Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/uy0I1FUEV4kepwm5IHki9medBHY.roa
File: uy0I1FUEV4kepwm5IHki9medBHY.roa (raw, json)
Hash identifier: Qr0YxgrOfSVVTwgCS3+Abz2rb0BhURITxcY/w2ZAHCQ=
Subject key identifier: BB:2D:08:D4:55:04:57:89:1E:A7:09:B9:20:79:22:F6:67:9D:04:76
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018E2C851A832F850DE2A19A82E65F7D6FA7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/uy0I1FUEV4kepwm5IHki9medBHY.roa
Signing time: Mon 11 Mar 2024 07:58:24 +0000
ROA not before: Mon 11 Mar 2024 07:58:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.140.214.0/24 maxlen: 24
45.142.204.0/24 maxlen: 24
45.142.206.0/24 maxlen: 24
45.144.156.0/24 maxlen: 24
45.144.158.0/24 maxlen: 24
45.145.249.0/24 maxlen: 24
45.150.93.0/24 maxlen: 24
45.154.137.0/24 maxlen: 24
45.157.112.0/24 maxlen: 24
89.251.0.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
136.144.25.0/24 maxlen: 24
2a07:e343::/32 maxlen: 32
2a0f:e381::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Apr 2024 11:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:85:1a:83:2f:85:0d:e2:a1:9a:82:e6:5f:7d:6f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 11 07:58:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb2d08d4550457891ea709b9207922f6679d0476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b3:18:05:a0:a1:9d:17:09:c4:cf:0e:12:84:
10:a9:48:16:f7:6c:7d:67:36:dd:04:5e:c0:c6:1e:
77:7f:6e:38:60:c5:11:f8:f9:e2:22:16:68:24:cb:
2d:97:f0:7c:39:a4:bf:ea:8a:14:f0:2d:cb:b9:d8:
99:0f:3f:b3:0e:7d:cc:72:df:04:e8:3b:47:58:5a:
26:f9:4e:48:92:52:aa:e1:de:cf:04:7e:96:33:7a:
a7:d0:21:d1:cd:de:46:3f:60:85:80:ee:36:d4:9c:
66:d2:2d:0e:b8:84:3f:1d:09:49:91:10:66:31:45:
c5:6a:04:65:0c:25:59:ef:1d:57:8b:e9:c5:58:9f:
fb:b6:31:8e:70:61:27:17:bf:e0:17:b8:54:a9:2e:
26:cd:23:12:aa:f0:ef:33:b9:4e:cf:99:5b:62:31:
db:61:8f:32:77:98:96:7b:86:a0:e3:b4:19:db:ad:
6d:96:d4:18:6f:2f:de:b5:2f:c0:f1:37:49:20:a2:
2c:73:86:0c:d6:ba:6b:f9:05:3f:b7:13:1c:06:ea:
c1:fb:38:97:13:6c:61:d8:72:a7:c2:42:c1:e1:1d:
3c:55:e8:79:30:2b:cd:61:0c:45:5b:e6:db:87:26:
a7:72:8a:c8:1e:6a:f2:56:31:57:83:cd:80:e5:8e:
b8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2D:08:D4:55:04:57:89:1E:A7:09:B9:20:79:22:F6:67:9D:04:76
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/uy0I1FUEV4kepwm5IHki9medBHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.214.0/24
45.142.204.0/24
45.142.206.0/24
45.144.156.0/24
45.144.158.0/24
45.145.249.0/24
45.150.93.0/24
45.154.137.0/24
45.157.112.0/24
89.251.0.0/24
89.251.2.0/24
136.144.25.0/24
IPv6:
2a07:e343::/32
2a0f:e381::/32
Signature Algorithm: sha256WithRSAEncryption
90:1d:01:a3:20:8b:e6:d0:57:1d:42:ad:3e:75:2a:f8:6f:28:
78:e1:3a:2d:58:ad:08:28:ac:3f:3c:99:8c:e1:76:4b:9f:a5:
71:34:fa:4a:8f:91:b0:b9:9a:12:a7:b6:0b:8b:f0:14:d5:f5:
64:e6:dc:99:35:05:3f:07:d5:ff:4b:fb:d4:30:17:f0:dd:bf:
d5:6f:83:d4:53:bb:6c:03:80:13:1f:bd:8b:0e:a7:f0:db:a5:
33:72:89:18:ad:31:7b:0a:13:4a:fe:d7:bd:65:a1:c7:5c:5b:
c6:5c:b8:99:20:b0:d7:78:d8:33:91:04:4b:1c:3b:56:0d:6d:
95:0a:c9:9d:d2:e6:ae:b3:ba:7d:7b:97:29:39:f1:44:02:7f:
58:6f:04:ce:7f:9f:36:83:cb:07:df:a7:8a:b5:0c:17:08:37:
b0:6a:cf:5f:55:ee:1a:de:33:a0:f6:72:1d:2a:d5:a7:15:a0:
27:53:75:07:fc:53:53:29:8c:cc:ea:2b:04:87:72:ed:12:33:
8d:4d:f9:ec:2f:ab:7d:37:c3:34:4e:f2:54:5f:8e:d9:0d:17:
ed:46:0f:1f:09:b8:bb:16:29:49:5f:c0:5c:48:1b:4f:4f:8f:
b1:90:35:e0:34:53:01:0e:c1:d7:a2:7a:77:64:b8:e0:ba:e1:
87:8a:b6:46
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY4shRqDL4UN4qGaguZffW+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMzExMDc1ODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJkMDhkNDU1MDQ1Nzg5MWVhNzA5YjkyMDc5MjJmNjY3OWQwNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7MYBaChnRcJxM8OEoQQqUgW92x9
ZzbdBF7Axh53f244YMUR+PniIhZoJMstl/B8OaS/6ooU8C3LudiZDz+zDn3Mct8E
6DtHWFom+U5IklKq4d7PBH6WM3qn0CHRzd5GP2CFgO421Jxm0i0OuIQ/HQlJkRBm
MUXFagRlDCVZ7x1Xi+nFWJ/7tjGOcGEnF7/gF7hUqS4mzSMSqvDvM7lOz5lbYjHb
YY8yd5iWe4ag47QZ261tltQYby/etS/A8TdJIKIsc4YM1rpr+QU/txMcBurB+ziX
E2xh2HKnwkLB4R08Veh5MCvNYQxFW+bbhyancorIHmryVjFXg82A5Y64FwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFLstCNRVBFeJHqcJuSB5IvZnnQR2MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdXkwSTFGVUVWNGtlcHdtNUlIa2k5bWVkQkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQALYzWAwQA
LY7MAwQALY7OAwQALZCcAwQALZCeAwQALZH5AwQALZZdAwQALZqJAwQALZ1wAwQA
WfsAAwQAWfsCAwQAiJAZMBQEAgACMA4DBQAqB+NDAwUAKg/jgTANBgkqhkiG9w0B
AQsFAAOCAQEAkB0BoyCL5tBXHUKtPnUq+G8oeOE6LVitCCisPzyZjOF2S5+lcTT6
So+RsLmaEqe2C4vwFNX1ZObcmTUFPwfV/0v71DAX8N2/1W+D1FO7bAOAEx+9iw6n
8NulM3KJGK0xewoTSv7XvWWhx1xbxly4mSCw13jYM5EESxw7Vg1tlQrJndLmrrO6
fXuXKTnxRAJ/WG8Ezn+fNoPLB9+nirUMFwg3sGrPX1XuGt4zoPZyHSrVpxWgJ1N1
B/xTUymMzOorBIdy7RIzjU357C+rfTfDNE7yVF+O2Q0X7UYPHwm4uxYpSV/AXEgb
T0+PsZA14DRTAQ7B16J6d2S44Lrhh4q2Rg==
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:29 2024 by rpki-client on console-fra.rpki-client.org