Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/XUBR_sYSZqBLG1GM3xuWevQJOlM.roa
File: XUBR_sYSZqBLG1GM3xuWevQJOlM.roa (raw, json)
Hash identifier: O1ivWS9hroDXdQsvt0jYC2rR7bAUlYPTMuneBmz5Nhk=
Subject key identifier: 5D:40:51:FE:C6:12:66:A0:4B:1B:51:8C:DF:1B:96:7A:F4:09:3A:53
Certificate issuer: /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial: 0196486B8FC7072CCB5EF47FCA2ED76F831E
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/XUBR_sYSZqBLG1GM3xuWevQJOlM.roa
Signing time: Fri 18 Apr 2025 10:22:10 +0000
ROA not before: Fri 18 Apr 2025 10:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211316
IP address blocks: 91.212.42.0/24 maxlen: 24
147.12.16.0/20 maxlen: 24
185.101.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Apr 2025 10:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:6b:8f:c7:07:2c:cb:5e:f4:7f:ca:2e:d7:6f:83:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Validity
Not Before: Apr 18 10:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d4051fec61266a04b1b518cdf1b967af4093a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a1:9f:c3:94:fb:09:8d:4a:dc:c9:77:2b:56:
fe:83:42:6b:d9:3e:5f:2a:e3:08:97:17:60:48:27:
94:0e:6d:29:bb:fe:fb:01:a8:84:ab:4a:8e:a1:71:
5c:7a:bb:2f:42:cb:41:f2:c1:3d:43:2b:63:d0:1b:
77:58:32:92:d1:f5:92:13:0a:8a:8a:c8:a5:a9:80:
76:c5:d9:37:c6:70:f5:50:4d:dc:4b:af:14:04:a6:
45:53:dc:4c:7d:a7:47:3b:5e:a3:25:98:f7:d2:f4:
5a:7a:d9:2c:5b:1b:f2:13:67:11:4e:8d:e4:c8:c0:
d2:39:78:8a:6d:4e:35:8f:16:5f:1a:e3:53:c7:73:
d0:ef:1a:b7:91:0b:a1:96:78:dc:66:df:5a:a2:77:
93:2f:b8:34:13:a6:aa:54:db:0a:19:c1:10:7a:7f:
d2:76:28:a6:40:97:b0:15:0a:d6:87:ee:7a:a0:f5:
8d:45:67:50:2d:73:c5:1d:a7:2d:89:5b:0d:7c:ca:
cd:2a:7c:c8:40:f9:21:f4:9f:91:6c:19:4c:c8:46:
70:86:d3:27:42:2b:61:27:ca:9a:2a:91:fd:b0:65:
c1:1d:54:a1:7f:4d:8a:17:7d:0e:ef:45:0c:33:61:
0c:a4:16:0e:24:54:90:1b:24:f5:72:43:b9:58:53:
b3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:40:51:FE:C6:12:66:A0:4B:1B:51:8C:DF:1B:96:7A:F4:09:3A:53
X509v3 Authority Key Identifier:
keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/XUBR_sYSZqBLG1GM3xuWevQJOlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.42.0/24
147.12.16.0/20
185.101.196.0/22
Signature Algorithm: sha256WithRSAEncryption
83:aa:75:17:e8:08:e7:49:7b:c0:6e:4a:52:55:f4:63:17:7f:
0c:24:ef:64:f9:03:57:b2:a6:70:1e:54:84:5f:e8:05:e8:3f:
69:32:58:4d:3f:49:35:d6:fc:0e:8b:c7:9f:0b:3e:33:8c:b7:
9f:d5:a7:3f:d9:5c:fa:6c:61:71:cb:8f:80:54:62:ae:f3:08:
93:5b:9d:45:59:d4:c1:2a:29:3e:71:8d:5e:2d:11:c5:db:49:
73:3c:69:85:99:23:80:9b:17:b5:e6:4e:6d:a2:97:06:95:4a:
74:30:34:c8:e2:06:ac:87:ab:4d:b8:48:a2:55:98:aa:07:f9:
cb:26:aa:0d:9d:2e:ca:b0:db:26:db:1d:77:80:32:a0:40:9a:
8a:6a:d1:01:5e:a7:a3:75:e4:4d:c3:86:b3:69:69:c9:6c:ca:
4c:33:e3:11:6d:f5:d6:8e:40:9c:03:3e:60:68:09:b9:e4:61:
e9:5d:b2:36:c3:2c:a8:b4:79:6d:42:50:2e:34:06:df:51:83:
1d:3c:6b:e8:e0:a6:ff:29:5f:67:a4:8a:f3:0e:fa:74:33:10:
27:80:6b:75:9d:b2:b0:75:ad:ad:93:bc:d7:14:93:25:3b:3e:
90:aa:0e:b9:a1:a1:04:0c:bf:31:a9:10:67:dd:f7:ec:f8:03:
e3:5f:f4:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZIa4/HByzLXvR/yi7Xb4MeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjUwNDE4MTAyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQwNTFmZWM2MTI2NmEwNGIxYjUxOGNkZjFiOTY3YWY0MDkzYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKGfw5T7CY1K3Ml3K1b+g0Jr2T5f
KuMIlxdgSCeUDm0pu/77AaiEq0qOoXFcersvQstB8sE9Qytj0Bt3WDKS0fWSEwqK
isilqYB2xdk3xnD1UE3cS68UBKZFU9xMfadHO16jJZj30vRaetksWxvyE2cRTo3k
yMDSOXiKbU41jxZfGuNTx3PQ7xq3kQuhlnjcZt9aoneTL7g0E6aqVNsKGcEQen/S
diimQJewFQrWh+56oPWNRWdQLXPFHactiVsNfMrNKnzIQPkh9J+RbBlMyEZwhtMn
QithJ8qaKpH9sGXBHVShf02KF30O70UMM2EMpBYOJFSQGyT1ckO5WFOzrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF1AUf7GEmagSxtRjN8blnr0CTpTMB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvWFVCUl9zWVNacUJMRzFHTTN4dVdldlFKT2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9QqAwQE
kwwQAwQCuWXEMA0GCSqGSIb3DQEBCwUAA4IBAQCDqnUX6AjnSXvAbkpSVfRjF38M
JO9k+QNXsqZwHlSEX+gF6D9pMlhNP0k11vwOi8efCz4zjLef1ac/2Vz6bGFxy4+A
VGKu8wiTW51FWdTBKik+cY1eLRHF20lzPGmFmSOAmxe15k5topcGlUp0MDTI4gas
h6tNuEiiVZiqB/nLJqoNnS7KsNsm2x13gDKgQJqKatEBXqejdeRNw4azaWnJbMpM
M+MRbfXWjkCcAz5gaAm55GHpXbI2wyyotHltQlAuNAbfUYMdPGvo4Kb/KV9npIrz
Dvp0MxAngGt1nbKwda2tk7zXFJMlOz6Qqg65oaEEDL8xqRBn3ffs+APjX/RD
-----END CERTIFICATE-----
Generated at Sat May 10 03:52:30 2025 by rpki-client