Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uakT6kpZVdaVh4DdDM-vPSODiE8.roa
File: uakT6kpZVdaVh4DdDM-vPSODiE8.roa (raw, json)
Hash identifier: fCfeO/CD7mkZN8fFH/ZuYCooyElm8n47nvUZhirX5IE=
Subject key identifier: B9:A9:13:EA:4A:59:55:D6:95:87:80:DD:0C:CF:AF:3D:23:83:88:4F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018F77B4753A0744BA3AA2F87C83C8C2120F
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uakT6kpZVdaVh4DdDM-vPSODiE8.roa
Signing time: Tue 14 May 2024 15:24:26 +0000
ROA not before: Tue 14 May 2024 15:24:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2.56.0.0/22 maxlen: 22
5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/21 maxlen: 21
45.143.44.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
193.46.204.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 31 May 2024 18:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:b4:75:3a:07:44:ba:3a:a2:f8:7c:83:c8:c2:12:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 14 15:24:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9a913ea4a5955d6958780dd0ccfaf3d2383884f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:75:fa:d1:dd:fa:f6:26:60:bf:8f:c3:4e:7e:
e7:38:6f:14:68:ac:34:39:43:f8:09:fc:ca:66:bf:
0a:86:f2:b2:34:91:65:83:a0:84:68:02:da:5a:f2:
03:70:05:78:a0:43:b3:b7:34:51:8a:d9:34:6b:62:
7f:c8:78:de:93:6c:c9:c8:11:0c:8a:4c:57:7b:65:
37:ce:ef:80:c8:db:3d:fa:fa:6a:d0:97:46:a1:f5:
ee:ab:da:a5:98:04:a2:f7:bf:de:c3:8d:0e:27:70:
c1:8e:7d:5b:ac:cd:04:7b:f3:f8:27:11:da:5e:23:
62:a0:76:97:8e:c0:d4:6b:1e:36:8f:10:2f:47:08:
39:b5:cb:bd:fb:45:9a:05:e3:76:8d:69:69:3c:e1:
ab:4c:0b:11:b3:7e:22:da:30:7b:b4:51:4b:c8:6c:
20:7f:a6:13:74:97:e1:64:64:9a:e4:8a:6d:0a:a3:
71:82:76:70:de:95:c4:45:06:7a:b9:3e:5c:b4:f5:
7c:bb:a9:90:08:ea:94:17:23:68:dd:18:78:59:50:
8e:69:ea:cd:12:b0:4d:44:2d:e0:a1:a1:93:0b:a2:
ed:8f:51:1f:7b:24:e7:c7:da:8c:45:d1:e9:89:21:
e0:0c:1b:8b:d1:4c:9c:8c:ac:f5:dc:cb:6c:a0:1a:
10:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A9:13:EA:4A:59:55:D6:95:87:80:DD:0C:CF:AF:3D:23:83:88:4F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uakT6kpZVdaVh4DdDM-vPSODiE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
45.86.16.0/21
45.143.44.0/22
45.151.196.0/22
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
193.46.204.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
19:ac:ee:ba:1e:46:32:3f:20:52:a7:b9:81:de:8d:8a:2f:f1:
d5:b6:d7:a2:26:1a:70:75:cf:b9:01:45:54:f9:b2:3f:ae:8e:
9b:05:42:aa:67:4f:3b:f2:ec:1b:99:2b:f9:6e:ea:12:c5:4e:
6c:50:10:8e:6f:a5:fe:20:9f:09:f7:87:80:6c:19:42:8a:1f:
f6:9a:e9:4a:79:84:32:1f:57:94:ff:92:70:e6:4a:57:22:e0:
81:fc:3d:6d:47:69:84:43:85:8a:5f:b8:dd:67:67:c0:0c:6c:
56:07:80:b6:5b:1e:a1:54:86:93:41:d4:0f:0b:02:cc:c2:cd:
b9:0c:77:9e:6b:14:14:25:6e:21:77:8a:a9:67:a5:83:85:ef:
43:44:4c:3d:d1:9d:88:6e:2b:43:e5:03:6a:56:68:e1:f4:2c:
6d:28:c8:58:26:6b:35:2d:58:84:37:f0:99:c1:9a:00:75:ee:
f5:72:fd:40:ec:65:c5:64:35:63:b0:d2:0e:b7:c6:50:f0:d6:
0e:d4:2c:7b:45:de:ea:6f:0e:31:a8:18:c3:ec:ca:72:19:2b:
8b:5e:4d:52:63:8c:85:c2:91:52:57:7a:95:5c:90:5b:aa:cf:
cc:31:d2:8d:1c:d4:87:7c:24:bf:68:b7:c0:60:00:b2:b6:27:
a7:86:8d:5e
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAY93tHU6B0S6OqL4fIPIwhIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNTE0MTUyNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWE5MTNlYTRhNTk1NWQ2OTU4NzgwZGQwY2NmYWYzZDIzODM4ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HX60d369iZgv4/DTn7nOG8UaKw0
OUP4CfzKZr8KhvKyNJFlg6CEaALaWvIDcAV4oEOztzRRitk0a2J/yHjek2zJyBEM
ikxXe2U3zu+AyNs9+vpq0JdGofXuq9qlmASi97/ew40OJ3DBjn1brM0Ee/P4JxHa
XiNioHaXjsDUax42jxAvRwg5tcu9+0WaBeN2jWlpPOGrTAsRs34i2jB7tFFLyGwg
f6YTdJfhZGSa5IptCqNxgnZw3pXERQZ6uT5ctPV8u6mQCOqUFyNo3Rh4WVCOaerN
ErBNRC3goaGTC6Ltj1EfeyTnx9qMRdHpiSHgDBuL0UycjKz13MtsoBoQ8wIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFLmpE+pKWVXWlYeA3QzPrz0jg4hPMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdWFrVDZrcFpWZGFWaDREZERNLXZQU09EaUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQC
AjgAAwQCBbQEAwQCBbYcAwQALUN1AwQDLVYQAwQCLY8sAwQCLZfEAwQAVZ91AwQA
WSfyAwQAWSihAwQAW+87AwQAW/JGAwQCW/JIAwQBW/JeAwQAW/JnAwQAW/JpMAwD
BABb8nsDBAdb8gADBABe58YDBACwft8DBAKyr7ADBAC5KGkDBAC5rfQDBAC5rfcD
BAC5tJEDBADBLswDBAHCMsgDBAHCMs4wDAMEAMOKZwMEAMOKbDAMAwQAw4pvAwQA
w4pwAwQAw4pyAwQAw4p0AwQAw4p2AwQAw4p4MAwDBAHDinoDBAfDigAwDQYJKoZI
hvcNAQELBQADggEBABms7roeRjI/IFKnuYHejYov8dW216ImGnB1z7kBRVT5sj+u
jpsFQqpnTzvy7BuZK/lu6hLFTmxQEI5vpf4gnwn3h4BsGUKKH/aa6Up5hDIfV5T/
knDmSlci4IH8PW1HaYRDhYpfuN1nZ8AMbFYHgLZbHqFUhpNB1A8LAszCzbkMd55r
FBQlbiF3iqlnpYOF70NETD3RnYhuK0PlA2pWaOH0LG0oyFgmazUtWIQ38JnBmgB1
7vVy/UDsZcVkNWOw0g63xlDw1g7ULHtF3upvDjGoGMPsynIZK4teTVJjjIXCkVJX
epVckFuqz8wx0o0c1Id8JL9ot8BgALK2J6eGjV4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org