Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/RUGnZrRdyUbZGCDFr5EsRdWnn1U.roa
File: RUGnZrRdyUbZGCDFr5EsRdWnn1U.roa (raw, json)
Hash identifier: p+DMkGRK9zZdMSy/U+AtqPqvyUq/u+lQifhM63EjSQU=
Subject key identifier: 45:41:A7:66:B4:5D:C9:46:D9:18:20:C5:AF:91:2C:45:D5:A7:9F:55
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 0189FD5134404AC6BB8C541C99DAB76229B6
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/RUGnZrRdyUbZGCDFr5EsRdWnn1U.roa
Signing time: Wed 16 Aug 2023 07:48:24 +0000
ROA not before: Wed 16 Aug 2023 07:48:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203501
IP address blocks: 45.91.44.0/22 maxlen: 24
45.91.45.0/24 maxlen: 24
194.113.27.0/24 maxlen: 24
194.113.26.0/24 maxlen: 24
194.113.26.0/23 maxlen: 23
89.37.88.0/22 maxlen: 24
45.86.116.0/22 maxlen: 24
45.87.199.0/24 maxlen: 24
45.87.198.0/24 maxlen: 24
45.87.197.0/24 maxlen: 24
45.87.196.0/24 maxlen: 24
2a02:7040:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:51:34:40:4a:c6:bb:8c:54:1c:99:da:b7:62:29:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: Aug 16 07:48:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4541a766b45dc946d91820c5af912c45d5a79f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:37:d2:ac:b7:5a:02:bf:28:34:91:6d:b2:e5:
82:1e:34:86:61:11:3d:d3:03:e5:20:08:8e:e5:5d:
bb:c3:81:d6:f9:ae:48:74:0f:73:7a:e0:8d:8b:92:
04:f3:6c:6d:48:4a:97:8f:a6:01:dd:78:8c:98:96:
6a:bc:b8:73:3d:0f:29:ec:2e:e9:08:c7:85:77:20:
a9:44:09:fa:ec:61:cc:e3:ba:7b:a2:71:60:c2:4e:
9e:af:1a:24:c1:95:82:32:a1:16:f3:30:34:bb:3c:
e3:d3:27:cb:49:ee:0f:13:11:6a:f2:55:af:3b:8e:
1a:f7:82:eb:c8:2c:19:c4:79:59:16:c3:5b:0f:fd:
d2:49:65:5c:13:40:20:91:82:e2:16:f6:aa:a3:17:
a1:8c:57:b8:21:ca:03:11:e8:df:08:ff:26:61:4b:
bb:8b:0f:9e:25:a6:60:00:9c:56:ec:57:18:fb:08:
10:3b:23:da:e0:9f:e6:36:43:e6:9f:1e:36:e0:5e:
4a:99:47:7b:41:35:20:cf:34:3b:52:7e:b5:61:38:
4f:a8:09:43:bf:1e:b6:54:21:4a:5e:97:c5:a1:af:
89:3d:57:2c:83:53:44:ea:72:01:e3:70:fc:63:f0:
b0:ab:69:6a:09:ad:1f:ea:88:b4:9c:6b:e5:9c:d7:
ce:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:41:A7:66:B4:5D:C9:46:D9:18:20:C5:AF:91:2C:45:D5:A7:9F:55
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/RUGnZrRdyUbZGCDFr5EsRdWnn1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.116.0/22
45.87.196.0/22
45.91.44.0/22
89.37.88.0/22
194.113.26.0/23
IPv6:
2a02:7040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
92:43:69:76:7c:48:74:06:c4:84:4b:03:4a:d5:ca:b0:89:0e:
f0:7e:87:7a:c1:6a:cb:07:b2:b6:b4:46:3b:62:bf:c5:dc:52:
46:d4:7e:a9:cf:eb:93:8a:b2:52:45:ad:78:91:3b:ac:69:56:
ce:72:71:98:c5:8e:1f:b6:fd:1c:b8:bb:09:8c:9f:89:43:2d:
bc:8c:be:a6:42:bc:82:de:e5:af:98:e1:3c:dd:65:ab:f2:d0:
d2:c3:3a:37:6e:7d:29:c9:88:9a:38:3e:f8:3b:7b:65:21:af:
24:45:44:9c:58:02:4a:67:74:bb:54:53:5b:09:63:99:c7:5b:
2b:b1:c2:e0:c2:d7:fb:f2:54:e2:c2:31:97:a5:93:b3:ff:ed:
9b:0c:22:b5:00:2e:39:d7:26:2c:77:e7:3a:7b:a8:04:1f:c7:
ae:7f:7c:8b:98:51:5c:8c:45:bf:4c:ee:83:66:4d:2b:74:83:
2b:e4:08:24:0e:3e:32:b5:68:02:77:fa:e8:bb:89:83:4d:01:
db:bf:f3:a2:1d:18:eb:16:27:1e:a5:40:6a:a2:6d:29:88:5d:
61:c1:f0:05:b4:b4:87:2e:1d:c1:16:63:b5:26:cf:b6:6c:25:
3d:05:3c:af:b8:a5:c0:43:19:6e:4a:e0:bb:a0:82:46:9b:1e:
cb:96:a2:74
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYn9UTRASsa7jFQcmdq3Yim2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2Y4MWE2ZTc4MmUyMTExODljNGYzNGU0NTliNDIyNmM3
NWY0YTYwHhcNMjMwODE2MDc0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQxYTc2NmI0NWRjOTQ2ZDkxODIwYzVhZjkxMmM0NWQ1YTc5ZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTfSrLdaAr8oNJFtsuWCHjSGYRE9
0wPlIAiO5V27w4HW+a5IdA9zeuCNi5IE82xtSEqXj6YB3XiMmJZqvLhzPQ8p7C7p
CMeFdyCpRAn67GHM47p7onFgwk6erxokwZWCMqEW8zA0uzzj0yfLSe4PExFq8lWv
O44a94LryCwZxHlZFsNbD/3SSWVcE0AgkYLiFvaqoxehjFe4IcoDEejfCP8mYUu7
iw+eJaZgAJxW7FcY+wgQOyPa4J/mNkPmnx424F5KmUd7QTUgzzQ7Un61YThPqAlD
vx62VCFKXpfFoa+JPVcsg1NE6nIB43D8Y/Cwq2lqCa0f6oi0nGvlnNfOYwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEVBp2a0XclG2Rggxa+RLEXVp59VMB8GA1UdIwQY
MBaAFIt/gabnguIRGJxPNORZtCJsdfSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUt
ZjJmNDI2ZWZlMDM5LzEvUlVHblpyUmR5VWJaR0NERnI1RXNSZFdubjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUtZjJmNDI2ZWZlMDM5
LzEvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCLVZ0AwQC
LVfEAwQCLVssAwQCWSVYAwQBwnEaMA4EAgACMAgDBgAqAnBA/zANBgkqhkiG9w0B
AQsFAAOCAQEAkkNpdnxIdAbEhEsDStXKsIkO8H6HesFqyweytrRGO2K/xdxSRtR+
qc/rk4qyUkWteJE7rGlWznJxmMWOH7b9HLi7CYyfiUMtvIy+pkK8gt7lr5jhPN1l
q/LQ0sM6N259KcmImjg++Dt7ZSGvJEVEnFgCSmd0u1RTWwljmcdbK7HC4MLX+/JU
4sIxl6WTs//tmwwitQAuOdcmLHfnOnuoBB/Hrn98i5hRXIxFv0zug2ZNK3SDK+QI
JA4+MrVoAnf66LuJg00B27/zoh0Y6xYnHqVAaqJtKYhdYcHwBbS0hy4dwRZjtSbP
tmwlPQU8r7ilwEMZbkrgu6CCRpsey5aidA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:51 2024 by rpki-client on console-fra.rpki-client.org