Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/UEXtCoU_Y_EIsreoTB5B8bNlCbQ.roa
File: UEXtCoU_Y_EIsreoTB5B8bNlCbQ.roa (raw, json)
Hash identifier: K8STbVrzdi+O4RmuZpkRNcpvJ1R1LiKXFIBVSxDp3nU=
Subject key identifier: 50:45:ED:0A:85:3F:63:F1:08:B2:B7:A8:4C:1E:41:F1:B3:65:09:B4
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 018B47C751666D5AEB1E577B63393FD8813B
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/UEXtCoU_Y_EIsreoTB5B8bNlCbQ.roa
Signing time: Thu 19 Oct 2023 11:52:06 +0000
ROA not before: Thu 19 Oct 2023 11:52:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207199
IP address blocks: 193.239.96.0/22 maxlen: 22
185.235.52.0/24 maxlen: 24
185.235.52.0/22 maxlen: 22
185.25.140.0/24 maxlen: 24
178.251.1.0/24 maxlen: 24
178.251.0.0/21 maxlen: 21
91.197.248.0/22 maxlen: 22
77.243.128.0/20 maxlen: 20
81.95.240.0/20 maxlen: 20
81.95.249.0/24 maxlen: 24
185.154.240.0/22 maxlen: 22
195.69.128.0/22 maxlen: 22
109.71.56.0/21 maxlen: 21
91.217.201.0/24 maxlen: 24
46.36.204.0/22 maxlen: 22
46.36.208.0/21 maxlen: 21
2a02:2339::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:c7:51:66:6d:5a:eb:1e:57:7b:63:39:3f:d8:81:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Oct 19 11:52:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5045ed0a853f63f108b2b7a84c1e41f1b36509b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d7:07:78:99:84:de:6d:27:33:51:23:ec:17:
d0:7e:0c:cb:35:8d:fd:15:95:f5:2f:65:a4:4e:d0:
73:41:11:94:f0:30:42:36:93:d9:e8:b8:0c:8f:e2:
44:ce:f8:bd:22:f4:3b:86:e9:b5:bc:e8:bd:65:10:
a8:db:83:8f:a0:4d:39:0b:2a:73:83:1e:2b:42:9b:
80:f5:c6:8b:71:fb:34:fe:2f:e9:75:cf:65:69:e3:
6b:ea:8a:54:7e:3d:a6:d8:c4:5d:19:0c:03:15:78:
b2:ac:6a:bb:6e:16:bb:7c:3f:de:7e:03:22:fc:80:
ea:ef:3e:cf:9a:b6:fc:4d:60:6d:07:21:6b:34:d9:
86:07:86:28:a2:54:a4:97:64:e8:94:ff:74:51:ea:
86:cc:28:10:ad:c3:c7:27:c4:ae:2b:1b:ff:7b:a2:
15:00:e5:18:a8:b4:e1:bc:7b:fd:81:32:48:94:6a:
ad:2c:d2:79:de:fa:aa:57:ac:11:91:72:e8:f2:5a:
9b:9d:ad:19:9b:7c:18:aa:3a:2e:0a:41:80:09:fa:
72:e7:ce:ab:3f:b8:57:3f:2e:4f:1e:3f:6e:9e:5a:
7d:c5:30:c8:df:d8:fa:4c:b2:c9:72:a7:0c:e9:c2:
e0:5d:3a:e4:06:e1:ea:51:eb:00:d5:ca:69:ef:81:
54:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:45:ED:0A:85:3F:63:F1:08:B2:B7:A8:4C:1E:41:F1:B3:65:09:B4
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/UEXtCoU_Y_EIsreoTB5B8bNlCbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.204.0-46.36.215.255
77.243.128.0/20
81.95.240.0/20
91.197.248.0/22
91.217.201.0/24
109.71.56.0/21
178.251.0.0/21
185.25.140.0/24
185.154.240.0/22
185.235.52.0/22
193.239.96.0/22
195.69.128.0/22
IPv6:
2a02:2339::/36
Signature Algorithm: sha256WithRSAEncryption
73:4b:91:e7:8b:de:cb:b6:5a:05:d0:53:49:8c:e7:e6:aa:3c:
d8:56:ef:67:87:1b:46:eb:fd:88:f3:3c:e8:cf:f4:84:2b:50:
90:af:72:4b:70:87:2b:0d:d6:d9:5e:fa:b7:cc:e4:49:4f:48:
0d:b5:62:24:51:74:d4:cd:1a:4c:46:ed:cf:32:19:bb:5f:23:
72:4d:cf:8f:c5:76:1a:14:7d:7f:78:6f:58:64:19:82:e8:2a:
11:4e:71:40:33:43:7b:ab:4f:6a:f8:58:1b:1b:e8:b1:da:24:
5e:6d:ad:fe:b6:85:68:6e:19:b8:2e:9e:b3:ec:25:d4:3c:6c:
89:50:93:02:a3:45:6b:85:ec:ed:b6:80:3c:1e:21:15:95:7d:
8d:84:3d:19:fb:a0:1e:0f:e9:f2:52:4b:7c:86:9b:a4:0b:75:
08:36:d5:67:ca:d9:0e:7b:ce:7a:e7:79:cc:d3:cc:b4:a0:2f:
0a:59:0a:5b:0f:d7:41:82:92:db:55:79:7c:49:cd:e5:24:29:
93:be:0f:a1:45:e9:cc:f0:82:c4:73:8b:ed:f1:8b:5c:35:7f:
34:19:b4:86:53:95:da:f6:f1:3c:2a:2b:6f:de:ca:c3:c4:a1:
3d:40:67:5e:88:71:49:b5:71:45:17:d0:87:d3:ce:b0:db:7c:
0f:25:03:87
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYtHx1FmbVrrHld7Yzk/2IE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjMxMDE5MTE1MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ1ZWQwYTg1M2Y2M2YxMDhiMmI3YTg0YzFlNDFmMWIzNjUwOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNcHeJmE3m0nM1Ej7BfQfgzLNY39
FZX1L2WkTtBzQRGU8DBCNpPZ6LgMj+JEzvi9IvQ7hum1vOi9ZRCo24OPoE05Cypz
gx4rQpuA9caLcfs0/i/pdc9laeNr6opUfj2m2MRdGQwDFXiyrGq7bha7fD/efgMi
/IDq7z7Pmrb8TWBtByFrNNmGB4YoolSkl2TolP90UeqGzCgQrcPHJ8SuKxv/e6IV
AOUYqLThvHv9gTJIlGqtLNJ53vqqV6wRkXLo8lqbna0Zm3wYqjouCkGACfpy586r
P7hXPy5PHj9unlp9xTDI39j6TLLJcqcM6cLgXTrkBuHqUesA1cpp74FU7wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFFBF7QqFP2PxCLK3qEweQfGzZQm0MB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvVUVYdENvVV9ZX0VJc3Jlb1RCNUI4Yk5sQ2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBWBAIAATBQMAwDBAIuJMwD
BAMuJNADBARN84ADBARRX/ADBAJbxfgDBABb2ckDBANtRzgDBAOy+wADBAC5GYwD
BAK5mvADBAK56zQDBALB72ADBALDRYAwDgQCAAIwCAMGBCoCIzkAMA0GCSqGSIb3
DQEBCwUAA4IBAQBzS5Hni97LtloF0FNJjOfmqjzYVu9nhxtG6/2I8zzoz/SEK1CQ
r3JLcIcrDdbZXvq3zORJT0gNtWIkUXTUzRpMRu3PMhm7XyNyTc+PxXYaFH1/eG9Y
ZBmC6CoRTnFAM0N7q09q+FgbG+ix2iReba3+toVobhm4Lp6z7CXUPGyJUJMCo0Vr
hezttoA8HiEVlX2NhD0Z+6AeD+nyUkt8hpukC3UINtVnytkOe85653nM08y0oC8K
WQpbD9dBgpLbVXl8Sc3lJCmTvg+hRenM8ILEc4vt8YtcNX80GbSGU5Xa9vE8Kitv
3srDxKE9QGdeiHFJtXFFF9CH086w23wPJQOH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org