Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/U9GaGqFCN6LuHq0aab-nHk4F0nA.roa
File: U9GaGqFCN6LuHq0aab-nHk4F0nA.roa (raw, json)
Hash identifier: nkobPJV3qmGXwCcqeqDYABu31faH3BKq89Ib+5HQTIM=
Subject key identifier: 53:D1:9A:1A:A1:42:37:A2:EE:1E:AD:1A:69:BF:A7:1E:4E:05:D2:70
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01876603E045F2B42042BF018CE41C46F21B
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/U9GaGqFCN6LuHq0aab-nHk4F0nA.roa
Signing time: Sun 09 Apr 2023 12:35:42 +0000
ROA not before: Sun 09 Apr 2023 12:35:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 185.227.71.0/24 maxlen: 24
193.105.177.0/24 maxlen: 24
178.218.145.0/24 maxlen: 24
194.56.224.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
85.202.162.0/24 maxlen: 24
185.186.67.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 May 2023 16:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:66:03:e0:45:f2:b4:20:42:bf:01:8c:e4:1c:46:f2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 9 12:35:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53d19a1aa14237a2ee1ead1a69bfa71e4e05d270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0a:f6:3c:43:13:60:a6:51:c0:dd:6d:c0:da:
03:d3:d2:5b:5c:06:2c:cb:5e:cb:73:ba:cf:8e:53:
d5:40:12:cc:80:8b:5c:7e:e0:a4:a6:26:b9:bc:02:
d9:0d:bf:bd:b4:2d:7f:6e:b8:86:bb:17:2a:4b:d5:
aa:a5:38:0d:ec:42:e9:d4:b1:f6:54:df:31:58:ad:
73:d5:14:5a:b9:32:74:78:01:ad:c4:d7:17:16:49:
04:a7:a6:ef:9a:d5:ae:2e:1f:3f:c9:90:34:60:03:
c2:bb:d4:61:9d:73:6d:49:e0:d7:45:8c:29:09:d2:
0f:0d:9b:e1:33:da:4f:6c:02:e6:81:11:07:f2:f2:
0f:5e:2c:13:46:12:03:6e:0f:fd:5b:b7:1a:3f:67:
f1:6e:67:35:b2:0d:3d:a9:e9:32:f7:41:02:89:af:
c3:f4:bf:7e:ce:12:f7:1b:83:42:20:2e:bb:f5:38:
3c:88:99:70:55:52:d8:e3:5e:ee:de:82:5d:95:51:
50:47:9c:34:ec:72:d4:25:ae:0e:84:fe:26:a3:ab:
7c:5b:c0:f5:06:7c:d4:10:cc:32:2a:63:c2:3d:28:
6b:7f:e7:0a:86:93:53:ab:99:45:e5:4e:f7:bc:d2:
fe:22:56:0f:cf:5e:29:5f:43:33:5d:61:5a:85:af:
ab:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D1:9A:1A:A1:42:37:A2:EE:1E:AD:1A:69:BF:A7:1E:4E:05:D2:70
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/U9GaGqFCN6LuHq0aab-nHk4F0nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.145.0-45.90.146.255
85.202.162.0/24
178.218.145.0/24
185.186.67.0/24
185.227.71.0/24
185.234.74.0/23
193.105.177.0/24
194.56.224.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:c0:99:6d:1d:50:06:b8:3b:38:02:c8:13:d2:18:88:1f:4b:
56:6c:9c:bf:4c:9a:9d:7e:0f:bc:51:d1:55:84:5a:23:aa:39:
9c:91:2e:31:73:08:fc:84:1d:16:1a:3c:14:0c:68:a8:24:83:
a0:aa:d6:78:a3:0a:d5:ac:3c:42:7f:c5:00:1f:07:46:cd:4a:
b6:65:1a:c1:a2:0c:ff:9e:6f:46:1d:84:d9:da:63:d4:b5:f2:
94:85:01:87:01:77:35:f1:68:e2:20:de:6c:e2:7a:f6:e3:f9:
89:5b:08:fc:a4:51:07:84:88:f0:4d:f3:f9:65:f4:35:8b:20:
37:3d:30:32:c8:2e:96:49:b1:91:d0:ca:d9:37:c7:e5:36:3f:
fa:8b:dc:1c:25:20:91:1f:bd:11:0b:32:e6:55:ca:e8:aa:c8:
34:f3:84:f6:72:ce:23:1a:5a:95:04:e1:75:ca:98:a3:7a:c4:
45:c4:86:f2:7a:b9:b2:90:56:34:fc:98:65:16:e8:a3:ac:36:
bc:8e:6a:a6:76:5c:9f:2c:9d:4b:0f:d7:90:24:77:ee:eb:bd:
34:97:8f:23:4b:9a:31:bc:9f:2a:e9:a8:ea:61:b1:a3:09:27:
5c:ec:37:2e:55:96:f0:c5:df:db:bd:02:90:44:57:3e:fe:39:
b9:b7:ad:3a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYdmA+BF8rQgQr8BjOQcRvIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNDA5MTIzNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QxOWExYWExNDIzN2EyZWUxZWFkMWE2OWJmYTcxZTRlMDVkMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAr2PEMTYKZRwN1twNoD09JbXAYs
y17Lc7rPjlPVQBLMgItcfuCkpia5vALZDb+9tC1/briGuxcqS9WqpTgN7ELp1LH2
VN8xWK1z1RRauTJ0eAGtxNcXFkkEp6bvmtWuLh8/yZA0YAPCu9RhnXNtSeDXRYwp
CdIPDZvhM9pPbALmgREH8vIPXiwTRhIDbg/9W7caP2fxbmc1sg09qeky90ECia/D
9L9+zhL3G4NCIC679Tg8iJlwVVLY417u3oJdlVFQR5w07HLUJa4OhP4mo6t8W8D1
BnzUEMwyKmPCPShrf+cKhpNTq5lF5U73vNL+IlYPz14pX0MzXWFaha+rfwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFPRmhqhQjei7h6tGmm/px5OBdJwMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvVTlHYUdxRkNONkx1SHEwYWFiLW5IazRGMG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAAtWpED
BAAtWpIDBABVyqIDBACy2pEDBAC5ukMDBAC540cDBAG56koDBADBabEDBAHCOOAw
DQYJKoZIhvcNAQELBQADggEBACrAmW0dUAa4OzgCyBPSGIgfS1ZsnL9Mmp1+D7xR
0VWEWiOqOZyRLjFzCPyEHRYaPBQMaKgkg6Cq1nijCtWsPEJ/xQAfB0bNSrZlGsGi
DP+eb0YdhNnaY9S18pSFAYcBdzXxaOIg3mzievbj+YlbCPykUQeEiPBN8/ll9DWL
IDc9MDLILpZJsZHQytk3x+U2P/qL3BwlIJEfvRELMuZVyuiqyDTzhPZyziMaWpUE
4XXKmKN6xEXEhvJ6ubKQVjT8mGUW6KOsNryOaqZ2XJ8snUsP15Akd+7rvTSXjyNL
mjG8nyrpqOphsaMJJ1zsNy5VlvDF39u9ApBEVz7+Obm3rTo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org