Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/UyIuH9l_o_rLESGwffcq7TUuzlw.roa
File: UyIuH9l_o_rLESGwffcq7TUuzlw.roa (raw, json)
Hash identifier: w7/Z13Tg/bcHyk7wGesGbzgTi8TzgnCKfSo40Kcxc4s=
Subject key identifier: 53:22:2E:1F:D9:7F:A3:FA:CB:11:21:B0:7D:F7:2A:ED:35:2E:CE:5C
Certificate issuer: /CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Certificate serial: 018CC80136CB9282239FC790E9FFD31C8769
Authority key identifier: E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/UyIuH9l_o_rLESGwffcq7TUuzlw.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204860
IP address blocks: 194.180.110.0/24 maxlen: 24
194.180.115.0/24 maxlen: 24
194.180.150.0/24 maxlen: 24
45.156.44.0/22 maxlen: 22
194.180.154.0/24 maxlen: 24
45.158.88.0/22 maxlen: 22
2a0f:5880::/29 maxlen: 29
2a0f:2a80::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jan 2024 09:07:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:36:cb:92:82:23:9f:c7:90:e9:ff:d3:1c:87:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53222e1fd97fa3facb1121b07df72aed352ece5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5a:c2:d1:cd:d1:9a:63:11:ba:cd:fb:49:57:
19:3f:1e:f6:d4:6d:37:6c:9d:d7:fb:3d:44:26:c2:
c9:26:1c:49:59:ab:f4:2b:94:69:4f:0c:29:5f:93:
3a:d2:39:42:52:f8:89:7a:a3:2b:8a:8b:09:34:d5:
97:e6:22:e8:bb:6f:f2:81:e6:c9:97:c8:da:26:12:
1b:0f:f7:d0:f7:37:5d:e3:ab:5b:04:c8:dd:c5:7b:
68:81:21:b1:38:d6:0b:06:2b:79:f7:ee:eb:4a:c3:
25:40:c3:d5:68:fa:e1:8e:4a:69:2d:e5:85:88:dc:
5a:95:e7:bc:68:76:bb:d9:72:c6:da:e8:0a:b7:82:
c0:5a:4d:f5:56:38:c4:d5:c8:fb:a0:94:a8:4f:15:
78:0b:51:a7:10:0c:c0:fa:51:db:51:28:34:9e:b8:
09:84:27:6a:55:67:4a:e4:0c:4a:77:b6:c6:2f:b6:
93:0c:74:5b:0b:07:05:b1:b5:92:58:4e:60:b4:f9:
97:37:39:3d:bd:b0:ba:97:15:81:22:72:d7:8f:e4:
70:c8:74:80:8e:78:f8:ff:68:94:d8:ff:6d:ab:42:
f1:46:fd:99:64:5c:06:09:52:e4:8b:55:ce:ba:be:
4c:08:01:fc:af:88:7f:1e:47:66:1e:e5:31:ce:d9:
83:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:22:2E:1F:D9:7F:A3:FA:CB:11:21:B0:7D:F7:2A:ED:35:2E:CE:5C
X509v3 Authority Key Identifier:
keyid:E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/UyIuH9l_o_rLESGwffcq7TUuzlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.44.0/22
45.158.88.0/22
194.180.110.0/24
194.180.115.0/24
194.180.150.0/24
194.180.154.0/24
IPv6:
2a0f:2a80::/29
2a0f:5880::/29
Signature Algorithm: sha256WithRSAEncryption
aa:f2:d2:61:11:90:97:a0:fe:43:2a:2b:3f:79:8c:fb:7e:69:
f8:d8:cb:6d:c9:d0:24:e0:84:d6:8f:af:1b:1d:d5:d0:ee:25:
a1:bc:53:0e:39:c8:05:ae:3e:28:b9:3b:a6:4e:5b:70:59:10:
95:dc:2f:3f:7c:8d:37:2f:18:90:79:60:06:a7:54:61:8f:19:
e1:00:d0:ab:ab:53:30:3d:e9:5b:35:60:21:70:4b:c4:46:d9:
e0:22:42:d8:ea:63:5e:fb:40:24:26:64:a8:92:a5:5d:4b:1a:
11:ce:a0:97:62:00:ea:be:32:98:bf:56:41:5a:9e:0c:7c:5d:
8b:4e:b6:e6:48:d4:b2:95:0d:0e:2a:58:59:8d:f7:58:c8:5b:
2a:f5:fa:2e:df:fd:38:4b:fd:68:f5:ee:fd:dc:df:75:89:e8:
b7:67:91:63:3e:8e:f9:a1:13:27:de:34:7f:84:b7:03:53:88:
db:7f:d4:ba:d7:bd:74:83:bc:47:70:e0:3e:9f:44:ef:38:5d:
c5:fb:6c:8b:d1:92:77:1d:85:77:e8:03:7c:cc:3c:73:53:fc:
35:5f:69:09:4b:63:53:e3:93:c6:49:d7:0e:67:fa:1f:f8:99:
b1:44:a1:2a:14:a5:85:12:05:ca:7b:cb:ad:3a:bd:18:d6:db:
db:4c:16:3a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzIATbLkoIjn8eQ6f/THIdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTgwOGYzZjkyMWJjOGMzZWVhODdjNzU4NGM1ODRjMTAw
MGIwNTEwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzIyMmUxZmQ5N2ZhM2ZhY2IxMTIxYjA3ZGY3MmFlZDM1MmVjZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFrC0c3RmmMRus37SVcZPx721G03
bJ3X+z1EJsLJJhxJWav0K5RpTwwpX5M60jlCUviJeqMriosJNNWX5iLou2/ygebJ
l8jaJhIbD/fQ9zdd46tbBMjdxXtogSGxONYLBit59+7rSsMlQMPVaPrhjkppLeWF
iNxalee8aHa72XLG2ugKt4LAWk31VjjE1cj7oJSoTxV4C1GnEAzA+lHbUSg0nrgJ
hCdqVWdK5AxKd7bGL7aTDHRbCwcFsbWSWE5gtPmXNzk9vbC6lxWBInLXj+RwyHSA
jnj4/2iU2P9tq0LxRv2ZZFwGCVLki1XOur5MCAH8r4h/HkdmHuUxztmDMwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFFMiLh/Zf6P6yxEhsH33Ku01Ls5cMB8GA1UdIwQY
MBaAFOFYCPP5IbyMPuqHx1hMWEwQALBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAt
YWIxOWZjYjBjZTY0LzEvVXlJdUg5bF9vX3JMRVNHd2ZmY3E3VFV1emx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAtYWIxOWZjYjBjZTY0
LzEvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLZwsAwQC
LZ5YAwQAwrRuAwQAwrRzAwQAwrSWAwQAwrSaMBQEAgACMA4DBQMqDyqAAwUDKg9Y
gDANBgkqhkiG9w0BAQsFAAOCAQEAqvLSYRGQl6D+QyorP3mM+35p+NjLbcnQJOCE
1o+vGx3V0O4lobxTDjnIBa4+KLk7pk5bcFkQldwvP3yNNy8YkHlgBqdUYY8Z4QDQ
q6tTMD3pWzVgIXBLxEbZ4CJC2OpjXvtAJCZkqJKlXUsaEc6gl2IA6r4ymL9WQVqe
DHxdi0625kjUspUNDipYWY33WMhbKvX6Lt/9OEv9aPXu/dzfdYnot2eRYz6O+aET
J940f4S3A1OI23/Uute9dIO8R3DgPp9E7zhdxftsi9GSdx2Fd+gDfMw8c1P8NV9p
CUtjU+OTxknXDmf6H/iZsUShKhSlhRIFynvLrTq9GNbb20wWOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:46 2024 by rpki-client on console-fra.rpki-client.org