Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/RUkNON9-1XPos9oGLYPN28K7xJ0.roa
File: RUkNON9-1XPos9oGLYPN28K7xJ0.roa (raw, json)
Hash identifier: /Mx1Q9G4Twrt0nvMz6BnYO2L1feUikSQ5TgiZK2QZXw=
Subject key identifier: 45:49:0D:38:DF:7E:D5:73:E8:B3:DA:06:2D:83:CD:DB:C2:BB:C4:9D
Certificate issuer: /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial: 0186DED56C682B5235882FE4EF11C3656BC9
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/RUkNON9-1XPos9oGLYPN28K7xJ0.roa
Signing time: Tue 14 Mar 2023 06:36:14 +0000
ROA not before: Tue 14 Mar 2023 06:36:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9145
IP address blocks: 92.252.0.0/17 maxlen: 24
212.95.96.0/19 maxlen: 19
212.6.64.0/18 maxlen: 24
85.16.0.0/16 maxlen: 24
95.33.0.0/16 maxlen: 24
85.8.64.0/18 maxlen: 24
213.252.128.0/18 maxlen: 24
37.138.0.0/16 maxlen: 24
82.149.160.0/19 maxlen: 24
90.153.0.0/17 maxlen: 24
89.166.128.0/17 maxlen: 24
213.168.192.0/19 maxlen: 19
80.66.0.0/19 maxlen: 24
62.89.160.0/19 maxlen: 24
91.96.0.0/15 maxlen: 24
213.183.160.0/19 maxlen: 19
31.150.0.0/16 maxlen: 24
80.228.0.0/16 maxlen: 24
87.245.0.0/18 maxlen: 24
89.233.64.0/19 maxlen: 24
31.184.0.0/18 maxlen: 24
213.182.96.0/19 maxlen: 19
91.248.0.0/15 maxlen: 24
31.187.112.0/20 maxlen: 24
213.170.160.0/19 maxlen: 19
178.142.0.0/16 maxlen: 24
188.118.128.0/18 maxlen: 24
2a02:8200::/27 maxlen: 27
Validation: Failed, certificate revoked on Tue 14 Mar 2023 06:38:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:de:d5:6c:68:2b:52:35:88:2f:e4:ef:11:c3:65:6b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
Validity
Not Before: Mar 14 06:36:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45490d38df7ed573e8b3da062d83cddbc2bbc49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:25:5e:85:31:bc:10:5d:88:81:d1:43:6e:7b:
8e:a3:a2:40:9a:48:c2:f4:8b:b2:3e:1b:7b:2f:0f:
2b:7b:b4:5d:24:40:5d:0f:07:c1:fc:56:28:d5:7d:
79:50:5a:4b:df:c2:30:4a:4d:ff:69:de:5a:e6:8a:
b2:c7:fe:df:bd:94:50:be:d0:a4:c3:0a:02:7f:b3:
0d:f3:e4:34:c9:ed:aa:aa:cf:da:fc:47:ec:b7:5b:
01:03:a8:b7:90:7a:25:1c:15:3a:56:60:46:e7:ba:
9b:a2:93:d0:19:82:f9:0c:22:08:79:11:3c:0c:92:
dc:3f:90:fb:dd:25:cd:e2:5c:8e:f4:06:2f:84:95:
8e:44:1c:7f:a3:4a:56:4f:3a:69:ce:7f:a2:5f:5a:
3a:be:e6:ab:0b:ec:2e:e5:97:45:87:32:48:5b:d4:
54:80:34:16:a6:82:25:0c:bd:bd:b1:ce:c3:d9:47:
48:b7:2e:cd:0e:26:d8:02:85:b8:62:d2:34:96:d7:
eb:36:96:7f:58:5d:5c:42:9e:63:eb:e0:ea:42:8c:
0c:db:4a:8f:47:20:70:85:4e:03:85:78:78:1a:0e:
fe:44:17:9f:24:81:f3:9e:a8:9e:26:ab:b3:40:7c:
13:f8:d8:6b:ce:6f:e7:71:22:b1:30:38:c9:e8:6e:
74:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:49:0D:38:DF:7E:D5:73:E8:B3:DA:06:2D:83:CD:DB:C2:BB:C4:9D
X509v3 Authority Key Identifier:
keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/RUkNON9-1XPos9oGLYPN28K7xJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.150.0.0/16
31.184.0.0/18
31.187.112.0/20
37.138.0.0/16
62.89.160.0/19
80.66.0.0/19
80.228.0.0/16
82.149.160.0/19
85.8.64.0/18
85.16.0.0/16
87.245.0.0/18
89.166.128.0/17
89.233.64.0/19
90.153.0.0/17
91.96.0.0/15
91.248.0.0/15
92.252.0.0/17
95.33.0.0/16
178.142.0.0/16
188.118.128.0/18
212.6.64.0/18
212.95.96.0/19
213.168.192.0/19
213.170.160.0/19
213.182.96.0/19
213.183.160.0/19
213.252.128.0/18
IPv6:
2a02:8200::/27
Signature Algorithm: sha256WithRSAEncryption
60:20:7d:ed:ad:86:fe:4c:15:d3:8d:d9:f7:c7:5d:21:f9:6a:
52:5e:98:5d:48:43:8e:a1:b7:b6:91:9a:2f:71:99:0d:64:00:
1e:f8:a1:6a:82:01:29:bf:04:92:4d:2b:56:bf:8f:8d:52:51:
a7:2a:fd:9e:d5:58:c8:1f:d1:b0:13:cf:15:bf:65:de:08:f7:
99:bd:71:91:4b:2a:eb:75:e0:82:e3:42:85:84:58:21:3f:b0:
22:37:5e:67:12:41:5b:f3:e6:e2:25:35:e9:76:5c:cc:6f:9a:
f9:e1:ce:8b:b2:ec:cc:ca:9b:da:55:c3:76:b5:ca:b1:09:73:
3f:c1:8a:1a:32:58:5a:6f:a0:a7:b3:e4:c7:9f:3b:4c:bc:a6:
fd:90:9f:49:3b:82:f8:7a:5a:4a:60:a5:9f:17:e3:8b:05:6d:
bd:1c:2a:23:68:70:1f:37:4a:50:d0:81:b1:09:90:7d:f5:5b:
90:0e:fa:4c:68:f1:75:7e:b1:61:42:a7:b4:0a:c4:4e:c6:ae:
bd:c7:e9:3f:9e:3d:cf:04:8c:88:e3:b0:a4:85:0e:55:25:31:
1c:56:b4:84:91:47:94:51:59:a8:e9:c3:ba:dc:62:81:1e:67:
59:8c:e4:a7:9e:75:b9:27:e5:1f:47:56:e5:cb:7e:6a:3b:e8:
e5:d9:ff:2c
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYbe1WxoK1I1iC/k7xHDZWvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjMwMzE0MDYzNjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQ5MGQzOGRmN2VkNTczZThiM2RhMDYyZDgzY2RkYmMyYmJjNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiVehTG8EF2IgdFDbnuOo6JAmkjC
9IuyPht7Lw8re7RdJEBdDwfB/FYo1X15UFpL38IwSk3/ad5a5oqyx/7fvZRQvtCk
wwoCf7MN8+Q0ye2qqs/a/Efst1sBA6i3kHolHBU6VmBG57qbopPQGYL5DCIIeRE8
DJLcP5D73SXN4lyO9AYvhJWORBx/o0pWTzppzn+iX1o6vuarC+wu5ZdFhzJIW9RU
gDQWpoIlDL29sc7D2UdIty7NDibYAoW4YtI0ltfrNpZ/WF1cQp5j6+DqQowM20qP
RyBwhU4DhXh4Gg7+RBefJIHznqieJquzQHwT+Nhrzm/ncSKxMDjJ6G50pwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFEVJDTjfftVz6LPaBi2DzdvCu8SdMB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEvUlVrTk9OOS0xWFBvczlvR0xZUE4yOEs3eEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBoQQCAAEwgZoDAwAf
lgMEBh+4AAMEBB+7cAMDACWKAwQFPlmgAwQFUEIAAwMAUOQDBAVSlaADBAZVCEAD
AwBVEAMEBlf1AAMEB1mmgAMEBVnpQAMEB1qZAAMDAVtgAwMBW/gDBAdc/AADAwBf
IQMDALKOAwQGvHaAAwQG1AZAAwQF1F9gAwQF1ajAAwQF1aqgAwQF1bZgAwQF1beg
AwQG1fyAMA0EAgACMAcDBQUqAoIAMA0GCSqGSIb3DQEBCwUAA4IBAQBgIH3trYb+
TBXTjdn3x10h+WpSXphdSEOOobe2kZovcZkNZAAe+KFqggEpvwSSTStWv4+NUlGn
Kv2e1VjIH9GwE88Vv2XeCPeZvXGRSyrrdeCC40KFhFghP7AiN15nEkFb8+biJTXp
dlzMb5r54c6LsuzMypvaVcN2tcqxCXM/wYoaMlhab6Cns+THnztMvKb9kJ9JO4L4
elpKYKWfF+OLBW29HCojaHAfN0pQ0IGxCZB99VuQDvpMaPF1frFhQqe0CsROxq69
x+k/nj3PBIyI47CkhQ5VJTEcVrSEkUeUUVmo6cO63GKBHmdZjOSnnnW5J+UfR1bl
y35qO+jl2f8s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:54 2024 by rpki-client on console-fra.rpki-client.org