Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/UZ46JL7bf7j0nBElD4qwaMllEMU.roa
File: UZ46JL7bf7j0nBElD4qwaMllEMU.roa (raw, json)
Hash identifier: H7xqZF6P/PBErv8KSm85kOlc10gIMn5C2iA9UfjVvnA=
Subject key identifier: 51:9E:3A:24:BE:DB:7F:B8:F4:9C:11:25:0F:8A:B0:68:C9:65:10:C5
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E31EF87F0FFB122F3CF2B339FCF757623
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/UZ46JL7bf7j0nBElD4qwaMllEMU.roa
Signing time: Tue 12 Mar 2024 09:12:45 +0000
ROA not before: Tue 12 Mar 2024 09:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
195.26.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 15:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:ef:87:f0:ff:b1:22:f3:cf:2b:33:9f:cf:75:76:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 12 09:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=519e3a24bedb7fb8f49c11250f8ab068c96510c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6b:0e:b4:24:ab:8f:d8:b6:f6:5e:a3:37:2c:
ec:73:03:ca:ec:12:cc:f6:3f:83:76:33:f3:c6:0e:
a6:da:9d:d7:e6:5f:7b:fb:89:fb:4d:a8:80:27:12:
be:c4:4d:9a:54:32:2c:e2:b0:8e:5a:1e:f3:22:76:
2c:e7:0d:80:b7:04:0c:01:84:98:ed:6f:38:56:e0:
ad:ba:19:29:c7:d1:39:28:59:a6:14:79:aa:6a:d6:
ec:1a:33:b4:19:2e:d7:ff:67:48:b4:2d:21:0c:c9:
61:3a:8c:b5:c3:3e:14:8b:6e:e0:4a:c7:b2:6b:aa:
69:2f:a5:3a:34:ce:33:9b:07:b4:76:f8:2f:4c:82:
1e:c8:52:ec:aa:d4:ea:b8:5f:8b:ed:33:37:67:59:
59:3f:8b:9f:ea:b3:36:b1:26:eb:20:c5:97:73:03:
8b:1d:aa:2d:c3:f6:54:7d:bc:dd:13:e4:b2:ac:43:
16:c9:4e:b3:77:87:31:31:22:c2:5a:61:56:11:84:
db:e1:a7:35:47:aa:74:ae:99:48:81:70:4b:d8:c4:
62:55:18:bf:d1:64:4c:8d:e9:09:ca:69:98:dd:19:
46:a2:f2:96:06:de:11:21:bf:ac:ac:ae:d2:cc:5a:
0e:97:63:1e:49:0c:17:e6:0b:bc:8f:67:ca:88:8a:
0f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9E:3A:24:BE:DB:7F:B8:F4:9C:11:25:0F:8A:B0:68:C9:65:10:C5
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/UZ46JL7bf7j0nBElD4qwaMllEMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
185.79.184.0/22
185.178.216.0/22
185.204.212.0/22
195.26.32.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:51:dc:f1:ea:47:08:ad:41:18:db:3a:76:d2:80:40:15:46:
c6:16:87:83:aa:66:3a:4e:1e:2f:bf:a6:cf:0f:1e:19:19:4c:
e6:69:80:79:0f:d1:4d:01:f6:f6:fb:90:36:9c:96:70:09:6f:
1f:fe:50:50:62:b5:fb:4c:ed:3f:8d:25:52:17:eb:76:41:20:
a1:b1:2e:05:c1:4a:3f:b6:72:39:5a:a6:cd:67:57:95:12:35:
89:41:e3:69:e1:e9:68:58:ce:c6:91:5b:dc:f9:42:97:5c:f6:
82:43:68:03:2c:24:ea:70:e4:82:c3:3a:ba:68:c8:45:9e:c8:
3f:e2:62:5f:98:76:e8:a6:a5:dd:d4:d9:b1:54:db:45:22:f9:
76:be:f8:19:35:38:3d:54:eb:0a:f3:f5:a7:b4:b5:df:0c:43:
26:ed:37:48:23:89:7a:46:aa:50:22:9e:c5:cb:da:67:84:f9:
d8:54:be:95:6e:8f:bf:b3:e4:71:26:e3:68:1b:68:e7:80:3b:
20:19:12:b4:df:f8:e2:56:c9:f4:33:ee:10:67:9d:a3:a4:5c:
89:43:54:ff:53:a5:7f:5f:dd:47:dc:71:66:92:8c:5b:5c:86:
2a:f0:9c:17:94:f7:8d:0a:24:0d:46:e5:61:03:08:5a:56:69:
66:a0:87:90
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY4x74fw/7Ei888rM5/PdXYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzEyMDkxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTllM2EyNGJlZGI3ZmI4ZjQ5YzExMjUwZjhhYjA2OGM5NjUxMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWsOtCSrj9i29l6jNyzscwPK7BLM
9j+DdjPzxg6m2p3X5l97+4n7TaiAJxK+xE2aVDIs4rCOWh7zInYs5w2AtwQMAYSY
7W84VuCtuhkpx9E5KFmmFHmqatbsGjO0GS7X/2dItC0hDMlhOoy1wz4Ui27gSsey
a6ppL6U6NM4zmwe0dvgvTIIeyFLsqtTquF+L7TM3Z1lZP4uf6rM2sSbrIMWXcwOL
Haotw/ZUfbzdE+SyrEMWyU6zd4cxMSLCWmFWEYTb4ac1R6p0rplIgXBL2MRiVRi/
0WRMjekJymmY3RlGovKWBt4RIb+srK7SzFoOl2MeSQwX5gu8j2fKiIoP9QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFGeOiS+23+49JwRJQ+KsGjJZRDFMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvVVo0NkpMN2JmN2owbkJFbEQ0cXdhTWxsRU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUErwAwQF
VV9gAwQDXCp4AwQDX4FAAwQCuU+4AwQCubLYAwQCuczUAwQFwxogMA0GCSqGSIb3
DQEBCwUAA4IBAQArUdzx6kcIrUEY2zp20oBAFUbGFoeDqmY6Th4vv6bPDx4ZGUzm
aYB5D9FNAfb2+5A2nJZwCW8f/lBQYrX7TO0/jSVSF+t2QSChsS4FwUo/tnI5WqbN
Z1eVEjWJQeNp4eloWM7GkVvc+UKXXPaCQ2gDLCTqcOSCwzq6aMhFnsg/4mJfmHbo
pqXd1NmxVNtFIvl2vvgZNTg9VOsK8/WntLXfDEMm7TdII4l6RqpQIp7Fy9pnhPnY
VL6Vbo+/s+RxJuNoG2jngDsgGRK03/jiVsn0M+4QZ52jpFyJQ1T/U6V/X91H3HFm
koxbXIYq8JwXlPeNCiQNRuVhAwhaVmlmoIeQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org