2e:44:cf:f8:b5:2e:b9:67:f1:
c3:ea:0c:ca:2c:c3:62:09:57:a3:3f:21:77:b7:1f:df:61:18:
2d:45:50:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZaqJiz6uBw+uAWZvUYloMjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNTA3MDk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRiOWVlMjg0MGY1NjdjNDUwMmY2YjcyYjlkZmE1ZDQ3MmEzNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOTa/raFJQiPJTYvRJ6IdU+3sh2W
St8LwQyg5q6lZ4XHNjf8Leka+qEkrhqsQnm8EvPbA/EV+0xfvSqRmAdQdpO/GJfH
Xc/9dN0Nmy0UMj/uojF1+crXKJxGTNgKFRrNvT9jvkmau4dhSZWVhc6MkCn11Yv8
3upbCiQczoAE/Ytx/DkZsTPFMMhRtXOdEDBy3ZUSiui9+G5kdLPtgAtdjK46BEBY
PK2Josu53/fa6W8scSEIJ9x4jTF3Cm/BCIr/GCY6REJ5eYehqCN79aDUvIVhzpF1
90y0/XuV21FAXIQ0X6hBeYjl30aZc71fAOdZIKyoMTcwobpEbtCDlsDMQwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKLbnuKED1Z8RQL2tyud+l1HKjZMMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvb3R1ZTRvUVBWbnhGQXZhM0s1MzZYVWNxTmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAbewxAwQA
bewzAwQAuVYGAwQBuf4cAwQAwSOYMA0GCSqGSIb3DQEBCwUAA4IBAQBIu1MGwDtH
DK51R/ja9MvuPAFpEJf5elciH/e9bZzfWPbDO0UbJ5d+z94N37+hhhWtZErENDZB
QZPKUJM66aZoutN33vU2tVTBqTE5sdr3BRezt3dkyUVUklPMG5iNhDMZQmWwXNrr
FDn7Fi/z6EotIz3efZ0SlvXw/ac3cxA3I/cRLgZ3mHUV5/oh220jhtVQ9AIdle5h
gGRuNGj/a5gaxoFZaqLv1lA7OLz16OT1ya4wsGmRluyOWnPGi1C4XelvkaTRQSoB
KrfX0edFxPHqzts54v1xQFv3s30zEE0cH9MuRM/4tS65Z/HD6gzKLMNiCVejPyF3
tx/fYRgtRVCW
-----END CERTIFICATE-----
Generated at Sat May 10 18:33:07 2025 by rpki-client