Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/UxHdWL-biheDjgMdrf2tOKJ4kZE.roa
File: UxHdWL-biheDjgMdrf2tOKJ4kZE.roa (raw, json)
Hash identifier: T0gdK1t6RC+0KtuY9W0wjNa4DzYoLmRA6EZGcEjDE9w=
Subject key identifier: 53:11:DD:58:BF:9B:8A:17:83:8E:03:1D:AD:FD:AD:38:A2:78:91:91
Certificate issuer: /CN=52aaa0a6188c97aa742cc786e3b70bc909cac44c
Certificate serial: 018CC725B7F8CE223472D8443F0D8BE48E8B
Authority key identifier: 52:AA:A0:A6:18:8C:97:AA:74:2C:C7:86:E3:B7:0B:C9:09:CA:C4:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqqgphiMl6p0LMeG47cLyQnKxEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/UxHdWL-biheDjgMdrf2tOKJ4kZE.roa
Signing time: Mon 01 Jan 2024 22:29:47 +0000
ROA not before: Mon 01 Jan 2024 22:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48886
IP address blocks: 45.91.68.0/24 maxlen: 24
45.91.68.0/22 maxlen: 22
45.91.69.0/24 maxlen: 24
194.69.16.0/24 maxlen: 24
194.69.16.0/20 maxlen: 20
194.69.18.0/24 maxlen: 24
194.69.24.0/24 maxlen: 24
194.69.20.0/24 maxlen: 24
194.69.19.0/24 maxlen: 24
194.69.22.0/24 maxlen: 24
194.69.30.0/24 maxlen: 24
194.69.31.0/24 maxlen: 24
194.69.27.0/24 maxlen: 24
194.69.26.0/24 maxlen: 24
194.69.29.0/24 maxlen: 24
194.69.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:b7:f8:ce:22:34:72:d8:44:3f:0d:8b:e4:8e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52aaa0a6188c97aa742cc786e3b70bc909cac44c
Validity
Not Before: Jan 1 22:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5311dd58bf9b8a17838e031dadfdad38a2789191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b9:41:b4:b9:0e:2b:d2:4f:04:cc:af:87:ef:
68:d3:75:10:ac:a8:dd:c7:e3:b5:6b:84:ec:f5:b6:
60:cd:48:71:0d:a9:f4:d3:54:10:57:4e:d2:a4:c5:
d0:0e:33:4f:95:14:ae:dd:f4:f0:cf:ab:c9:61:70:
e8:cb:4e:7d:9d:7a:7d:15:08:e7:26:4d:90:42:e9:
5c:45:f4:83:63:1b:5f:fb:9e:61:e7:f4:3b:87:8d:
8b:ce:79:aa:f1:2c:ab:e5:58:e8:b6:bb:eb:c3:d1:
22:1f:30:81:d9:e1:af:e2:95:8b:83:fa:27:aa:6d:
1f:10:a7:ca:35:c2:65:5b:6a:57:aa:57:4c:d1:51:
93:b9:aa:40:b4:f4:d1:bf:98:1a:9d:c2:29:8d:6d:
98:44:29:98:a5:bd:b4:3e:dc:c9:b7:78:2f:5a:c6:
35:a0:f7:14:13:ca:a7:a4:55:3b:2d:d0:6a:f1:4e:
c5:ac:d0:ea:3a:d8:d4:e6:86:8d:86:d6:62:ba:51:
aa:33:d6:3d:8a:93:db:88:91:92:89:ff:25:9f:36:
dc:fb:99:98:d1:c0:cb:6e:fc:0b:0b:3a:9e:82:3c:
ec:56:2f:91:c3:60:b1:e0:5a:65:d9:f0:4a:67:ee:
17:5d:15:de:d0:76:59:90:e8:17:e5:8e:c2:df:8a:
b3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:11:DD:58:BF:9B:8A:17:83:8E:03:1D:AD:FD:AD:38:A2:78:91:91
X509v3 Authority Key Identifier:
keyid:52:AA:A0:A6:18:8C:97:AA:74:2C:C7:86:E3:B7:0B:C9:09:CA:C4:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqqgphiMl6p0LMeG47cLyQnKxEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/UxHdWL-biheDjgMdrf2tOKJ4kZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/UqqgphiMl6p0LMeG47cLyQnKxEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.68.0/22
194.69.16.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:d3:f5:14:32:09:a9:9b:57:08:86:e2:7c:e7:f2:d0:42:2c:
5a:66:34:4a:3d:71:a8:c5:12:4c:19:f3:e2:7a:ca:9f:f8:9a:
9e:d3:2f:16:93:e0:e7:cf:58:4f:a1:88:96:bb:ef:1c:31:71:
1e:4f:11:e1:ed:bf:8c:d2:ec:80:59:7a:dc:09:0c:2d:78:c8:
2c:df:44:00:a8:f5:a6:9c:25:b7:2f:c5:d9:72:56:ea:01:fe:
77:a5:d2:2e:6c:94:ca:fe:0d:fd:3f:e3:b5:3f:c7:c6:c7:bb:
00:3e:32:a7:78:64:e3:d5:b7:38:b5:f9:2d:97:58:02:c3:a0:
67:12:82:93:48:f1:56:d4:f1:49:b6:6c:a5:5b:bb:bd:1f:68:
a6:6b:46:69:60:d1:e6:ec:d7:3e:3b:96:e7:ea:d3:48:cf:a8:
31:d3:65:85:bc:46:14:3a:09:d2:f7:99:ae:0d:6a:f2:1d:95:
be:91:55:de:99:c4:83:af:9d:38:ee:18:cc:e2:e2:22:cf:b1:
de:fd:90:00:35:fc:37:60:53:b3:8e:30:e2:52:cf:5e:a9:91:
00:ec:e4:0a:86:80:a9:98:5f:65:57:69:06:10:c2:67:e8:0a:
93:5c:ae:fa:f2:37:3a:7b:f7:83:c5:76:36:8c:67:70:d5:86:
8a:15:2e:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJbf4ziI0cthEPw2L5I6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYWFhMGE2MTg4Yzk3YWE3NDJjYzc4NmUzYjcwYmM5MDlj
YWM0NGMwHhcNMjQwMTAxMjIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzExZGQ1OGJmOWI4YTE3ODM4ZTAzMWRhZGZkYWQzOGEyNzg5MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLlBtLkOK9JPBMyvh+9o03UQrKjd
x+O1a4Ts9bZgzUhxDan001QQV07SpMXQDjNPlRSu3fTwz6vJYXDoy059nXp9FQjn
Jk2QQulcRfSDYxtf+55h5/Q7h42Lznmq8Syr5Vjotrvrw9EiHzCB2eGv4pWLg/on
qm0fEKfKNcJlW2pXqldM0VGTuapAtPTRv5gancIpjW2YRCmYpb20PtzJt3gvWsY1
oPcUE8qnpFU7LdBq8U7FrNDqOtjU5oaNhtZiulGqM9Y9ipPbiJGSif8lnzbc+5mY
0cDLbvwLCzqegjzsVi+Rw2Cx4Fpl2fBKZ+4XXRXe0HZZkOgX5Y7C34qzOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFMR3Vi/m4oXg44DHa39rTiieJGRMB8GA1UdIwQY
MBaAFFKqoKYYjJeqdCzHhuO3C8kJysRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFxZ3BoaU1sNnAwTE1lRzQ3Y0x5UW5LeEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kOTM3ZTAtNDI3Ny00ZTZhLWI1OTMt
NDZhODgwNDI1Nzk5LzEvVXhIZFdMLWJpaGVEamdNZHJmMnRPS0o0a1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9kOTM3ZTAtNDI3Ny00ZTZhLWI1OTMtNDZhODgwNDI1Nzk5
LzEvVXFxZ3BoaU1sNnAwTE1lRzQ3Y0x5UW5LeEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVtEAwQE
wkUQMA0GCSqGSIb3DQEBCwUAA4IBAQBe0/UUMgmpm1cIhuJ85/LQQixaZjRKPXGo
xRJMGfPiesqf+Jqe0y8Wk+Dnz1hPoYiWu+8cMXEeTxHh7b+M0uyAWXrcCQwteMgs
30QAqPWmnCW3L8XZclbqAf53pdIubJTK/g39P+O1P8fGx7sAPjKneGTj1bc4tfkt
l1gCw6BnEoKTSPFW1PFJtmylW7u9H2ima0ZpYNHm7Nc+O5bn6tNIz6gx02WFvEYU
OgnS95muDWryHZW+kVXemcSDr5047hjM4uIiz7He/ZAANfw3YFOzjjDiUs9eqZEA
7OQKhoCpmF9lV2kGEMJn6AqTXK768jc6e/eDxXY2jGdw1YaKFS7t
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:19 2025 by rpki-client