Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/USCK_5p9dS__hmdPJ7mZ7rc4m04.roa
File: USCK_5p9dS__hmdPJ7mZ7rc4m04.roa (raw, json)
Hash identifier: 8AnTv1/W1ERvifO1iYxA6nzDcQM09fYHFUJAnd8n9mA=
Subject key identifier: 51:20:8A:FF:9A:7D:75:2F:FF:86:67:4F:27:B9:99:EE:B7:38:9B:4E
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018A6A8749A79C88265A5AABF517F637DA59
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/USCK_5p9dS__hmdPJ7mZ7rc4m04.roa
Signing time: Wed 06 Sep 2023 12:46:05 +0000
ROA not before: Wed 06 Sep 2023 12:46:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.94.136.0/24 maxlen: 24
45.94.137.0/24 maxlen: 24
45.94.139.0/24 maxlen: 24
5.253.184.0/23 maxlen: 23
185.114.204.0/24 maxlen: 24
5.253.187.0/24 maxlen: 24
193.135.220.0/22 maxlen: 22
88.214.0.0/24 maxlen: 24
88.214.1.0/24 maxlen: 24
88.214.2.0/24 maxlen: 24
88.214.3.0/24 maxlen: 24
88.218.196.0/22 maxlen: 22
185.219.160.0/24 maxlen: 24
185.219.163.0/24 maxlen: 24
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
193.111.184.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:87:49:a7:9c:88:26:5a:5a:ab:f5:17:f6:37:da:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Sep 6 12:46:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51208aff9a7d752fff86674f27b999eeb7389b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a3:25:40:b2:68:a6:bf:0b:7e:64:b0:4e:7b:
f8:f1:1a:0e:a8:97:65:b7:ba:56:6e:47:62:2b:cd:
e0:e1:c0:09:21:df:d1:ba:3c:25:b6:15:32:34:ef:
da:d4:ca:e0:aa:49:62:97:56:5c:9c:cf:7c:71:a5:
9e:4a:63:47:37:01:ae:63:46:8b:1c:4c:b1:81:b0:
16:e9:16:2c:16:85:6a:de:ba:92:15:e0:e1:2e:4b:
a7:b6:58:2a:e9:81:af:23:5a:ad:54:33:2f:62:15:
a8:7b:ab:8d:1b:62:be:45:28:6f:e9:de:e2:7c:18:
01:31:1d:f5:aa:ad:c7:56:fc:f2:e9:66:fb:e8:82:
21:fa:47:0a:e2:14:ab:7a:e9:6d:7b:4c:b6:62:f7:
07:85:98:9b:b6:fa:d2:93:82:bb:02:75:12:89:27:
12:ad:1b:2b:4d:81:31:00:0e:7f:c7:3d:47:a3:50:
da:90:a1:a7:38:e6:aa:3a:77:5a:71:86:8a:d7:f2:
c3:3e:31:6a:05:a5:45:4e:1f:01:99:ce:b9:f2:51:
76:00:a3:b5:dc:aa:77:f3:bd:90:65:03:7f:9f:f4:
19:e0:ad:00:d5:53:11:7d:01:ec:96:bf:db:62:26:
10:8c:08:f0:4b:93:c4:89:61:79:8f:8b:4a:9d:89:
2e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:20:8A:FF:9A:7D:75:2F:FF:86:67:4F:27:B9:99:EE:B7:38:9B:4E
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/USCK_5p9dS__hmdPJ7mZ7rc4m04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
5.253.187.0/24
45.81.161.0-45.81.163.255
45.94.136.0/23
45.94.139.0/24
45.130.33.0-45.130.35.255
88.214.0.0/22
88.218.196.0/22
185.114.204.0/24
185.219.160.0/24
185.219.163.0/24
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
21:4f:87:36:57:40:69:d5:72:05:03:13:9e:18:52:76:77:c6:
a7:64:bb:7d:7a:06:b9:2d:66:b9:ab:04:c8:f3:18:dc:ac:80:
35:7a:a2:eb:b9:d4:ae:33:e8:df:4e:97:03:55:62:d2:e4:34:
6c:9f:6b:3d:9a:32:59:7d:69:7d:de:bb:32:19:b5:e7:d5:96:
45:26:9b:17:c3:86:85:10:bc:09:9b:b6:24:e5:38:e4:1a:fa:
d7:e6:28:9d:b0:e6:e6:70:28:b9:e1:3a:24:42:55:e2:a8:03:
5c:01:ca:be:3f:e7:d0:98:cc:1b:1d:46:10:6b:59:77:99:4a:
cc:a3:bc:3f:0d:08:99:23:44:05:fe:3a:74:69:cf:be:eb:b5:
85:7a:9b:0d:20:83:0a:2f:42:f9:42:de:2e:3e:64:78:e5:1e:
77:66:53:e6:9d:67:dc:f6:53:13:c5:b0:89:d1:d6:b6:e2:e4:
be:0a:7f:ca:62:fe:e1:39:c9:59:61:1c:3b:69:aa:d1:f8:03:
81:08:6d:3f:72:bb:da:5c:20:58:76:cd:47:24:2b:93:07:2e:
2e:81:95:af:56:01:71:e6:fd:4e:dc:94:3b:14:42:bf:d5:84:
14:43:67:2b:03:63:31:cd:0b:37:6b:a9:5e:be:2e:11:88:a6:
72:76:e6:be
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYpqh0mnnIgmWlqr9Rf2N9pZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwOTA2MTI0NjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTIwOGFmZjlhN2Q3NTJmZmY4NjY3NGYyN2I5OTllZWI3Mzg5YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6MlQLJopr8LfmSwTnv48RoOqJdl
t7pWbkdiK83g4cAJId/RujwlthUyNO/a1Mrgqklil1ZcnM98caWeSmNHNwGuY0aL
HEyxgbAW6RYsFoVq3rqSFeDhLkuntlgq6YGvI1qtVDMvYhWoe6uNG2K+RShv6d7i
fBgBMR31qq3HVvzy6Wb76IIh+kcK4hSreulte0y2YvcHhZibtvrSk4K7AnUSiScS
rRsrTYExAA5/xz1Ho1DakKGnOOaqOndacYaK1/LDPjFqBaVFTh8Bmc658lF2AKO1
3Kp3872QZQN/n/QZ4K0A1VMRfQHslr/bYiYQjAjwS5PEiWF5j4tKnYkucQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFFEgiv+afXUv/4ZnTye5me63OJtOMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvVVNDS181cDlkU19faG1kUEo3bVo3cmM0bTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaADBAEtXogDBAAtXoswDAMEAC2CIQMEAi2CIAMEAljW
AAMEAljaxAMEALlyzAMEALnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0B
AQsFAAOCAQEAIU+HNldAadVyBQMTnhhSdnfGp2S7fXoGuS1muasEyPMY3KyANXqi
67nUrjPo306XA1Vi0uQ0bJ9rPZoyWX1pfd67Mhm159WWRSabF8OGhRC8CZu2JOU4
5Br61+YonbDm5nAoueE6JEJV4qgDXAHKvj/n0JjMGx1GEGtZd5lKzKO8Pw0ImSNE
Bf46dGnPvuu1hXqbDSCDCi9C+ULeLj5keOUed2ZT5p1n3PZTE8WwidHWtuLkvgp/
ymL+4TnJWWEcO2mq0fgDgQhtP3K72lwgWHbNRyQrkwcuLoGVr1YBceb9TtyUOxRC
v9WEFENnKwNjMc0LN2upXr4uEYimcnbmvg==
-----END CERTIFICATE-----
Generated at Wed Sep 27 01:38:30 2023 by rpki-client on console-ams.rpki-client.org