Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ugQmuf4i1Br10eAWphVzS7PHXpA.roa
File: ugQmuf4i1Br10eAWphVzS7PHXpA.roa (raw, json)
Hash identifier: jrpOaIHcVfndtl+9iIKLBRWyB9mF59aGm814fBs6XTo=
Subject key identifier: BA:04:26:B9:FE:22:D4:1A:F5:D1:E0:16:A6:15:73:4B:B3:C7:5E:90
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192DEED890B5EAA25496AC831495E31B625
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ugQmuf4i1Br10eAWphVzS7PHXpA.roa
Signing time: Wed 30 Oct 2024 19:36:01 +0000
ROA not before: Wed 30 Oct 2024 19:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.90.88.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
93.123.84.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.64.0/21 maxlen: 32
141.98.1.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.222.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 06:53:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:de:ed:89:0b:5e:aa:25:49:6a:c8:31:49:5e:31:b6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 30 19:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba0426b9fe22d41af5d1e016a615734bb3c75e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:50:34:90:7d:14:f9:12:65:d0:93:4d:d2:de:
87:bb:3d:ea:63:e3:8a:35:7a:14:c4:87:64:5e:3e:
ea:97:4e:66:7a:5c:7c:5a:fe:df:eb:90:61:fc:ab:
58:58:be:70:03:3d:f4:9c:cf:6a:ff:98:f5:1c:dc:
66:e5:67:8a:a4:ff:c3:4d:c4:e1:28:0a:c3:33:2f:
ce:a2:e6:5d:15:f3:96:cb:3a:4c:0f:a5:d5:89:d1:
47:95:82:e4:06:8c:e7:a1:91:bb:24:9b:e8:a3:00:
f8:56:9a:1c:f1:03:6a:2a:a0:4a:28:a0:f7:e3:fe:
d2:a5:d4:18:da:b1:3e:82:82:d7:11:e7:3c:c0:b3:
34:bf:85:b5:b6:41:b8:85:5d:87:29:7a:51:65:00:
7b:44:a7:13:51:58:c7:36:0a:e3:93:7d:0a:0a:63:
23:fe:eb:b7:33:3e:2f:06:47:2d:05:5c:9a:6f:e0:
0a:fc:b1:de:3e:ec:d4:99:08:4a:43:47:20:f1:5a:
19:04:fa:83:79:b5:cb:38:e4:88:dc:ce:68:3e:c6:
f9:07:ed:00:5a:3f:34:f9:9a:48:1e:83:62:a5:32:
ac:8f:03:6d:c6:2a:13:fb:b3:2c:18:16:c7:e8:dc:
53:6a:7d:be:d9:fe:ac:82:12:84:74:86:82:3d:57:
3f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:04:26:B9:FE:22:D4:1A:F5:D1:E0:16:A6:15:73:4B:B3:C7:5E:90
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ugQmuf4i1Br10eAWphVzS7PHXpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.164.0/24
45.66.228.0/24
45.90.88.0/24
45.139.106.0/24
45.141.158.0/24
45.151.89.0/24
45.151.91.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
93.123.84.0/24
94.154.160.0/22
94.156.11.0/24
94.156.64.0/21
141.98.1.0/24
147.78.100.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
193.222.96.0/24
Signature Algorithm: sha256WithRSAEncryption
53:fa:19:27:d4:ea:74:0c:74:c2:5f:ab:a2:e3:b9:da:ec:ff:
07:86:ef:ac:c0:d6:9c:01:8e:5e:46:a2:63:28:08:0f:f0:ec:
9a:8c:51:a3:f7:76:23:36:20:a4:5d:6a:34:2b:14:a9:50:ce:
eb:2f:66:01:4a:33:52:fb:02:9c:77:ed:ab:c2:d7:bf:79:46:
bd:41:66:85:31:32:ac:8a:52:89:5b:92:f3:07:d1:a8:28:fc:
68:dc:3e:11:b4:9c:91:e3:a5:2d:eb:0c:e1:a2:64:16:a1:71:
fb:de:1f:61:04:ba:b1:77:97:fa:d7:39:8d:32:4a:4d:e8:dc:
b3:85:56:e5:4b:f8:14:68:17:1a:dc:08:2a:44:9a:88:9e:35:
69:20:7e:c0:c6:d7:a8:08:d7:2a:90:fe:93:5c:10:46:0a:c3:
ac:ac:41:97:f5:78:58:cb:65:57:37:4c:5f:52:70:ac:90:ba:
2e:3b:30:b6:a4:7b:74:a1:c8:d0:ab:4a:1f:27:80:2c:19:a6:
5d:f5:df:5c:6c:0b:49:d5:fd:38:70:09:0d:aa:86:d9:b1:d0:
af:3a:b8:4f:e9:13:4e:ca:87:9d:70:58:97:16:52:51:3a:de:
16:c1:f2:4a:e4:5a:66:ff:c5:44:97:55:71:06:9e:78:23:e4:
4f:dd:53:7e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZLe7YkLXqolSWrIMUleMbYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDMwMTkzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTA0MjZiOWZlMjJkNDFhZjVkMWUwMTZhNjE1NzM0YmIzYzc1ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FA0kH0U+RJl0JNN0t6Huz3qY+OK
NXoUxIdkXj7ql05melx8Wv7f65Bh/KtYWL5wAz30nM9q/5j1HNxm5WeKpP/DTcTh
KArDMy/OouZdFfOWyzpMD6XVidFHlYLkBoznoZG7JJvoowD4Vpoc8QNqKqBKKKD3
4/7SpdQY2rE+goLXEec8wLM0v4W1tkG4hV2HKXpRZQB7RKcTUVjHNgrjk30KCmMj
/uu3Mz4vBkctBVyab+AK/LHePuzUmQhKQ0cg8VoZBPqDebXLOOSI3M5oPsb5B+0A
Wj80+ZpIHoNipTKsjwNtxioT+7MsGBbH6NxTan2+2f6sghKEdIaCPVc/cQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFLoEJrn+ItQa9dHgFqYVc0uzx16QMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdWdRbXVmNGkxQnIxMGVBV3BoVnpTN1BIWHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAt
DqQDBAAtQuQDBAAtWlgDBAAti2oDBAAtjZ4DBAAtl1kDBAAtl1sDBABT22EDBABU
NjADBABXeFcDBABXeF0DBABXeS0DBAFXeXwDBABXeaIDBABXeaUDBARbXPADBAFc
d8QDBABde1QDBAJemqADBABenAsDBANenEADBACNYgEDBACTTmQDBAKrFkgDBAK5
2FQDBAK52lQDBADB3mAwDQYJKoZIhvcNAQELBQADggEBAFP6GSfU6nQMdMJfq6Lj
udrs/weG76zA1pwBjl5GomMoCA/w7JqMUaP3diM2IKRdajQrFKlQzusvZgFKM1L7
Apx37avC1795Rr1BZoUxMqyKUolbkvMH0ago/GjcPhG0nJHjpS3rDOGiZBahcfve
H2EEurF3l/rXOY0ySk3o3LOFVuVL+BRoFxrcCCpEmoieNWkgfsDG16gI1yqQ/pNc
EEYKw6ysQZf1eFjLZVc3TF9ScKyQui47MLake3ShyNCrSh8ngCwZpl3131xsC0nV
/ThwCQ2qhtmx0K86uE/pE07Kh51wWJcWUlE63hbB8krkWmb/xUSXVXEGnngj5E/d
U34=
-----END CERTIFICATE-----
Generated at Sun Nov 3 07:54:25 2024 by rpki-client on console-fra.rpki-client.org