Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/ULMEuBpUzURn2ezVo7cft0yFRtQ.roa
File: ULMEuBpUzURn2ezVo7cft0yFRtQ.roa (raw, json)
Hash identifier: nuNlq8j7QxqDkHl3tZ4KaRkFbCEQwIekRJAn8C5bES4=
Subject key identifier: 50:B3:04:B8:1A:54:CD:44:67:D9:EC:D5:A3:B7:1F:B7:4C:85:46:D4
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 018CC86F40028CB7521CF0593F0F080DAF05
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/ULMEuBpUzURn2ezVo7cft0yFRtQ.roa
Signing time: Tue 02 Jan 2024 04:29:43 +0000
ROA not before: Tue 02 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16839
IP address blocks: 165.171.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.48.0/20 maxlen: 20
148.139.64.0/20 maxlen: 20
148.139.80.0/20 maxlen: 20
37.98.233.0/24 maxlen: 24
37.98.232.0/21 maxlen: 21
37.98.232.0/24 maxlen: 24
37.98.232.0/22 maxlen: 22
37.98.232.0/23 maxlen: 23
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 22
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.234.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.239.0/24 maxlen: 24
148.139.4.0/22 maxlen: 22
148.139.1.0/24 maxlen: 24
148.139.0.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.0.0/16 maxlen: 16
148.139.8.0/22 maxlen: 22
148.139.12.0/22 maxlen: 22
148.139.16.0/22 maxlen: 22
148.139.29.0/24 maxlen: 24
148.139.28.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 20
148.139.96.0/22 maxlen: 22
148.139.105.0/24 maxlen: 24
148.139.104.0/24 maxlen: 24
148.139.100.0/22 maxlen: 22
148.139.108.0/22 maxlen: 22
148.139.112.0/22 maxlen: 22
148.139.116.0/22 maxlen: 22
148.139.125.0/24 maxlen: 24
148.139.124.0/24 maxlen: 24
148.139.120.0/22 maxlen: 22
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0::/29 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jan 2024 16:52:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:40:02:8c:b7:52:1c:f0:59:3f:0f:08:0d:af:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50b304b81a54cd4467d9ecd5a3b71fb74c8546d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:03:65:c8:b8:97:4b:de:3f:24:de:3d:99:17:
bc:be:be:d6:11:cc:74:24:fd:ce:4d:24:e8:02:14:
4d:23:5c:7a:fd:b9:4a:2a:53:62:7d:c0:f3:3c:dc:
6e:3c:53:0d:80:0a:f2:9f:dc:0a:4a:52:25:ff:36:
0b:4e:b5:44:2c:18:a1:c1:9b:63:d2:85:6f:81:cc:
95:ee:b5:b5:d5:70:fb:d4:3a:ab:61:b2:c2:28:60:
f8:a0:95:09:47:18:34:7a:fb:20:4b:82:c2:79:5d:
89:3b:1f:7a:c6:df:b4:79:fe:1a:e6:27:ec:62:ed:
cb:14:2c:af:9c:b3:73:9f:1c:f2:f9:a1:02:1a:65:
29:6c:6d:3a:6b:5a:f8:67:fd:65:67:9a:eb:50:31:
fc:b7:f5:3a:b0:76:66:e6:d7:bd:ea:67:a1:17:1f:
ae:9c:a3:3c:b9:91:57:55:ad:46:c8:36:30:5c:98:
d4:86:a0:77:82:63:30:da:8d:1d:14:c2:d3:2f:5f:
bf:fb:1b:b0:c3:7b:01:0c:b9:d4:ea:2e:8e:84:ec:
94:38:67:34:ad:cd:7c:0e:27:5a:22:ee:26:11:bc:
5d:ef:a9:61:60:64:f0:18:6c:56:4b:8b:8d:53:31:
6c:17:8d:c2:50:46:ef:71:d3:e2:07:f5:13:fb:53:
b7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B3:04:B8:1A:54:CD:44:67:D9:EC:D5:A3:B7:1F:B7:4C:85:46:D4
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/ULMEuBpUzURn2ezVo7cft0yFRtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:be:51:48:d9:86:df:4d:aa:46:21:e6:2d:93:88:55:a9:5a:
6d:e5:2c:8f:f8:2d:11:7c:52:4d:d3:a9:46:95:4c:66:14:01:
15:06:28:d8:2a:4a:14:62:06:55:d5:c9:f7:48:d6:09:31:7f:
9f:b7:75:ad:f9:be:61:26:95:28:15:06:3b:df:d7:5d:76:d5:
06:bb:ee:30:70:fa:9c:89:9b:dc:fd:55:58:31:4e:90:96:74:
e7:8b:75:b5:de:31:fe:80:02:6c:0e:ef:3f:72:da:78:b2:08:
3b:79:74:3b:69:df:a9:5c:ca:88:5a:fb:64:54:df:06:c2:16:
e1:86:f7:87:1a:c4:b7:a5:5d:cf:bd:cb:e4:7b:97:30:2f:db:
b9:24:aa:68:1c:ad:68:14:9a:f5:18:3e:06:64:65:97:0f:7e:
3b:ff:2e:1d:ea:fa:fd:07:b2:b5:f5:fc:08:f0:93:7e:d0:62:
ae:85:db:55:44:bd:9d:e8:10:50:8e:84:66:32:0a:9c:05:9a:
47:73:4a:53:4c:91:4d:8d:6d:71:ab:38:78:d9:62:e7:99:6f:
49:ea:47:7e:ec:91:e1:66:93:43:ed:a5:44:0d:5d:ae:6e:f3:
ad:ad:f3:74:b4:f1:42:e2:86:a0:c6:4a:a2:7b:ba:e9:e0:7d:
5d:85:bc:5f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzIb0ACjLdSHPBZPw8IDa8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGIzMDRiODFhNTRjZDQ0NjdkOWVjZDVhM2I3MWZiNzRjODU0NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQNlyLiXS94/JN49mRe8vr7WEcx0
JP3OTSToAhRNI1x6/blKKlNifcDzPNxuPFMNgAryn9wKSlIl/zYLTrVELBihwZtj
0oVvgcyV7rW11XD71DqrYbLCKGD4oJUJRxg0evsgS4LCeV2JOx96xt+0ef4a5ifs
Yu3LFCyvnLNznxzy+aECGmUpbG06a1r4Z/1lZ5rrUDH8t/U6sHZm5te96mehFx+u
nKM8uZFXVa1GyDYwXJjUhqB3gmMw2o0dFMLTL1+/+xuww3sBDLnU6i6OhOyUOGc0
rc18DidaIu4mEbxd76lhYGTwGGxWS4uNUzFsF43CUEbvcdPiB/UT+1O36QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFCzBLgaVM1EZ9ns1aO3H7dMhUbUMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvVUxNRXVCcFV6VVJuMmV6Vm83Y2Z0MHlGUnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAejeIADBAelqwAwDQQCAAIwBwMFAyoEN8AwDQYJKoZI
hvcNAQELBQADggEBAC2+UUjZht9NqkYh5i2TiFWpWm3lLI/4LRF8Uk3TqUaVTGYU
ARUGKNgqShRiBlXVyfdI1gkxf5+3da35vmEmlSgVBjvf11121Qa77jBw+pyJm9z9
VVgxTpCWdOeLdbXeMf6AAmwO7z9y2niyCDt5dDtp36lcyoha+2RU3wbCFuGG94ca
xLelXc+9y+R7lzAv27kkqmgcrWgUmvUYPgZkZZcPfjv/Lh3q+v0HsrX1/Ajwk37Q
Yq6F21VEvZ3oEFCOhGYyCpwFmkdzSlNMkU2NbXGrOHjZYueZb0nqR37skeFmk0Pt
pUQNXa5u862t83S08ULihqDGSqJ7uungfV2FvF8=
-----END CERTIFICATE-----
Generated at Wed Jan 31 20:32:42 2024 by rpki-client on console-ams.rpki-client.org