Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/uPXawijvpICOOg24IAOoMhoylfM.roa
File: uPXawijvpICOOg24IAOoMhoylfM.roa (raw, json)
Hash identifier: YwPeyjF308J9FcksAwkQyGIjh9um1hP5HuQ8Kt0Fbqk=
Subject key identifier: B8:F5:DA:C2:28:EF:A4:80:8E:3A:0D:B8:20:03:A8:32:1A:32:95:F3
Certificate issuer: /CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Certificate serial: 018E9DA2A22520236CBB2920E243049B91B2
Authority key identifier: 1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/uPXawijvpICOOg24IAOoMhoylfM.roa
Signing time: Tue 02 Apr 2024 07:07:44 +0000
ROA not before: Tue 02 Apr 2024 07:07:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5400
IP address blocks: 62.5.0.0/17 maxlen: 17
62.102.0.0/17 maxlen: 17
62.173.192.0/18 maxlen: 18
62.180.0.0/16 maxlen: 16
185.94.0.0/22 maxlen: 22
194.213.64.0/19 maxlen: 19
195.90.64.0/19 maxlen: 19
195.100.0.0/16 maxlen: 16
195.163.0.0/16 maxlen: 16
195.182.96.0/19 maxlen: 19
212.8.160.0/19 maxlen: 19
212.21.192.0/19 maxlen: 19
212.41.128.0/19 maxlen: 19
212.127.0.0/19 maxlen: 19
213.15.0.0/16 maxlen: 16
213.236.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Tue 02 Apr 2024 11:58:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:a2:a2:25:20:23:6c:bb:29:20:e2:43:04:9b:91:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Validity
Not Before: Apr 2 07:07:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8f5dac228efa4808e3a0db82003a8321a3295f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:91:bb:07:28:6d:5e:af:03:57:81:d2:4d:73:
71:f8:3d:46:c5:c7:4c:2e:c9:76:2c:04:46:99:54:
f8:e9:e1:46:38:6c:24:2d:3f:5d:e8:00:47:6c:a1:
be:11:a6:c3:7f:a2:e8:24:f3:7b:4c:f7:4a:57:2f:
62:51:ee:5d:fe:7f:4d:63:f1:4f:9d:07:3e:f9:4a:
2a:bd:04:d8:45:47:c0:0b:54:7c:d1:66:dc:3b:f4:
21:52:c2:f1:7d:95:30:22:b1:45:d9:b6:30:05:14:
c1:5a:d5:ff:5d:42:af:73:a0:f4:d0:d6:97:83:7b:
d4:f8:4d:6f:08:01:ac:07:b9:c2:19:73:98:e0:98:
8e:ff:26:53:57:46:a5:6e:09:d7:e2:e7:55:27:d7:
a2:c6:47:15:4d:28:b0:b8:5b:3a:b6:60:5a:07:24:
b1:04:70:d0:ba:ad:c5:78:4c:c8:49:ca:b6:a2:40:
2d:fe:59:67:40:76:58:de:fc:20:07:6b:3a:24:51:
31:50:58:f9:38:55:16:72:2a:c6:6c:a2:d2:42:ad:
22:11:47:48:f2:36:df:c5:e6:26:33:e3:ac:22:3d:
7d:90:b8:aa:09:18:4b:bf:be:b0:cb:66:f1:75:51:
86:10:24:d2:8c:0b:8e:a2:85:33:40:9c:46:4a:94:
d2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F5:DA:C2:28:EF:A4:80:8E:3A:0D:B8:20:03:A8:32:1A:32:95:F3
X509v3 Authority Key Identifier:
keyid:1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/uPXawijvpICOOg24IAOoMhoylfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.5.0.0/17
62.102.0.0/17
62.173.192.0/18
62.180.0.0/16
185.94.0.0/22
194.213.64.0/19
195.90.64.0/19
195.100.0.0/16
195.163.0.0/16
195.182.96.0/19
212.8.160.0/19
212.21.192.0/19
212.41.128.0/19
212.127.0.0/19
213.15.0.0/16
213.236.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5e:d4:60:15:0e:91:37:1d:63:71:05:77:2f:9b:d4:a0:08:1e:
10:02:da:1f:6e:13:ac:bc:b2:55:60:3d:cd:48:a6:12:d8:8e:
bd:7e:17:93:96:c1:2b:9f:97:c2:ab:3f:aa:b3:83:c1:a8:99:
02:8e:5c:07:90:73:26:be:ac:84:90:d5:34:f5:68:b4:e0:3f:
bd:7d:9d:27:07:62:a8:73:ac:12:48:ce:13:0e:a4:4c:03:26:
ef:5b:5a:95:9c:c0:59:51:8c:e5:24:c3:5c:9d:88:08:c7:3f:
61:dd:5d:9f:8a:5b:2f:d6:a1:43:d1:4c:3a:6d:6f:f0:02:a4:
e3:83:63:6e:2b:0a:72:56:4a:94:a2:d3:2a:78:22:a8:b1:f9:
49:59:3f:87:16:e2:60:69:84:86:35:20:52:91:e1:cc:b8:2a:
21:49:ce:bc:bc:2b:c6:09:d3:08:db:d4:20:dc:5d:9f:d7:93:
18:8e:47:dd:16:68:bf:82:0d:aa:c3:4e:db:a8:dc:6a:98:89:
7c:b8:fc:b2:94:d5:5b:4d:9c:e7:04:e5:f6:fb:40:47:c5:5b:
20:62:42:4f:5b:0f:e5:aa:fd:07:91:49:66:c5:03:1e:eb:2a:
4d:f7:83:7a:b1:cf:66:49:59:48:ec:3a:ba:4e:38:7e:a3:61:
29:94:a7:1e
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAY6doqIlICNsuykg4kMEm5GyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZDNkOGUyOWUwNjNiOWQyNzQwYWIzZGU2YzcyMjU1ZWM4
ZDA1NTcwHhcNMjQwNDAyMDcwNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGY1ZGFjMjI4ZWZhNDgwOGUzYTBkYjgyMDAzYTgzMjFhMzI5NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZG7ByhtXq8DV4HSTXNx+D1GxcdM
Lsl2LARGmVT46eFGOGwkLT9d6ABHbKG+EabDf6LoJPN7TPdKVy9iUe5d/n9NY/FP
nQc++UoqvQTYRUfAC1R80WbcO/QhUsLxfZUwIrFF2bYwBRTBWtX/XUKvc6D00NaX
g3vU+E1vCAGsB7nCGXOY4JiO/yZTV0albgnX4udVJ9eixkcVTSiwuFs6tmBaBySx
BHDQuq3FeEzIScq2okAt/llnQHZY3vwgB2s6JFExUFj5OFUWcirGbKLSQq0iEUdI
8jbfxeYmM+OsIj19kLiqCRhLv76wy2bxdVGGECTSjAuOooUzQJxGSpTSCwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFLj12sIo76SAjjoNuCADqDIaMpXzMB8GA1UdIwQY
MBaAFB7T2OKeBjudJ0CrPebHIlXsjQVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUt
OWRjYTVjYzgwZGQ5LzEvdVBYYXdpanZwSUNPT2cyNElBT29NaG95bGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUtOWRjYTVjYzgwZGQ5
LzEvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQHPgUAAwQH
PmYAAwQGPq3AAwMAPrQDBAK5XgADBAXC1UADBAXDWkADAwDDZAMDAMOjAwQFw7Zg
AwQF1AigAwQF1BXAAwQF1CmAAwQF1H8AAwMA1Q8DBAbV7EAwDQYJKoZIhvcNAQEL
BQADggEBAF7UYBUOkTcdY3EFdy+b1KAIHhAC2h9uE6y8slVgPc1IphLYjr1+F5OW
wSufl8KrP6qzg8GomQKOXAeQcya+rISQ1TT1aLTgP719nScHYqhzrBJIzhMOpEwD
Ju9bWpWcwFlRjOUkw1ydiAjHP2HdXZ+KWy/WoUPRTDptb/ACpOODY24rCnJWSpSi
0yp4Iqix+UlZP4cW4mBphIY1IFKR4cy4KiFJzry8K8YJ0wjb1CDcXZ/XkxiOR90W
aL+CDarDTtuo3GqYiXy4/LKU1VtNnOcE5fb7QEfFWyBiQk9bD+Wq/QeRSWbFAx7r
Kk33g3qxz2ZJWUjsOrpOOH6jYSmUpx4=
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:16:03 2024 by rpki-client on console-fra.rpki-client.org