Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/uy0HctAa94olaxGgr0k9L7irWTk.roa
File: uy0HctAa94olaxGgr0k9L7irWTk.roa (raw, json)
Hash identifier: /JwtAem94u7Cxt1dmqx605GFrvwNWjJIFE/p51zwhkQ=
Subject key identifier: BB:2D:07:72:D0:1A:F7:8A:25:6B:11:A0:AF:49:3D:2F:B8:AB:59:39
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 01856BE584AA31D101229D705C9C3FB37E0A
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/uy0HctAa94olaxGgr0k9L7irWTk.roa
Signing time: Sun 01 Jan 2023 05:54:41 +0000
ROA not before: Sun 01 Jan 2023 05:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
46.229.230.0/24 maxlen: 24
81.89.48.0/20 maxlen: 20
86.110.224.0/19 maxlen: 19
176.109.56.0/21 maxlen: 21
86.110.229.0/24 maxlen: 24
92.240.230.0/24 maxlen: 24
92.240.229.0/24 maxlen: 24
92.240.228.0/24 maxlen: 24
92.240.231.0/24 maxlen: 24
92.240.234.0/24 maxlen: 24
92.240.237.0/24 maxlen: 24
92.240.236.0/24 maxlen: 24
92.240.235.0/24 maxlen: 24
92.240.241.0/24 maxlen: 24
92.240.244.0/24 maxlen: 24
92.240.242.0/24 maxlen: 24
92.240.245.0/24 maxlen: 24
92.240.253.0/24 maxlen: 24
92.240.249.0/24 maxlen: 24
92.240.254.0/24 maxlen: 24
217.73.16.0/24 maxlen: 24
217.73.16.0/20 maxlen: 20
217.73.17.0/24 maxlen: 24
93.184.64.0/20 maxlen: 20
46.229.224.0/20 maxlen: 20
109.74.144.0/20 maxlen: 20
2a01:390::/32 maxlen: 32
2a00:10d8::/32 maxlen: 32
2a00:10d8:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Jan 2023 09:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:84:aa:31:d1:01:22:9d:70:5c:9c:3f:b3:7e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Jan 1 05:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb2d0772d01af78a256b11a0af493d2fb8ab5939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ca:ae:d3:78:05:ae:9c:e6:b4:ef:f9:d3:21:
5d:20:ea:68:2b:b2:af:37:eb:87:b8:69:fc:5b:cf:
0c:b8:bc:34:62:09:3f:8f:30:76:f8:ef:4f:cd:67:
77:60:0a:bc:82:b3:aa:30:c5:4d:73:10:34:36:de:
4f:3d:d7:6b:c8:60:19:ab:a6:a5:ee:1d:2d:20:11:
8c:e9:ab:63:22:98:bc:f2:15:63:29:58:f0:e7:c0:
7a:d2:7d:f2:d1:7c:3f:4a:81:3e:2b:2d:2d:34:01:
6c:12:ba:92:a9:4b:b0:be:4f:07:12:ca:67:0b:26:
f6:c7:05:cd:de:ef:df:3f:c0:11:73:5a:c9:86:32:
7a:8b:66:44:d3:29:ee:ef:40:a3:72:3b:bf:7a:0f:
48:e3:5d:aa:6a:c1:2f:58:0b:b4:84:bd:fe:a2:d2:
d6:e9:39:56:17:d2:a7:b3:66:50:92:fd:c7:69:0d:
97:89:ee:0e:25:b8:88:95:3c:4e:d7:71:84:a7:33:
37:84:9d:0e:ce:e4:b3:b6:34:70:8e:46:a5:cb:ca:
d6:f1:b7:0e:de:6c:f3:2e:fe:de:c3:a8:05:bf:cb:
be:87:95:4c:e5:8b:78:f6:21:0a:8b:4b:9d:4b:79:
d1:e9:4a:08:97:3e:8a:4e:12:11:eb:03:27:50:f1:
98:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2D:07:72:D0:1A:F7:8A:25:6B:11:A0:AF:49:3D:2F:B8:AB:59:39
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/uy0HctAa94olaxGgr0k9L7irWTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
81.89.48.0/20
86.110.224.0/19
92.240.228.0/22
92.240.234.0-92.240.237.255
92.240.241.0-92.240.242.255
92.240.244.0/23
92.240.249.0/24
92.240.253.0-92.240.254.255
93.184.64.0/20
109.74.144.0/20
176.109.56.0/21
185.176.72.0/22
217.73.16.0/20
IPv6:
2a00:10d8::/32
2a01:390::/32
Signature Algorithm: sha256WithRSAEncryption
20:a9:e3:c2:f6:07:af:0f:94:77:f0:d5:b9:50:19:74:3a:a6:
a9:e9:dc:cf:1e:11:11:8e:67:91:fb:ee:71:43:fc:28:f4:cb:
ba:89:4c:ce:92:1d:98:38:26:b9:af:72:b0:84:5c:70:ff:ae:
1f:66:7e:d1:6f:be:af:b7:9a:48:4d:81:c2:84:44:f5:4b:0d:
20:17:3f:c9:b1:14:52:eb:cf:99:1b:80:ed:44:b7:18:76:ee:
b4:74:5f:55:8f:13:35:69:bf:70:05:59:a6:48:b3:da:b6:bb:
7f:fe:12:86:d5:6a:03:01:32:75:49:db:84:6c:f7:ed:bf:0f:
e9:a5:79:d7:cd:ea:2f:37:fb:3c:bf:51:c1:e4:9d:ff:c5:99:
70:60:f9:8b:82:16:0d:6d:30:2c:41:3e:ee:00:9c:59:38:56:
20:9e:a4:f0:d7:86:7c:79:ab:50:52:9f:0a:fb:11:54:c6:84:
47:d6:d2:e2:82:26:cc:52:0c:da:94:97:1f:b3:41:94:ee:82:
80:03:32:17:ff:79:bc:5b:91:c4:bb:1c:58:9c:1a:f5:22:54:
37:26:ca:ad:5e:d9:ed:e1:2e:ac:8f:2f:93:cd:be:83:5a:f3:
8b:8e:e6:ed:74:d3:67:28:ef:da:8e:96:af:92:4b:54:69:e8:
f8:28:ec:06
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYVr5YSqMdEBIp1wXJw/s34KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjMwMTAxMDU1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJkMDc3MmQwMWFmNzhhMjU2YjExYTBhZjQ5M2QyZmI4YWI1OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMqu03gFrpzmtO/50yFdIOpoK7Kv
N+uHuGn8W88MuLw0Ygk/jzB2+O9PzWd3YAq8grOqMMVNcxA0Nt5PPddryGAZq6al
7h0tIBGM6atjIpi88hVjKVjw58B60n3y0Xw/SoE+Ky0tNAFsErqSqUuwvk8HEspn
Cyb2xwXN3u/fP8ARc1rJhjJ6i2ZE0ynu70Cjcju/eg9I412qasEvWAu0hL3+otLW
6TlWF9Kns2ZQkv3HaQ2Xie4OJbiIlTxO13GEpzM3hJ0OzuSztjRwjkaly8rW8bcO
3mzzLv7ew6gFv8u+h5VM5Yt49iEKi0udS3nR6UoIlz6KThIR6wMnUPGY/wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFLstB3LQGveKJWsRoK9JPS+4q1k5MB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvdXkwSGN0QWE5NG9sYXhHZ3IwazlMN2lyV1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
IKnjwvYHrw+Ud/DVuVAZdDqmqenczx4REY5nkfvucUP8KPTLuolMzpIdmDgmua9y
sIRccP+uH2Z+0W++r7eaSE2BwoRE9UsNIBc/ybEUUuvPmRuA7US3GHbutHRfVY8T
NWm/cAVZpkiz2ra7f/4ShtVqAwEydUnbhGz37b8P6aV5183qLzf7PL9RweSd/8WZ
cGD5i4IWDW0wLEE+7gCcWThWIJ6k8NeGfHmrUFKfCvsRVMaER9bS4oImzFIM2pSX
H7NBlO6CgAMyF/95vFuRxLscWJwa9SJUNybKrV7Z7eEurI8vk82+g1rzi47m7XTT
Zyjv2o6Wr5JLVGno+CjsBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:10 2024 by rpki-client on console-fra.rpki-client.org