Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/UhA35TGFDUZyNhHZ41jNYSGK0BM.roa
File: UhA35TGFDUZyNhHZ41jNYSGK0BM.roa (raw, json)
Hash identifier: dD2JTNsmaapAc4/3Ew/GHgHLSCf0jwW1/1nM9TjcYGs=
Subject key identifier: 52:10:37:E5:31:85:0D:46:72:36:11:D9:E3:58:CD:61:21:8A:D0:13
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0191896FFA364B375A08C6063531ED73211C
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/UhA35TGFDUZyNhHZ41jNYSGK0BM.roa
Signing time: Sun 25 Aug 2024 12:08:22 +0000
ROA not before: Sun 25 Aug 2024 12:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149457
IP address blocks: 45.134.145.0/24 maxlen: 24
85.92.114.0/24 maxlen: 24
103.100.168.0/24 maxlen: 24
185.233.18.0/24 maxlen: 24
193.107.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 13:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:89:6f:fa:36:4b:37:5a:08:c6:06:35:31:ed:73:21:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Aug 25 12:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=521037e531850d46723611d9e358cd61218ad013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c6:e9:d4:9b:c7:f3:02:02:51:06:b1:a7:12:
68:59:7a:75:d5:48:d4:26:da:ef:b9:21:a7:9f:01:
ef:b5:cb:79:c3:cf:b6:d6:2e:ec:dd:42:49:57:35:
b4:76:65:c0:aa:04:94:3a:e9:1f:b7:b4:3f:f0:59:
72:e5:a8:78:14:a7:66:8e:97:57:ce:43:4b:11:69:
a2:e6:61:bc:79:97:ab:82:8d:a7:85:e0:fe:6c:42:
b0:16:a8:85:29:66:25:f6:36:86:d1:b7:41:a1:ce:
13:b0:97:70:e8:a8:e5:a4:44:7b:47:41:0f:a3:d7:
21:02:d8:9a:41:d4:74:85:6d:1c:c3:7d:3b:95:34:
ff:25:5a:03:1b:e2:33:aa:90:8f:01:56:b2:43:f9:
ae:ab:b7:11:ac:b8:e5:8a:d7:a2:8a:86:2f:fc:83:
4d:49:99:b8:22:97:d7:71:64:af:22:d6:38:e5:4c:
14:90:e1:d7:96:15:e2:6b:75:55:1b:aa:c2:fd:41:
b9:71:31:19:ca:ba:81:06:7c:3b:76:1c:4f:fe:32:
0a:5c:28:9d:05:a7:52:dd:ae:70:91:1b:8b:f9:f4:
6b:88:00:19:9c:a6:5c:f6:25:ff:10:ed:9e:db:6f:
06:9f:45:37:8b:1f:82:47:1c:ff:a2:cd:89:d2:7b:
e0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:10:37:E5:31:85:0D:46:72:36:11:D9:E3:58:CD:61:21:8A:D0:13
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/UhA35TGFDUZyNhHZ41jNYSGK0BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.145.0/24
85.92.114.0/24
103.100.168.0/24
185.233.18.0/24
193.107.218.0/24
Signature Algorithm: sha256WithRSAEncryption
73:69:15:6e:0e:93:27:90:7c:db:b9:5c:8e:55:9a:23:12:9a:
d2:3d:87:86:b7:8a:aa:28:e6:bf:e2:20:00:e9:fc:31:70:2a:
d4:30:83:f3:8f:d8:ae:a0:f3:0a:66:f1:18:15:dc:24:4c:89:
91:d6:19:7f:ef:a5:74:25:aa:dd:ab:8a:a7:52:f7:3b:f6:d1:
2e:91:35:c1:0c:3f:30:47:48:6f:b9:44:1c:3f:e4:34:6e:01:
dc:df:bb:a5:ac:dd:77:a9:29:f6:51:e8:92:37:35:8b:51:a4:
02:4b:4c:27:88:90:b7:47:b6:ee:d3:73:6b:b9:83:e8:80:af:
55:9e:64:31:30:69:f3:de:7a:ec:f2:6c:00:14:8c:ed:41:4f:
22:82:29:00:94:ab:18:42:97:55:5d:26:b0:60:87:ff:bf:56:
0f:9b:f1:61:14:a0:c9:7f:4c:bf:a6:d6:cb:1c:1a:d9:73:20:
15:e8:7d:1c:75:08:2d:4c:55:93:32:4c:8e:8b:49:39:9f:0b:
d0:41:7c:f6:ec:34:6c:a9:aa:bc:ee:72:62:94:19:6a:a5:44:
41:d7:8e:38:52:d1:8f:4f:bd:6f:d2:ac:7b:f5:1c:b8:bc:53:
29:38:c2:3e:51:86:84:9e:7e:7d:bb:b8:75:2b:64:10:75:cb:
47:3f:1f:a0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZGJb/o2SzdaCMYGNTHtcyEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwODI1MTIwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjEwMzdlNTMxODUwZDQ2NzIzNjExZDllMzU4Y2Q2MTIxOGFkMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMbp1JvH8wICUQaxpxJoWXp11UjU
JtrvuSGnnwHvtct5w8+21i7s3UJJVzW0dmXAqgSUOukft7Q/8Fly5ah4FKdmjpdX
zkNLEWmi5mG8eZergo2nheD+bEKwFqiFKWYl9jaG0bdBoc4TsJdw6KjlpER7R0EP
o9chAtiaQdR0hW0cw307lTT/JVoDG+IzqpCPAVayQ/muq7cRrLjliteiioYv/INN
SZm4IpfXcWSvItY45UwUkOHXlhXia3VVG6rC/UG5cTEZyrqBBnw7dhxP/jIKXCid
BadS3a5wkRuL+fRriAAZnKZc9iX/EO2e228Gn0U3ix+CRxz/os2J0nvgqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFIQN+UxhQ1GcjYR2eNYzWEhitATMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvVWhBMzVUR0ZEVVp5TmhIWjQxak5ZU0dLMEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYaRAwQA
VVxyAwQAZ2SoAwQAuekSAwQAwWvaMA0GCSqGSIb3DQEBCwUAA4IBAQBzaRVuDpMn
kHzbuVyOVZojEprSPYeGt4qqKOa/4iAA6fwxcCrUMIPzj9iuoPMKZvEYFdwkTImR
1hl/76V0Jardq4qnUvc79tEukTXBDD8wR0hvuUQcP+Q0bgHc37ulrN13qSn2UeiS
NzWLUaQCS0wniJC3R7bu03NruYPogK9VnmQxMGnz3nrs8mwAFIztQU8igikAlKsY
QpdVXSawYIf/v1YPm/FhFKDJf0y/ptbLHBrZcyAV6H0cdQgtTFWTMkyOi0k5nwvQ
QXz27DRsqaq87nJilBlqpURB1444UtGPT71v0qx79Ry4vFMpOMI+UYaEnn59u7h1
K2QQdctHPx+g
-----END CERTIFICATE-----
Generated at Fri Oct 11 17:24:45 2024 by rpki-client on console-fra.rpki-client.org