Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/UXPlrJ05tCRnezuHwtotoVsbbtY.roa
File: UXPlrJ05tCRnezuHwtotoVsbbtY.roa (raw, json)
Hash identifier: EOCtkpnDasBpWkaqrfa/46T303kUJ8aqTJlaEEN9euM=
Subject key identifier: 51:73:E5:AC:9D:39:B4:24:67:7B:3B:87:C2:DA:2D:A1:5B:1B:6E:D6
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 01863032D26FA5024D8B256BA13E2F325B05
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/UXPlrJ05tCRnezuHwtotoVsbbtY.roa
Signing time: Wed 08 Feb 2023 08:44:42 +0000
ROA not before: Wed 08 Feb 2023 08:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 45.150.64.0/24 maxlen: 32
45.150.67.0/24 maxlen: 32
45.140.147.0/24 maxlen: 32
45.140.146.0/24 maxlen: 32
185.234.247.0/24 maxlen: 32
45.144.29.0/24 maxlen: 32
45.144.28.0/24 maxlen: 32
45.144.31.0/24 maxlen: 32
45.144.30.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:32:d2:6f:a5:02:4d:8b:25:6b:a1:3e:2f:32:5b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Feb 8 08:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5173e5ac9d39b424677b3b87c2da2da15b1b6ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fd:6c:32:27:6b:a4:c7:dd:4f:fc:9b:89:41:
39:28:d7:98:66:ed:9a:db:f1:57:5c:d6:b5:06:fd:
8a:90:c1:a9:c8:7f:13:36:94:5a:1d:51:fe:db:e9:
53:51:ce:fe:ee:07:2a:5f:e6:41:10:fe:5f:f2:26:
79:e1:9f:b8:f7:da:1a:78:7f:40:59:9f:62:77:cd:
a4:53:90:94:d6:4a:a7:71:8a:f0:93:de:55:4b:7c:
5c:67:e7:36:1c:a6:74:5d:66:ef:2a:37:dd:e8:7f:
7f:5c:dc:06:aa:32:32:2f:8e:de:b0:cb:1c:aa:7e:
d9:2d:bd:d1:7b:ab:2e:bd:80:fc:62:1b:68:ab:ea:
ac:1b:42:e0:ad:5b:74:23:00:0f:e8:e1:3d:8a:89:
9a:eb:6c:dd:af:57:05:fe:cc:c5:c3:52:4d:8b:df:
3a:4f:dc:e8:46:5d:80:f1:ae:f5:22:1e:95:8b:53:
d3:0c:f2:b3:4c:74:1a:79:e3:25:39:f6:45:97:22:
8e:18:ef:ba:65:ca:4b:b5:44:93:4a:38:43:c8:95:
ed:68:e1:ff:21:dd:00:9b:d6:4a:6b:87:0f:c6:29:
83:63:4c:25:6e:26:cf:bd:8e:26:92:0a:6a:c5:a1:
6b:24:94:d0:cf:fc:15:9a:74:5e:a8:8c:5f:c4:81:
19:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:73:E5:AC:9D:39:B4:24:67:7B:3B:87:C2:DA:2D:A1:5B:1B:6E:D6
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/UXPlrJ05tCRnezuHwtotoVsbbtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.146.0/23
45.144.28.0/22
45.150.64.0/24
45.150.67.0/24
185.234.247.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:ab:18:67:8a:d9:83:01:d3:b7:a7:0c:19:4c:f4:55:38:65:
74:36:83:44:0a:36:dd:29:05:01:9f:df:5b:93:06:57:63:47:
01:13:ce:7f:57:59:09:e3:ff:e8:2e:01:7a:9b:ad:c5:5d:c5:
a1:e6:ec:69:a6:a2:f1:93:1c:72:8e:64:30:40:ef:0f:cc:6a:
bf:b5:7b:25:ad:2a:aa:0f:70:01:28:15:a7:bc:02:40:6e:60:
72:2c:33:cd:55:fa:b5:27:26:a2:ba:81:ee:17:7d:05:63:80:
79:a7:cb:87:41:df:00:ab:bf:2e:2f:d2:3c:8d:6d:61:e7:ec:
99:ad:4a:c3:5e:b0:72:22:6d:e1:23:dc:05:bf:12:27:c3:f7:
5d:b1:89:e7:2d:fa:fc:49:9f:17:05:2e:49:4c:3e:d1:86:38:
95:41:b0:77:42:a1:d8:f0:bd:a2:ee:1b:91:f2:ae:ee:30:4e:
df:6f:47:d2:f2:f1:0e:44:b0:75:50:8c:63:54:f9:57:d1:5d:
bc:ef:d9:6a:35:d9:ee:de:cf:c2:6a:45:95:16:fc:56:8a:c8:
8a:ce:8d:16:cb:ae:1e:c4:67:fe:64:ff:f9:53:c4:4a:c1:07:
18:00:4b:8e:c6:1c:ff:06:e7:02:f4:0d:49:2a:b5:75:6c:bd:
46:14:5c:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYwMtJvpQJNiyVroT4vMlsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMjA4MDg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTczZTVhYzlkMzliNDI0Njc3YjNiODdjMmRhMmRhMTViMWI2ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/1sMidrpMfdT/ybiUE5KNeYZu2a
2/FXXNa1Bv2KkMGpyH8TNpRaHVH+2+lTUc7+7gcqX+ZBEP5f8iZ54Z+499oaeH9A
WZ9id82kU5CU1kqncYrwk95VS3xcZ+c2HKZ0XWbvKjfd6H9/XNwGqjIyL47esMsc
qn7ZLb3Re6suvYD8Yhtoq+qsG0LgrVt0IwAP6OE9ioma62zdr1cF/szFw1JNi986
T9zoRl2A8a71Ih6Vi1PTDPKzTHQaeeMlOfZFlyKOGO+6ZcpLtUSTSjhDyJXtaOH/
Id0Am9ZKa4cPximDY0wlbibPvY4mkgpqxaFrJJTQz/wVmnReqIxfxIEZLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFFz5aydObQkZ3s7h8LaLaFbG27WMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvVVhQbHJKMDV0Q1JuZXp1SHd0b3RvVnNiYnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYySAwQC
LZAcAwQALZZAAwQALZZDAwQAuer3MA0GCSqGSIb3DQEBCwUAA4IBAQCsqxhnitmD
AdO3pwwZTPRVOGV0NoNECjbdKQUBn99bkwZXY0cBE85/V1kJ4//oLgF6m63FXcWh
5uxppqLxkxxyjmQwQO8PzGq/tXslrSqqD3ABKBWnvAJAbmByLDPNVfq1JyaiuoHu
F30FY4B5p8uHQd8Aq78uL9I8jW1h5+yZrUrDXrByIm3hI9wFvxInw/ddsYnnLfr8
SZ8XBS5JTD7RhjiVQbB3QqHY8L2i7huR8q7uME7fb0fS8vEORLB1UIxjVPlX0V28
79lqNdnu3s/CakWVFvxWisiKzo0Wy64exGf+ZP/5U8RKwQcYAEuOxhz/BucC9A1J
KrV1bL1GFFxb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:11 2023 by rpki-client on console-ams.rpki-client.org