Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UqgP4fmM3jEBpwkf6tIbBeCpCZo.roa
File: UqgP4fmM3jEBpwkf6tIbBeCpCZo.roa (raw, json)
Hash identifier: 1YHtOKmvsY9985ds1KRgf4GxSf0J3Dlix0u7l6sQIo8=
Subject key identifier: 52:A8:0F:E1:F9:8C:DE:31:01:A7:09:1F:EA:D2:1B:05:E0:A9:09:9A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A079B2CD09A666E09A34D1DEC38794522
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UqgP4fmM3jEBpwkf6tIbBeCpCZo.roa
Signing time: Fri 18 Aug 2023 07:45:24 +0000
ROA not before: Fri 18 Aug 2023 07:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 07:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:9b:2c:d0:9a:66:6e:09:a3:4d:1d:ec:38:79:45:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 18 07:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52a80fe1f98cde3101a7091fead21b05e0a9099a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6e:c4:fb:89:bb:ca:64:c9:be:6d:f5:97:7b:
9a:15:9c:91:c2:11:de:8a:d3:0e:94:f5:3e:12:13:
57:a2:22:1c:03:66:9d:8c:52:64:5b:a4:0f:62:99:
9f:3e:b0:fe:37:ec:52:0c:4a:7e:9a:68:e4:e6:6c:
6d:9d:e8:ce:b3:9a:a2:f5:23:eb:89:9b:4b:62:c7:
41:31:f6:3c:83:53:4f:f1:20:0f:aa:69:43:de:e9:
61:a6:7a:c9:66:4d:55:80:54:58:78:1a:a5:b3:b4:
58:f0:9b:9d:9f:2f:b6:4d:99:b9:eb:fb:eb:f8:1f:
0f:73:8d:c1:38:19:63:4c:fe:64:66:d9:af:07:a7:
43:00:7d:eb:91:7a:f1:da:f9:ff:0d:44:07:5c:61:
cf:4d:f0:bc:e4:a3:86:50:df:20:7f:26:dd:e7:d5:
18:91:5a:29:71:d8:ca:38:65:78:f6:5c:5d:da:55:
46:06:6c:92:61:0e:31:28:31:b4:8f:67:1c:82:33:
8f:04:7e:cd:23:70:c8:70:56:af:e1:23:6a:d9:78:
8c:28:e0:27:a2:9d:d6:38:f9:51:95:a2:3a:67:86:
f8:60:d9:20:11:b1:5d:36:a9:4a:44:47:ba:8a:97:
9b:78:38:4d:5b:ec:3e:46:c5:31:b8:1c:69:2e:ab:
5b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A8:0F:E1:F9:8C:DE:31:01:A7:09:1F:EA:D2:1B:05:E0:A9:09:9A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UqgP4fmM3jEBpwkf6tIbBeCpCZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
45.138.183.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
09:1c:56:00:de:f8:0e:9d:02:79:ef:e1:75:85:74:3c:f8:07:
54:7d:ff:24:bb:c1:7b:71:8c:a8:b2:64:28:16:91:4f:f9:32:
c6:20:11:ea:92:fe:15:b7:7c:b4:62:b4:b3:e7:9a:46:3a:39:
6f:3a:e4:98:80:79:98:3c:e5:46:9c:38:30:a0:6b:28:b6:c1:
b0:2d:73:3b:08:32:cc:02:90:c1:2a:af:6f:a0:83:33:56:12:
95:6e:97:49:db:70:8c:70:65:a9:87:77:bc:03:e6:9c:92:3d:
76:27:6c:77:6b:9a:d0:8e:bc:7a:2a:c7:57:31:25:5e:e7:0c:
6a:1b:ac:d1:3f:e9:35:c5:04:87:48:d0:51:2f:c3:64:9e:7f:
5f:f2:f4:12:7a:98:af:b6:01:63:2d:3f:02:7b:cf:68:34:e7:
ee:c4:eb:25:8a:f4:82:d7:26:39:bf:fa:42:c6:20:77:e9:2c:
d0:19:9e:f7:f1:43:1c:be:96:2e:62:6b:a8:97:07:9f:f2:bb:
96:ba:f3:c9:91:50:25:8f:bc:a4:11:61:d1:67:70:e7:f9:7f:
0e:c1:fc:f2:87:5a:a2:41:0e:ba:66:10:f4:af:96:50:f3:73:
bb:19:51:1d:90:e8:ee:97:c9:24:e7:05:bb:26:71:c6:41:b1:
fe:b5:b1:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoHmyzQmmZuCaNNHew4eUUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODE4MDc0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmE4MGZlMWY5OGNkZTMxMDFhNzA5MWZlYWQyMWIwNWUwYTkwOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW7E+4m7ymTJvm31l3uaFZyRwhHe
itMOlPU+EhNXoiIcA2adjFJkW6QPYpmfPrD+N+xSDEp+mmjk5mxtnejOs5qi9SPr
iZtLYsdBMfY8g1NP8SAPqmlD3ulhpnrJZk1VgFRYeBqls7RY8Judny+2TZm56/vr
+B8Pc43BOBljTP5kZtmvB6dDAH3rkXrx2vn/DUQHXGHPTfC85KOGUN8gfybd59UY
kVopcdjKOGV49lxd2lVGBmySYQ4xKDG0j2ccgjOPBH7NI3DIcFav4SNq2XiMKOAn
op3WOPlRlaI6Z4b4YNkgEbFdNqlKREe6ipebeDhNW+w+RsUxuBxpLqtbvwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFKoD+H5jN4xAacJH+rSGwXgqQmaMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVXFnUDRmbU0zakVCcHdrZjZ0SWJCZUNwQ1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV6rAwQA
LYq3AwQATVMlAwQATVMnAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQAJHFYA3vgO
nQJ57+F1hXQ8+AdUff8ku8F7cYyosmQoFpFP+TLGIBHqkv4Vt3y0YrSz55pGOjlv
OuSYgHmYPOVGnDgwoGsotsGwLXM7CDLMApDBKq9voIMzVhKVbpdJ23CMcGWph3e8
A+ackj12J2x3a5rQjrx6KsdXMSVe5wxqG6zRP+k1xQSHSNBRL8Nknn9f8vQSepiv
tgFjLT8Ce89oNOfuxOslivSC1yY5v/pCxiB36SzQGZ738UMcvpYuYmuolwef8ruW
uvPJkVAlj7ykEWHRZ3Dn+X8Owfzyh1qiQQ66ZhD0r5ZQ83O7GVEdkOjul8kk5wW7
JnHGQbH+tbGQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org