Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/uZG1fhTkNE6JS8xH8uXHEjGj_0g.roa
File: uZG1fhTkNE6JS8xH8uXHEjGj_0g.roa (raw, json)
Hash identifier: INQX+zJr7BEFr4WZmeY9jERrKede1b6qxxvSB1jcxmQ=
Subject key identifier: B9:91:B5:7E:14:E4:34:4E:89:4B:CC:47:F2:E5:C7:12:31:A3:FF:48
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0187ADAE1DA72DABAE1657EA446AEC9E4978
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/uZG1fhTkNE6JS8xH8uXHEjGj_0g.roa
Signing time: Sun 23 Apr 2023 10:34:41 +0000
ROA not before: Sun 23 Apr 2023 10:34:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 29 Apr 2023 00:22:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ad:ae:1d:a7:2d:ab:ae:16:57:ea:44:6a:ec:9e:49:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 23 10:34:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b991b57e14e4344e894bcc47f2e5c71231a3ff48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1b:b4:9c:99:31:bc:58:76:b0:05:8f:79:98:
f3:77:62:30:5f:c8:fb:d6:90:d0:cd:b1:30:f7:b5:
19:bf:99:85:dd:1f:85:ad:e9:65:d6:45:58:82:d8:
36:c2:ca:76:25:61:88:c6:dd:21:12:b0:fd:14:94:
cd:48:e0:ec:26:d7:d2:68:0f:ab:33:39:c9:96:32:
c0:09:42:9b:e2:f8:fe:d1:d8:c2:36:c8:71:82:a1:
7c:6c:38:0d:87:84:f4:43:8c:b7:0a:f6:e5:f2:f7:
22:36:c5:a9:76:aa:f5:73:17:dc:d3:8a:36:e6:ed:
39:ea:95:c0:a7:28:42:1c:0e:02:f3:40:62:4a:63:
5f:e2:9e:76:43:d2:53:80:08:a9:82:ad:a7:ab:0e:
8a:6a:7e:7f:2e:6b:85:10:a5:1a:c8:c6:52:25:22:
d8:d9:12:ce:40:e5:ee:8c:23:99:d9:cd:a8:0a:da:
59:ce:7f:82:ca:46:3c:57:4b:a8:15:56:e1:05:46:
12:40:71:aa:a1:43:51:24:b2:fe:c8:92:f9:7e:c6:
c6:24:c8:57:da:3a:d9:d5:ee:97:99:26:a2:d4:6a:
99:0e:c0:d3:68:07:51:dd:82:d5:ff:6c:fd:e0:46:
09:ff:50:1e:24:38:ce:cc:10:e8:74:8f:68:10:6f:
72:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:91:B5:7E:14:E4:34:4E:89:4B:CC:47:F2:E5:C7:12:31:A3:FF:48
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/uZG1fhTkNE6JS8xH8uXHEjGj_0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
91:d3:cf:be:1a:25:61:f8:51:08:65:3f:17:38:2f:08:7d:15:
a8:10:ef:a2:5b:b9:05:4a:ed:db:04:b2:dd:66:6c:90:a5:8f:
2b:8e:1c:34:8f:08:0e:ef:4a:fe:51:0c:0e:21:c1:84:fa:2f:
08:75:22:85:cb:1f:d6:a5:b6:c6:a0:99:5a:90:1f:2e:56:51:
d7:88:fb:c0:d6:6a:51:39:d0:17:9d:d8:fc:88:56:e7:29:5c:
46:5c:64:cb:6d:01:ac:b9:6a:fd:85:b0:61:47:fb:e5:67:78:
8c:53:3c:f4:ed:23:a3:b6:29:3d:a8:f3:e9:57:9a:1a:53:a0:
e1:3f:08:29:a5:70:a5:2f:10:7e:c3:44:67:9e:08:08:8a:68:
cb:c0:08:79:27:f9:a7:96:bf:60:64:6d:33:f8:64:2b:c4:08:
6c:13:91:de:ae:e9:db:97:23:94:1e:2d:66:1e:b7:14:88:75:
89:42:99:4c:ab:4b:08:c8:a0:72:28:bb:f9:4d:4a:c8:d3:d5:
73:44:10:7e:2b:be:57:7b:c3:b7:3e:4b:eb:25:67:b3:37:72:
fc:dd:ad:7c:6d:5a:fa:c3:ac:76:23:ae:bc:e4:27:77:2e:61:
9b:ea:71:72:a2:61:35:12:e6:f7:b3:ed:6e:cd:4c:04:fb:52:
a4:00:ff:1a
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYetrh2nLauuFlfqRGrsnkl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNDIzMTAzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTkxYjU3ZTE0ZTQzNDRlODk0YmNjNDdmMmU1YzcxMjMxYTNmZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ru0nJkxvFh2sAWPeZjzd2IwX8j7
1pDQzbEw97UZv5mF3R+Frell1kVYgtg2wsp2JWGIxt0hErD9FJTNSODsJtfSaA+r
MznJljLACUKb4vj+0djCNshxgqF8bDgNh4T0Q4y3Cvbl8vciNsWpdqr1cxfc04o2
5u056pXApyhCHA4C80BiSmNf4p52Q9JTgAipgq2nqw6Kan5/LmuFEKUayMZSJSLY
2RLOQOXujCOZ2c2oCtpZzn+CykY8V0uoFVbhBUYSQHGqoUNRJLL+yJL5fsbGJMhX
2jrZ1e6XmSai1GqZDsDTaAdR3YLV/2z94EYJ/1AeJDjOzBDodI9oEG9yzQIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFLmRtX4U5DROiUvMR/LlxxIxo/9IMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdVpHMWZoVGtORTZKUzh4SDh1WEhFakdqXzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgZcEAgABMIGQAwQC
AjikAwQCLVEUAwQCLVqQAwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQC
VcqgAwQCWb6cAwQCstqQAwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQC
wR8cAwQCwSJMAwQAwWm4AwQCwd3AAwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMF4E
AgACMFgDBwQqCwuCAAADBQEqCwuEAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//a
AwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQAqDXfHMA0G
CSqGSIb3DQEBCwUAA4IBAQCR08++GiVh+FEIZT8XOC8IfRWoEO+iW7kFSu3bBLLd
ZmyQpY8rjhw0jwgO70r+UQwOIcGE+i8IdSKFyx/WpbbGoJlakB8uVlHXiPvA1mpR
OdAXndj8iFbnKVxGXGTLbQGsuWr9hbBhR/vlZ3iMUzz07SOjtik9qPPpV5oaU6Dh
PwgppXClLxB+w0RnnggIimjLwAh5J/mnlr9gZG0z+GQrxAhsE5HerunblyOUHi1m
HrcUiHWJQplMq0sIyKByKLv5TUrI09VzRBB+K75Xe8O3PkvrJWezN3L83a18bVr6
w6x2I6685Cd3LmGb6nFyomE1Eub3s+1uzUwE+1KkAP8a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org