Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/U8VBa-ygPHf84WAnkxbbR784M6E.roa
File: U8VBa-ygPHf84WAnkxbbR784M6E.roa (raw, json)
Hash identifier: cpqIEbuKYVGYmpH20WStZGypYF++7pMocZyKAcqMY9w=
Subject key identifier: 53:C5:41:6B:EC:A0:3C:77:FC:E1:60:27:93:16:DB:47:BF:38:33:A1
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018BD34F648264ED18FEA225B7379C8C0FB0
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/U8VBa-ygPHf84WAnkxbbR784M6E.roa
Signing time: Wed 15 Nov 2023 14:07:57 +0000
ROA not before: Wed 15 Nov 2023 14:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 193.110.134.0/23 maxlen: 24
45.135.10.0/24 maxlen: 24
45.135.8.0/24 maxlen: 24
91.229.25.0/24 maxlen: 24
45.138.78.0/24 maxlen: 24
45.139.34.0/24 maxlen: 24
45.139.32.0/24 maxlen: 24
45.138.76.0/24 maxlen: 24
91.228.231.0/24 maxlen: 24
91.228.251.0/24 maxlen: 24
185.76.150.0/24 maxlen: 24
45.136.218.0/24 maxlen: 24
45.136.216.0/24 maxlen: 24
193.35.231.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:4f:64:82:64:ed:18:fe:a2:25:b7:37:9c:8c:0f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Nov 15 14:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53c5416beca03c77fce160279316db47bf3833a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6a:46:6c:60:5a:93:ed:80:3c:6b:bc:2f:6d:
92:ff:af:e5:ec:0e:5b:1a:e4:6d:ad:ff:36:d5:75:
1e:13:f1:4c:a6:a3:a6:94:cc:9d:cb:67:54:d2:d4:
5e:02:8c:fa:b5:c4:a6:56:7b:cd:ec:df:eb:9d:1a:
d9:25:7e:ba:c6:27:cd:63:f5:bf:6d:55:af:9d:f7:
8f:f5:9b:d3:75:1f:44:b3:10:22:0c:5c:61:57:7e:
a3:61:bb:98:ab:f2:cf:9b:50:d4:71:c0:32:0d:e0:
f9:78:d2:00:e4:88:fb:41:f5:60:50:db:b4:fd:03:
4e:32:c3:1b:19:ea:05:ca:8d:f7:e1:11:14:8d:7f:
47:dd:a4:bb:b3:fb:3e:c4:1e:67:8f:6f:36:35:b5:
2a:91:4e:2a:4d:06:f6:bd:13:42:27:d2:a1:47:b3:
83:d1:93:b8:82:96:8e:4d:d4:07:b7:7c:75:7a:be:
41:ea:b7:56:bb:a1:32:09:67:06:35:2d:4f:d2:85:
2e:2a:9c:f7:3d:6b:37:a7:84:15:e7:fb:91:27:80:
31:6d:21:53:75:00:79:f1:4d:c2:42:4b:d8:bd:41:
54:10:18:63:55:4f:eb:72:b3:6e:06:19:18:91:46:
1b:0c:f0:e8:69:60:47:4f:29:5b:30:30:a5:8c:2e:
ca:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C5:41:6B:EC:A0:3C:77:FC:E1:60:27:93:16:DB:47:BF:38:33:A1
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/U8VBa-ygPHf84WAnkxbbR784M6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.8.0/24
45.135.10.0/24
45.136.216.0/24
45.136.218.0/24
45.138.76.0/24
45.138.78.0/24
45.139.32.0/24
45.139.34.0/24
91.228.231.0/24
91.228.251.0/24
91.229.25.0/24
185.76.150.0/24
193.35.231.0/24
193.110.134.0/23
Signature Algorithm: sha256WithRSAEncryption
50:da:40:ac:90:ac:0b:60:0b:1d:1f:33:16:a7:c8:b1:7a:a6:
cd:f4:4b:89:17:c3:5f:1c:e2:b2:f0:b7:a7:59:ad:95:a0:83:
c1:6d:0d:d5:b6:4b:6e:e9:93:d6:19:fb:3c:e0:62:5b:da:52:
64:28:e8:a2:c4:b6:df:37:b6:6c:a4:ab:17:bf:1e:ee:4c:c2:
3a:08:7a:11:1f:de:84:b9:ea:c7:e6:65:52:c1:1d:99:d7:3e:
c6:34:51:55:49:57:77:58:7c:2c:12:09:ce:80:51:e3:f8:60:
63:0a:50:90:be:d7:68:8c:2a:96:e2:e9:9d:cf:9c:65:96:5c:
f0:51:79:5f:7e:e9:55:74:93:a3:e3:8c:45:d8:8f:ac:de:39:
f5:39:69:c0:cb:d3:77:ee:dd:c9:57:88:d3:48:7f:d7:35:a4:
f5:35:38:46:a6:62:a5:57:13:55:73:5d:b4:24:fc:2d:4e:c2:
4c:df:e0:ae:03:1f:cb:0f:52:b0:ad:06:c4:23:70:e2:12:67:
99:a9:5a:e5:ca:f9:9e:fb:e0:23:80:df:3b:82:8c:48:07:04:
87:f6:cc:d2:bc:8c:72:c1:09:a0:dd:30:3f:1a:ce:1c:4b:7f:
62:e0:d4:7b:cf:f7:1d:1e:f2:71:75:c0:ff:b9:94:f6:a6:ba:
89:b8:bf:39
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYvTT2SCZO0Y/qIltzecjA+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMTE1MTQwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2M1NDE2YmVjYTAzYzc3ZmNlMTYwMjc5MzE2ZGI0N2JmMzgzM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGpGbGBak+2APGu8L22S/6/l7A5b
GuRtrf821XUeE/FMpqOmlMydy2dU0tReAoz6tcSmVnvN7N/rnRrZJX66xifNY/W/
bVWvnfeP9ZvTdR9EsxAiDFxhV36jYbuYq/LPm1DUccAyDeD5eNIA5Ij7QfVgUNu0
/QNOMsMbGeoFyo334REUjX9H3aS7s/s+xB5nj282NbUqkU4qTQb2vRNCJ9KhR7OD
0ZO4gpaOTdQHt3x1er5B6rdWu6EyCWcGNS1P0oUuKpz3PWs3p4QV5/uRJ4AxbSFT
dQB58U3CQkvYvUFUEBhjVU/rcrNuBhkYkUYbDPDoaWBHTylbMDCljC7KFQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFPFQWvsoDx3/OFgJ5MW20e/ODOhMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvVThWQmEteWdQSGY4NFdBbmt4YmJSNzg0TTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALYcIAwQA
LYcKAwQALYjYAwQALYjaAwQALYpMAwQALYpOAwQALYsgAwQALYsiAwQAW+TnAwQA
W+T7AwQAW+UZAwQAuUyWAwQAwSPnAwQBwW6GMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
2kCskKwLYAsdHzMWp8ixeqbN9EuJF8NfHOKy8LenWa2VoIPBbQ3Vtktu6ZPWGfs8
4GJb2lJkKOiixLbfN7ZspKsXvx7uTMI6CHoRH96EuerH5mVSwR2Z1z7GNFFVSVd3
WHwsEgnOgFHj+GBjClCQvtdojCqW4umdz5xlllzwUXlffulVdJOj44xF2I+s3jn1
OWnAy9N37t3JV4jTSH/XNaT1NThGpmKlVxNVc120JPwtTsJM3+CuAx/LD1KwrQbE
I3DiEmeZqVrlyvme++AjgN87goxIBwSH9szSvIxywQmg3TA/Gs4cS39i4NR7z/cd
HvJxdcD/uZT2prqJuL85
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:00 2024 by rpki-client on console-fra.rpki-client.org