Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/UgpLHn5lXmglRaieaEMkVOzARR0.roa
File: UgpLHn5lXmglRaieaEMkVOzARR0.roa (raw, json)
Hash identifier: 6ZtJox0WKtTB4sIKAcdbEtCkZx7De0JYibKf9dyM4vI=
Subject key identifier: 52:0A:4B:1E:7E:65:5E:68:25:45:A8:9E:68:43:24:54:EC:C0:45:1D
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018F5D1A51417151C04C9C8097A3EC611661
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/UgpLHn5lXmglRaieaEMkVOzARR0.roa
Signing time: Thu 09 May 2024 11:25:56 +0000
ROA not before: Thu 09 May 2024 11:25:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.151.196.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 10 May 2024 10:56:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:1a:51:41:71:51:c0:4c:9c:80:97:a3:ec:61:16:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 9 11:25:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=520a4b1e7e655e682545a89e68432454ecc0451d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:f7:5a:af:a2:bc:03:76:58:1c:11:0a:0c:
1e:da:83:51:5b:99:30:90:41:0b:24:6a:ba:d4:41:
c5:fd:8c:d2:ed:29:c8:17:9c:fe:fa:a7:a8:19:b9:
53:ea:df:3c:b1:85:5c:54:ed:d8:2a:eb:de:e6:a3:
d6:95:62:34:81:fe:2d:f7:d6:fb:c7:4b:66:86:53:
16:6f:a5:4f:c5:c9:df:cd:1b:a2:c3:c5:23:62:0f:
a8:19:64:ee:a9:50:2b:71:30:f8:7c:6d:bf:84:ca:
f9:f7:5d:8d:f8:56:94:d5:d9:93:4d:01:2c:e0:aa:
94:92:46:c7:34:bb:fe:9f:6b:76:3b:5a:17:81:f8:
74:3d:01:11:06:7d:e9:e0:fc:71:26:d8:a0:31:5d:
d2:22:e7:5c:0e:93:a9:6b:62:7a:31:91:b3:48:8c:
31:63:59:50:8e:aa:f7:4b:7c:ca:e7:0d:0b:cb:55:
d8:b6:bd:cf:1c:7a:99:57:bf:3e:b4:a7:28:58:e1:
81:f7:d0:6d:29:76:58:fc:cd:d6:9c:76:4e:28:e4:
e4:fd:80:c0:d0:70:d0:ac:4a:99:d2:f7:1a:b5:ce:
b8:4d:85:f8:b1:23:44:6f:70:d0:5a:c0:f5:ae:27:
6d:e3:62:1c:17:d1:e4:44:71:7a:20:cd:02:aa:e4:
5d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0A:4B:1E:7E:65:5E:68:25:45:A8:9E:68:43:24:54:EC:C0:45:1D
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/UgpLHn5lXmglRaieaEMkVOzARR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
45.151.196.0/22
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
27:7e:37:0c:74:96:05:38:78:97:a3:f8:0a:2d:d2:0e:ba:90:
87:11:70:5a:2d:b8:7f:9a:b9:a6:63:f0:b4:8b:49:64:d4:6e:
20:c4:2e:91:97:89:40:7e:5f:f5:20:c3:cf:19:10:58:51:71:
f3:6c:21:89:94:35:22:69:de:24:a1:57:93:4e:0c:4d:fb:d8:
3a:dc:e7:95:ac:83:7e:d5:c5:80:11:59:30:1f:22:20:18:34:
06:c6:e1:14:db:67:ac:1d:60:fb:fb:ff:c9:e6:62:cb:3f:71:
7f:c6:87:0c:bf:e8:08:dc:c8:21:95:fb:58:60:3c:1f:b7:64:
02:04:0c:5b:22:18:f8:e5:1b:c8:7b:aa:0b:5f:88:c6:db:45:
51:7b:ef:e8:2f:bd:44:fe:cc:e2:c7:73:b1:83:6a:01:42:1f:
d9:b5:bd:bf:96:ed:bc:ec:e1:08:4f:2d:0d:aa:f4:74:32:7b:
4a:20:1e:e7:d4:76:73:74:eb:67:c8:d5:33:9b:75:11:04:dc:
1a:ff:71:41:e2:b3:2b:cc:de:47:cb:3f:d3:ca:bb:ba:1a:4a:
48:02:93:60:bf:ea:cc:36:01:e7:32:81:fb:cc:98:a2:d0:be:
3d:13:46:96:cd:69:ae:e5:66:cb:e4:d2:11:0d:0c:7d:dd:00:
ec:34:af:8b
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAY9dGlFBcVHATJyAl6PsYRZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNTA5MTEyNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjBhNGIxZTdlNjU1ZTY4MjU0NWE4OWU2ODQzMjQ1NGVjYzA0NTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF33Wq+ivAN2WBwRCgwe2oNRW5kw
kEELJGq61EHF/YzS7SnIF5z++qeoGblT6t88sYVcVO3YKuve5qPWlWI0gf4t99b7
x0tmhlMWb6VPxcnfzRuiw8UjYg+oGWTuqVArcTD4fG2/hMr5912N+FaU1dmTTQEs
4KqUkkbHNLv+n2t2O1oXgfh0PQERBn3p4PxxJtigMV3SIudcDpOpa2J6MZGzSIwx
Y1lQjqr3S3zK5w0Ly1XYtr3PHHqZV78+tKcoWOGB99BtKXZY/M3WnHZOKOTk/YDA
0HDQrEqZ0vcatc64TYX4sSNEb3DQWsD1ridt42IcF9HkRHF6IM0CquRdGQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFFIKSx5+ZV5oJUWonmhDJFTswEUdMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvVWdwTEhuNWxYbWdsUmFpZWFFTWtWT3pBUlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAIF
tAQDBAIFthwDBAAtQ3UDBAItl8QDBABVn3UDBABZJ/IDBABZKKEDBABb7zsDBABb
8kYDBAJb8kgDBAFb8l4DBABb8mcDBABb8mkwDAMEAFvyewMEB1vyAAMEAF7nxgME
ALB+3wMEALkoaQMEALmt9AMEALmt9wMEALm0kQMEAcIyyAMEAcIyzjAMAwQAw4pn
AwQAw4psMAwDBADDim8DBADDinADBADDinIDBADDinQDBADDinYDBADDingwDAME
AcOKegMEB8OKADANBgkqhkiG9w0BAQsFAAOCAQEAJ343DHSWBTh4l6P4Ci3SDrqQ
hxFwWi24f5q5pmPwtItJZNRuIMQukZeJQH5f9SDDzxkQWFFx82whiZQ1ImneJKFX
k04MTfvYOtznlayDftXFgBFZMB8iIBg0BsbhFNtnrB1g+/v/yeZiyz9xf8aHDL/o
CNzIIZX7WGA8H7dkAgQMWyIY+OUbyHuqC1+IxttFUXvv6C+9RP7M4sdzsYNqAUIf
2bW9v5btvOzhCE8tDar0dDJ7SiAe59R2c3TrZ8jVM5t1EQTcGv9xQeKzK8zeR8s/
08q7uhpKSAKTYL/qzDYB5zKB+8yYotC+PRNGls1pruVmy+TSEQ0Mfd0A7DSviw==
-----END CERTIFICATE-----
Generated at Fri May 10 15:37:41 2024 by rpki-client on console-ams.rpki-client.org