Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/UoXi7BAhxXPk6GNLW1zWieS9ncc.roa
File: UoXi7BAhxXPk6GNLW1zWieS9ncc.roa (raw, json)
Hash identifier: s3DEnJ2hfCHOlZXovJ3V3sDni3vJjzohN1PgwAb/FMw=
Subject key identifier: 52:85:E2:EC:10:21:C5:73:E4:E8:63:4B:5B:5C:D6:89:E4:BD:9D:C7
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E3DCD4017B8A5A9F426D0249A502CD0CF
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/UoXi7BAhxXPk6GNLW1zWieS9ncc.roa
Signing time: Thu 14 Mar 2024 16:30:45 +0000
ROA not before: Thu 14 Mar 2024 16:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 5.159.208.0/21 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Apr 2024 15:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:cd:40:17:b8:a5:a9:f4:26:d0:24:9a:50:2c:d0:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 14 16:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5285e2ec1021c573e4e8634b5b5cd689e4bd9dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:17:79:6e:5e:e5:d7:a0:fc:d1:84:f4:58:
3d:a3:fb:a4:e3:6a:89:5b:89:40:7d:d5:ec:79:bf:
fc:7c:80:56:20:17:ca:fa:c4:f1:1a:7f:b3:fc:7e:
f7:29:31:a0:7a:e8:ce:f3:56:f1:e5:71:4e:00:37:
8e:84:73:4c:d2:da:c7:d0:50:cc:a1:fb:af:a7:22:
04:dd:aa:5c:5e:0b:bf:d8:13:ba:4b:f5:dc:85:80:
ad:d0:cf:5a:35:68:df:e1:8c:5b:6a:48:df:49:34:
86:e0:f3:bc:26:51:4d:c8:b3:03:df:b0:e2:47:54:
12:cc:3a:77:ac:1f:0c:35:21:bf:53:1f:94:43:5c:
9f:7f:52:bf:7c:38:f6:2c:26:a8:63:98:8c:ac:13:
6f:01:bc:ad:5b:26:48:51:04:09:a4:7d:3e:1c:c1:
10:1f:8c:71:47:56:eb:b6:5d:5a:53:5c:53:41:bc:
ea:9b:aa:ee:41:ea:4b:f5:32:95:cf:08:21:5d:b7:
66:f9:2f:46:4d:2d:c3:8a:bc:ac:34:92:42:03:a3:
77:1e:64:a0:22:96:bf:13:82:9d:9c:64:bd:f1:95:
44:6f:f3:ec:90:b1:8f:ff:9e:3f:49:b1:48:98:14:
26:69:6a:07:2a:de:b9:cb:73:f2:34:f1:31:6f:c4:
8d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:85:E2:EC:10:21:C5:73:E4:E8:63:4B:5B:5C:D6:89:E4:BD:9D:C7
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/UoXi7BAhxXPk6GNLW1zWieS9ncc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.204.212.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
81:30:d8:6c:d1:d0:c3:b2:16:ea:45:35:ed:52:a6:36:99:3e:
90:54:89:d3:58:9e:b2:e7:b3:66:b3:e3:e7:4e:ef:ed:3d:12:
92:d2:01:29:83:18:c3:ab:8c:dc:ae:01:17:1c:10:ca:98:e7:
7f:0d:7e:3a:3e:90:79:2d:c2:d0:bd:28:45:2c:46:ad:1e:be:
3e:b6:9c:37:e4:65:44:64:96:30:15:87:e1:c6:c3:81:9a:60:
49:4e:79:22:e9:88:21:62:6d:ff:40:00:ae:0c:87:f8:f2:61:
bb:ea:65:27:81:a0:7c:33:27:0a:32:bd:d7:87:66:3d:ea:74:
6b:0f:65:bf:30:65:ae:a4:70:27:ee:65:a8:cf:0c:4a:64:5c:
81:63:31:20:66:9e:98:0d:53:5d:dd:28:3a:90:7a:60:dc:fd:
82:98:39:03:e0:25:6e:4f:81:0f:ba:6a:c6:c0:d4:88:c5:53:
92:b2:07:c9:49:b3:c9:64:9f:77:55:00:07:dc:cf:df:3a:aa:
a8:ae:62:26:63:80:33:7c:a1:af:6f:0e:f3:17:74:9a:ef:ae:
47:f0:f5:59:42:0b:cd:98:52:ba:86:39:57:37:34:a8:d7:26:
d4:fd:e7:48:0e:48:dc:f5:c9:c4:64:9d:67:63:44:42:49:26:
3f:53:d6:9c
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY49zUAXuKWp9CbQJJpQLNDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzE0MTYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjg1ZTJlYzEwMjFjNTczZTRlODYzNGI1YjVjZDY4OWU0YmQ5ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/sXeW5e5deg/NGE9Fg9o/uk42qJ
W4lAfdXseb/8fIBWIBfK+sTxGn+z/H73KTGgeujO81bx5XFOADeOhHNM0trH0FDM
ofuvpyIE3apcXgu/2BO6S/XchYCt0M9aNWjf4YxbakjfSTSG4PO8JlFNyLMD37Di
R1QSzDp3rB8MNSG/Ux+UQ1yff1K/fDj2LCaoY5iMrBNvAbytWyZIUQQJpH0+HMEQ
H4xxR1brtl1aU1xTQbzqm6ruQepL9TKVzwghXbdm+S9GTS3DirysNJJCA6N3HmSg
Ipa/E4KdnGS98ZVEb/PskLGP/54/SbFImBQmaWoHKt65y3PyNPExb8SN3wIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFFKF4uwQIcVz5OhjS1tc1onkvZ3HMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvVW9YaTdCQWh4WFBrNkdOTFcxeldpZVM5bmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgDBAMF
n9ADBAMfwGADBAItCGQDBAIthGwDBARQSvADBAVVX2ADBANcKngDBANfgUADBAOw
OgADBAK5T7gDBAK5XswDBAK5Y0wDBAK5kVgDBAK5stgDBAK5zNQDBAO8XhADBADB
GAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgwDAMEAtQLRAMEAtQLSAME
BNmRgDAUBAIAAjAOAwUAKgDxwAMFAyoE6cAwDQYJKoZIhvcNAQELBQADggEBAIEw
2GzR0MOyFupFNe1SpjaZPpBUidNYnrLns2az4+dO7+09EpLSASmDGMOrjNyuARcc
EMqY538Nfjo+kHktwtC9KEUsRq0evj62nDfkZURkljAVh+HGw4GaYElOeSLpiCFi
bf9AAK4Mh/jyYbvqZSeBoHwzJwoyvdeHZj3qdGsPZb8wZa6kcCfuZajPDEpkXIFj
MSBmnpgNU13dKDqQemDc/YKYOQPgJW5PgQ+6asbA1IjFU5KyB8lJs8lkn3dVAAfc
z986qqiuYiZjgDN8oa9vDvMXdJrvrkfw9VlCC82YUrqGOVc3NKjXJtT950gOSNz1
ycRknWdjREJJJj9T1pw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org