Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/UGx6_iiPkwig3pqxiJ8Y23TtA9M.roa
File: UGx6_iiPkwig3pqxiJ8Y23TtA9M.roa (raw, json)
Hash identifier: TWbNgm11tFvS6vSuv4S74HimAebZ91aZlYCXyxB+fM8=
Subject key identifier: 50:6C:7A:FE:28:8F:93:08:A0:DE:9A:B1:88:9F:18:DB:74:ED:03:D3
Certificate issuer: /CN=bccd52a6a7f957171b15f7be5e20916428369401
Certificate serial: 01860759CCC4D5B5A7A24DE930129DA60797
Authority key identifier: BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/UGx6_iiPkwig3pqxiJ8Y23TtA9M.roa
Signing time: Tue 31 Jan 2023 10:22:50 +0000
ROA not before: Tue 31 Jan 2023 10:22:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6735
IP address blocks: 62.68.0.0/19 maxlen: 19
5.252.124.0/22 maxlen: 22
45.87.16.0/22 maxlen: 22
195.245.0.0/18 maxlen: 18
185.218.168.0/22 maxlen: 22
2a09:48c0::/29 maxlen: 29
2a0e:ed80::/29 maxlen: 29
2a0f:8040::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:59:cc:c4:d5:b5:a7:a2:4d:e9:30:12:9d:a6:07:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bccd52a6a7f957171b15f7be5e20916428369401
Validity
Not Before: Jan 31 10:22:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=506c7afe288f9308a0de9ab1889f18db74ed03d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:42:0a:5f:6b:d2:3d:4f:8d:e9:fb:1a:fa:20:
33:0e:b2:ee:b1:1a:01:07:a4:13:ba:5f:37:46:cf:
e1:30:7e:70:ce:6b:89:1c:ad:7a:a6:d4:16:da:14:
a0:b1:cc:03:6c:e0:6e:f4:0d:2f:c8:77:f5:76:15:
f8:89:79:6f:55:64:89:84:94:34:02:46:ba:a0:31:
9c:05:18:3e:73:68:df:50:af:98:24:63:c2:69:d2:
ca:0d:85:ab:bf:10:80:e7:8d:98:ef:a6:85:e7:ee:
78:2a:3d:58:3b:a6:ad:30:83:38:d1:dd:d6:34:00:
c5:dd:42:9b:c1:24:47:0a:e5:8c:38:9c:12:08:fb:
62:90:56:a7:b3:5d:08:b4:9e:70:17:ed:de:1a:b5:
cd:bd:81:dc:35:6b:2c:9f:21:7d:41:39:48:88:9d:
68:06:12:1d:56:d4:54:3b:63:d6:1e:db:8c:c3:16:
fa:1e:e8:b1:80:2c:34:8b:1e:6b:64:5f:aa:f9:90:
7e:95:fa:03:f8:09:a4:77:f9:06:ea:17:6b:7a:f5:
50:61:d8:b1:20:75:c4:a6:c7:d7:00:92:63:0a:f8:
e0:f0:10:56:b5:c4:0f:59:a6:d0:30:29:4c:fa:4d:
0d:36:58:aa:5c:d1:98:e5:93:e0:f9:a0:8d:1b:4d:
29:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:6C:7A:FE:28:8F:93:08:A0:DE:9A:B1:88:9F:18:DB:74:ED:03:D3
X509v3 Authority Key Identifier:
keyid:BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/UGx6_iiPkwig3pqxiJ8Y23TtA9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/vM1Spqf5VxcbFfe-XiCRZCg2lAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.124.0/22
45.87.16.0/22
62.68.0.0/19
185.218.168.0/22
195.245.0.0/18
IPv6:
2a09:48c0::/29
2a0e:ed80::/29
2a0f:8040::/29
Signature Algorithm: sha256WithRSAEncryption
80:cf:28:c3:d2:35:81:d0:f7:78:4a:de:72:84:33:b0:e1:5b:
be:e8:50:47:42:60:c6:4f:86:7d:bc:fd:09:bd:a4:29:46:96:
fd:6b:77:5b:51:be:77:c2:b8:24:e1:55:93:9c:42:af:4f:18:
18:91:d3:7a:f9:d9:58:00:f5:0a:a3:7c:aa:d8:00:05:82:af:
f8:f9:f5:9d:51:51:b8:a2:f7:79:e1:8e:73:a0:02:33:24:53:
eb:bb:b4:82:64:59:28:3d:14:17:a7:f2:78:c0:fc:da:bc:68:
0a:6d:b9:03:88:60:aa:c3:9b:f9:5d:8b:fc:da:fd:79:b6:59:
85:64:86:03:f4:1e:93:76:10:fa:67:47:dd:18:54:57:64:79:
09:24:04:64:35:cb:33:04:62:48:c0:67:03:83:b0:bd:df:d4:
fa:25:8f:ce:23:61:ab:03:83:45:00:9f:d8:07:b1:c4:21:a8:
3f:45:46:59:e5:f0:48:13:a0:f6:f5:55:c0:78:5b:7e:34:36:
9b:b0:d7:4d:99:fe:1b:95:84:d5:a8:be:86:b2:b3:00:e7:fa:
5f:86:dc:e9:29:d2:f1:89:5b:ea:41:15:49:25:83:4f:a2:72:
ee:44:a6:98:53:45:b1:ef:74:03:f7:95:d6:c2:be:85:54:05:
56:76:71:a0
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYYHWczE1bWnok3pMBKdpgeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2Q1MmE2YTdmOTU3MTcxYjE1ZjdiZTVlMjA5MTY0Mjgz
Njk0MDEwHhcNMjMwMTMxMTAyMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDZjN2FmZTI4OGY5MzA4YTBkZTlhYjE4ODlmMThkYjc0ZWQwM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkIKX2vSPU+N6fsa+iAzDrLusRoB
B6QTul83Rs/hMH5wzmuJHK16ptQW2hSgscwDbOBu9A0vyHf1dhX4iXlvVWSJhJQ0
Aka6oDGcBRg+c2jfUK+YJGPCadLKDYWrvxCA542Y76aF5+54Kj1YO6atMIM40d3W
NADF3UKbwSRHCuWMOJwSCPtikFans10ItJ5wF+3eGrXNvYHcNWssnyF9QTlIiJ1o
BhIdVtRUO2PWHtuMwxb6HuixgCw0ix5rZF+q+ZB+lfoD+Amkd/kG6hdrevVQYdix
IHXEpsfXAJJjCvjg8BBWtcQPWabQMClM+k0NNliqXNGY5ZPg+aCNG00pywIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFBsev4oj5MIoN6asYifGNt07QPTMB8GA1UdIwQY
MBaAFLzNUqan+VcXGxX3vl4gkWQoNpQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUt
ZTgyM2UxN2JiNWNjLzEvVUd4Nl9paVBrd2lnM3BxeGlKOFkyM1R0QTlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUtZTgyM2UxN2JiNWNj
LzEvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCBfx8AwQC
LVcQAwQFPkQAAwQCudqoAwQGw/UAMBsEAgACMBUDBQMqCUjAAwUDKg7tgAMFAyoP
gEAwDQYJKoZIhvcNAQELBQADggEBAIDPKMPSNYHQ93hK3nKEM7DhW77oUEdCYMZP
hn28/Qm9pClGlv1rd1tRvnfCuCThVZOcQq9PGBiR03r52VgA9QqjfKrYAAWCr/j5
9Z1RUbii93nhjnOgAjMkU+u7tIJkWSg9FBen8njA/Nq8aAptuQOIYKrDm/ldi/za
/Xm2WYVkhgP0HpN2EPpnR90YVFdkeQkkBGQ1yzMEYkjAZwODsL3f1Polj84jYasD
g0UAn9gHscQhqD9FRlnl8EgToPb1VcB4W340Npuw102Z/huVhNWovoayswDn+l+G
3Okp0vGJW+pBFUklg0+icu5EpphTRbHvdAP3ldbCvoVUBVZ2caA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:04 2024 by rpki-client on console-fra.rpki-client.org