Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/uq-PR8xhkdPbuZrElhE3VTINghk.roa
File: uq-PR8xhkdPbuZrElhE3VTINghk.roa (raw, json)
Hash identifier: NiP3K1RvqjPrkllV56IuUibgaWIds94c4DeSLH7ac0E=
Subject key identifier: BA:AF:8F:47:CC:61:91:D3:DB:B9:9A:C4:96:11:37:55:32:0D:82:19
Certificate issuer: /CN=ac27bc245e76ba5e5c1fc5e9ee55b4b48de7f85a
Certificate serial: 0185737178322AB3916BD02F121B45268A4E
Authority key identifier: AC:27:BC:24:5E:76:BA:5E:5C:1F:C5:E9:EE:55:B4:B4:8D:E7:F8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/uq-PR8xhkdPbuZrElhE3VTINghk.roa
Signing time: Mon 02 Jan 2023 17:04:54 +0000
ROA not before: Mon 02 Jan 2023 17:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206375
IP address blocks: 45.135.204.0/24 maxlen: 32
45.135.206.0/24 maxlen: 32
45.135.205.0/24 maxlen: 32
45.135.207.0/24 maxlen: 32
139.28.106.0/24 maxlen: 32
139.28.107.0/24 maxlen: 32
185.188.131.0/24 maxlen: 32
185.188.130.0/24 maxlen: 32
185.188.129.0/24 maxlen: 32
185.188.128.0/24 maxlen: 32
185.219.179.0/24 maxlen: 32
185.219.178.0/24 maxlen: 32
185.219.177.0/24 maxlen: 32
185.219.176.0/24 maxlen: 32
139.28.105.0/24 maxlen: 32
139.28.104.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:78:32:2a:b3:91:6b:d0:2f:12:1b:45:26:8a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac27bc245e76ba5e5c1fc5e9ee55b4b48de7f85a
Validity
Not Before: Jan 2 17:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baaf8f47cc6191d3dbb99ac496113755320d8219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:13:9d:33:fb:10:79:3d:19:3e:e4:a6:49:02:
f8:3b:7c:aa:a0:27:06:70:00:43:d1:6a:8c:b3:5e:
5e:e8:6a:8c:33:9a:fc:44:7f:11:82:b6:e2:85:27:
4f:94:b7:2c:5d:2e:bb:cb:e1:72:0a:a7:91:f4:3d:
1d:27:96:3a:1a:17:dc:f1:7d:3f:e9:7e:d7:10:1d:
e2:9f:ca:2b:f6:52:fc:ec:dc:1c:80:91:32:eb:5a:
0d:be:04:3a:9c:8f:99:a6:51:2c:4c:2e:36:de:6a:
1f:17:c7:b6:8a:c6:ea:62:80:e2:81:be:60:7d:8d:
bd:7c:03:f7:6e:66:d2:0b:3d:31:69:ed:af:00:88:
3c:9e:c4:45:98:32:6c:54:b4:4f:9f:a9:90:09:80:
32:bc:5d:65:37:45:f5:2d:54:d1:f2:08:6a:ff:0c:
38:8e:7d:c3:03:58:b3:27:f4:3f:5a:3f:32:51:4a:
c8:70:8e:09:4a:2a:a0:50:8b:b2:c7:de:1b:48:88:
8c:fc:46:ec:af:4c:c2:44:1b:d6:4f:24:5c:4a:a0:
e8:7f:20:b6:a9:c3:d1:56:95:85:13:89:53:e6:d7:
3c:7c:77:78:93:f6:f4:c1:ac:68:b7:8e:7c:d2:b2:
61:5b:ae:a5:27:82:4c:69:c6:40:0a:23:32:83:34:
6d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AF:8F:47:CC:61:91:D3:DB:B9:9A:C4:96:11:37:55:32:0D:82:19
X509v3 Authority Key Identifier:
keyid:AC:27:BC:24:5E:76:BA:5E:5C:1F:C5:E9:EE:55:B4:B4:8D:E7:F8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/uq-PR8xhkdPbuZrElhE3VTINghk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/e85375-40ff-4e77-b4e9-bb0671d8ea32/1/rCe8JF52ul5cH8Xp7lW0tI3n-Fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.204.0/22
139.28.104.0/22
185.188.128.0/22
185.219.176.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:9c:bd:6a:9c:65:52:d9:15:71:b4:38:8e:8b:e4:cf:18:a0:
f3:8f:35:9d:03:df:93:42:7f:ce:ea:9a:97:d9:9a:57:79:f0:
51:3a:94:10:74:98:37:8f:79:b2:86:8c:16:1b:07:83:2a:ff:
39:b5:89:d0:de:58:bb:b3:87:45:99:d2:de:ce:b0:f9:4f:21:
bc:cc:83:ec:c0:3b:cf:e7:88:4a:3d:f7:9c:a4:f2:11:5b:e3:
38:d2:3f:ec:27:a1:8a:8c:a5:d0:1f:1f:ac:b7:82:3a:0d:c8:
4c:06:83:39:df:b8:3b:9f:89:58:6e:df:f3:6e:4e:eb:ac:00:
21:75:b8:9e:76:97:25:26:f1:a0:13:44:56:d9:d7:c3:a6:d7:
61:c1:14:4c:b3:bb:d3:45:e6:5f:16:c5:80:77:74:7b:25:03:
b7:d9:96:de:32:44:38:36:0c:7b:d2:75:41:21:b5:5e:3c:ba:
aa:6e:2f:77:84:cb:21:08:7c:4f:78:67:b7:9f:47:e4:18:b8:
09:56:75:a4:28:c5:29:b2:b8:28:f5:06:ff:50:0b:35:7f:8f:
b2:fd:79:95:a6:58:2e:dd:47:bf:9a:47:d0:b8:16:6e:d5:58:
59:78:40:6f:1d:0e:2d:09:96:13:41:57:48:19:e2:a4:41:1f:
c5:87:3c:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzcXgyKrORa9AvEhtFJopOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjdiYzI0NWU3NmJhNWU1YzFmYzVlOWVlNTViNGI0OGRl
N2Y4NWEwHhcNMjMwMTAyMTcwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFmOGY0N2NjNjE5MWQzZGJiOTlhYzQ5NjExMzc1NTMyMGQ4MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxOdM/sQeT0ZPuSmSQL4O3yqoCcG
cABD0WqMs15e6GqMM5r8RH8RgrbihSdPlLcsXS67y+FyCqeR9D0dJ5Y6Ghfc8X0/
6X7XEB3in8or9lL87NwcgJEy61oNvgQ6nI+ZplEsTC423mofF8e2isbqYoDigb5g
fY29fAP3bmbSCz0xae2vAIg8nsRFmDJsVLRPn6mQCYAyvF1lN0X1LVTR8ghq/ww4
jn3DA1izJ/Q/Wj8yUUrIcI4JSiqgUIuyx94bSIiM/Ebsr0zCRBvWTyRcSqDofyC2
qcPRVpWFE4lT5tc8fHd4k/b0waxot4580rJhW66lJ4JMacZACiMygzRt/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLqvj0fMYZHT27maxJYRN1UyDYIZMB8GA1UdIwQY
MBaAFKwnvCRedrpeXB/F6e5VtLSN5/haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNlOEpGNTJ1bDVjSDhYcDdsVzB0STNuLUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9lODUzNzUtNDBmZi00ZTc3LWI0ZTkt
YmIwNjcxZDhlYTMyLzEvdXEtUFI4eGhrZFBidVpyRWxoRTNWVElOZ2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9lODUzNzUtNDBmZi00ZTc3LWI0ZTktYmIwNjcxZDhlYTMy
LzEvckNlOEpGNTJ1bDVjSDhYcDdsVzB0STNuLUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYfMAwQC
ixxoAwQCubyAAwQCuduwMA0GCSqGSIb3DQEBCwUAA4IBAQA9nL1qnGVS2RVxtDiO
i+TPGKDzjzWdA9+TQn/O6pqX2ZpXefBROpQQdJg3j3myhowWGweDKv85tYnQ3li7
s4dFmdLezrD5TyG8zIPswDvP54hKPfecpPIRW+M40j/sJ6GKjKXQHx+st4I6DchM
BoM537g7n4lYbt/zbk7rrAAhdbiedpclJvGgE0RW2dfDptdhwRRMs7vTReZfFsWA
d3R7JQO32ZbeMkQ4Ngx70nVBIbVePLqqbi93hMshCHxPeGe3n0fkGLgJVnWkKMUp
srgo9Qb/UAs1f4+y/XmVplgu3Ue/mkfQuBZu1VhZeEBvHQ4tCZYTQVdIGeKkQR/F
hzyI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:24 2024 by rpki-client on console-ams.rpki-client.org