Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/uxFyQIMTGc89LG_XkrU3I8PK_uU.roa
File: uxFyQIMTGc89LG_XkrU3I8PK_uU.roa (raw, json)
Hash identifier: KUdhe1ivdtbJU53lIoursEEIEyu7meb5d9+Ggj8RJuE=
Subject key identifier: BB:11:72:40:83:13:19:CF:3D:2C:6F:D7:92:B5:37:23:C3:CA:FE:E5
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D84C45A4E9DD76CDC48C7C9642584F7F0
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/uxFyQIMTGc89LG_XkrU3I8PK_uU.roa
Signing time: Wed 07 Feb 2024 18:11:17 +0000
ROA not before: Wed 07 Feb 2024 18:11:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2.59.49.0/24 maxlen: 24
37.221.82.0/23 maxlen: 23
45.10.64.0/22 maxlen: 22
45.10.80.0/22 maxlen: 22
45.15.238.0/24 maxlen: 24
45.93.80.0/24 maxlen: 24
45.132.128.0/24 maxlen: 24
45.132.129.0/24 maxlen: 24
45.138.213.0/24 maxlen: 24
45.138.214.0/24 maxlen: 24
45.139.52.0/24 maxlen: 24
45.139.53.0/24 maxlen: 24
45.139.55.0/24 maxlen: 24
45.140.72.0/22 maxlen: 22
45.146.24.0/24 maxlen: 24
45.146.25.0/24 maxlen: 24
45.146.27.0/24 maxlen: 24
45.147.12.0/24 maxlen: 24
45.147.13.0/24 maxlen: 24
45.147.14.0/24 maxlen: 24
45.147.15.0/24 maxlen: 24
45.149.129.0/24 maxlen: 24
45.152.116.0/24 maxlen: 24
45.152.117.0/24 maxlen: 24
45.159.84.0/24 maxlen: 24
45.159.87.0/24 maxlen: 24
91.206.68.0/24 maxlen: 24
91.236.121.0/24 maxlen: 24
176.222.56.0/24 maxlen: 24
176.222.57.0/24 maxlen: 24
176.222.59.0/24 maxlen: 24
185.188.41.0/24 maxlen: 24
195.216.132.0/22 maxlen: 22
213.166.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 19 Feb 2024 17:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:c4:5a:4e:9d:d7:6c:dc:48:c7:c9:64:25:84:f7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 7 18:11:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb117240831319cf3d2c6fd792b53723c3cafee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f5:57:55:d3:77:bd:48:c5:2b:7f:f2:4b:8b:
a1:d9:d5:e5:3f:6e:7e:2a:94:1d:e1:18:0b:50:7a:
28:65:0e:4b:0b:07:d5:06:7f:d4:52:15:05:b9:f4:
4b:8a:00:64:09:d8:c7:bd:a8:65:76:a4:05:e9:82:
c5:78:51:a0:b4:44:29:2f:c6:e0:f8:a0:bc:9c:5f:
e1:34:42:9c:fd:32:07:fc:74:e0:ee:85:b2:33:79:
99:1b:07:cf:ef:a0:a3:2f:d5:3f:e9:0f:ea:07:20:
52:b3:2f:03:fc:9e:a4:4c:73:4e:f8:1e:a6:a7:3c:
32:9b:0f:23:dd:90:7d:d6:80:d9:5f:72:e4:2c:a5:
6a:2c:5f:c6:8d:33:98:8a:f3:4a:33:7e:cc:04:fe:
7d:6d:62:60:ce:e4:f6:93:2b:b8:07:f9:0e:07:55:
d7:1e:cc:29:8d:db:9d:05:8f:d7:d5:4f:5b:27:13:
29:0e:ba:03:52:c8:2b:61:0c:ef:77:c2:4a:1b:9b:
04:22:e3:2a:73:6d:69:d1:ed:e2:bc:56:a8:65:b1:
61:8b:05:65:3d:d6:1c:9e:de:ff:fe:8e:3a:d8:f6:
08:c4:85:1d:38:57:16:59:91:ab:72:5b:f9:6c:83:
13:0a:71:bd:06:32:0d:90:ca:f6:da:e2:35:5e:3c:
6a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:11:72:40:83:13:19:CF:3D:2C:6F:D7:92:B5:37:23:C3:CA:FE:E5
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/uxFyQIMTGc89LG_XkrU3I8PK_uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.49.0/24
37.221.82.0/23
45.10.64.0/22
45.10.80.0/22
45.15.238.0/24
45.93.80.0/24
45.132.128.0/23
45.138.213.0-45.138.214.255
45.139.52.0/23
45.139.55.0/24
45.140.72.0/22
45.146.24.0/23
45.146.27.0/24
45.147.12.0/22
45.149.129.0/24
45.152.116.0/23
45.159.84.0/24
45.159.87.0/24
91.206.68.0/24
91.236.121.0/24
176.222.56.0/23
176.222.59.0/24
185.188.41.0/24
195.216.132.0/22
213.166.64.0/22
Signature Algorithm: sha256WithRSAEncryption
85:bf:da:6c:87:51:cf:d5:59:9a:ee:da:a4:d6:11:41:69:fe:
44:61:c1:02:27:b7:2a:80:a4:e5:9a:c3:f3:3c:53:68:42:55:
2f:ca:8b:82:ca:b5:24:54:57:62:fe:23:68:97:be:0d:62:f9:
1d:dd:5d:35:cf:88:d0:b9:32:b6:2a:0d:b1:d8:dc:3f:06:92:
98:42:57:1c:4e:75:87:79:9e:b3:df:35:c2:4b:97:01:2b:f3:
8a:9d:b2:fa:ac:d9:33:ec:73:84:f9:96:ef:75:50:66:35:bb:
2c:09:f7:38:6a:d8:3e:aa:12:c4:a7:39:ac:93:0a:37:0d:87:
7d:39:08:0d:7b:21:c4:bd:0a:7f:62:c3:5e:1e:3a:04:10:46:
a5:54:47:71:1f:fe:1a:86:e1:6d:2f:ce:69:ab:67:7d:4d:eb:
80:6d:4e:18:eb:0f:cc:13:26:0e:22:d2:f7:4c:4b:02:55:ff:
3d:fd:32:69:4a:71:15:8d:05:e9:25:9c:a3:28:a4:3f:b8:40:
97:71:63:50:a4:c6:85:5a:1a:63:11:b4:11:cb:5f:6b:31:5d:
c8:6a:93:76:ff:9e:ea:5b:51:13:d1:a7:8c:7e:02:14:5b:9b:
1d:f2:c6:3a:ce:35:5d:48:7b:52:0a:ef:3d:6b:90:94:69:b3:
9a:90:b3:af
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY2ExFpOndds3EjHyWQlhPfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA3MTgxMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjExNzI0MDgzMTMxOWNmM2QyYzZmZDc5MmI1MzcyM2MzY2FmZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/VXVdN3vUjFK3/yS4uh2dXlP25+
KpQd4RgLUHooZQ5LCwfVBn/UUhUFufRLigBkCdjHvahldqQF6YLFeFGgtEQpL8bg
+KC8nF/hNEKc/TIH/HTg7oWyM3mZGwfP76CjL9U/6Q/qByBSsy8D/J6kTHNO+B6m
pzwymw8j3ZB91oDZX3LkLKVqLF/GjTOYivNKM37MBP59bWJgzuT2kyu4B/kOB1XX
HswpjdudBY/X1U9bJxMpDroDUsgrYQzvd8JKG5sEIuMqc21p0e3ivFaoZbFhiwVl
PdYcnt7//o462PYIxIUdOFcWWZGrclv5bIMTCnG9BjINkMr22uI1XjxqswIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLsRckCDExnPPSxv15K1NyPDyv7lMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvdXhGeVFJTVRHYzg5TEdfWGtyVTNJOFBLX3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAC
OzEDBAEl3VIDBAItCkADBAItClADBAAtD+4DBAAtXVADBAEthIAwDAMEAC2K1QME
AC2K1gMEAS2LNAMEAC2LNwMEAi2MSAMEAS2SGAMEAC2SGwMEAi2TDAMEAC2VgQME
AS2YdAMEAC2fVAMEAC2fVwMEAFvORAMEAFvseQMEAbDeOAMEALDeOwMEALm8KQME
AsPYhAMEAtWmQDANBgkqhkiG9w0BAQsFAAOCAQEAhb/abIdRz9VZmu7apNYRQWn+
RGHBAie3KoCk5ZrD8zxTaEJVL8qLgsq1JFRXYv4jaJe+DWL5Hd1dNc+I0LkytioN
sdjcPwaSmEJXHE51h3mes981wkuXASvzip2y+qzZM+xzhPmW73VQZjW7LAn3OGrY
PqoSxKc5rJMKNw2HfTkIDXshxL0Kf2LDXh46BBBGpVRHcR/+GobhbS/OaatnfU3r
gG1OGOsPzBMmDiLS90xLAlX/Pf0yaUpxFY0F6SWcoyikP7hAl3FjUKTGhVoaYxG0
EctfazFdyGqTdv+e6ltRE9GnjH4CFFubHfLGOs41XUh7UgrvPWuQlGmzmpCzrw==
-----END CERTIFICATE-----
Generated at Mon Feb 19 21:07:42 2024 by rpki-client on console-fra.rpki-client.org