Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/UIpzGRXefKzW1rmP28r9rpZf9j8.roa
File: UIpzGRXefKzW1rmP28r9rpZf9j8.roa (raw, json)
Hash identifier: ruNDX9mcCf4wmwqjGy0RxM55R3xeAQf8DHT8nQ+mz14=
Subject key identifier: 50:8A:73:19:15:DE:7C:AC:D6:D6:B9:8F:DB:CA:FD:AE:96:5F:F6:3F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018ED3DB47AE96278E6807D651C5B9565710
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/UIpzGRXefKzW1rmP28r9rpZf9j8.roa
Signing time: Fri 12 Apr 2024 19:49:07 +0000
ROA not before: Fri 12 Apr 2024 19:49:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398465
IP address blocks: 45.43.172.0/22 maxlen: 22
64.137.29.0/24 maxlen: 24
64.137.44.0/24 maxlen: 24
64.137.45.0/24 maxlen: 24
64.137.46.0/24 maxlen: 24
64.137.72.0/24 maxlen: 24
64.137.85.0/24 maxlen: 24
64.137.114.0/24 maxlen: 24
64.137.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 13:46:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:db:47:ae:96:27:8e:68:07:d6:51:c5:b9:56:57:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 12 19:49:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=508a731915de7cacd6d6b98fdbcafdae965ff63f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5f:58:ad:51:eb:70:07:a4:27:60:63:41:22:
19:0a:50:87:ad:fa:35:92:89:ef:20:d0:c6:7b:9c:
f3:c9:a2:09:51:e4:5b:33:27:86:f5:5b:ce:54:cd:
7e:bb:60:21:54:97:df:98:3c:b5:64:6f:c9:cc:0f:
c1:c6:6d:6a:08:94:10:65:07:d1:b6:08:f6:fc:d8:
1f:16:bf:26:5c:d0:08:9c:c7:3e:1f:fa:68:4c:8c:
69:bc:b2:3f:97:a9:97:35:45:e4:05:7b:ec:9a:4d:
7b:cc:40:16:c8:7b:8a:34:ed:4f:43:06:4f:39:ac:
31:ce:2a:39:07:38:3c:85:96:e2:1b:c7:d1:ca:c0:
c4:40:e8:b0:f4:b8:e4:a7:b8:94:af:22:cb:fa:3b:
db:2a:9f:62:3f:e8:86:da:85:60:01:4e:30:a3:74:
cb:e2:c4:4e:71:76:d3:eb:ef:59:22:14:97:1d:08:
92:c8:df:39:ce:55:1a:ea:9d:58:a1:f2:21:a2:a3:
0f:7f:4f:de:40:d6:24:a9:7d:b4:46:be:17:70:3c:
0d:ff:97:9e:a4:27:7b:6e:fd:dd:6c:26:26:88:87:
fd:53:f8:d0:9d:7c:b2:d8:7b:8d:3b:b9:19:01:74:
c9:a4:bc:c5:17:1b:04:cb:9d:58:39:97:f0:f9:e2:
61:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8A:73:19:15:DE:7C:AC:D6:D6:B9:8F:DB:CA:FD:AE:96:5F:F6:3F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/UIpzGRXefKzW1rmP28r9rpZf9j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.172.0/22
64.137.29.0/24
64.137.44.0-64.137.46.255
64.137.72.0/24
64.137.85.0/24
64.137.114.0/24
64.137.116.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a8:2d:38:5f:00:66:eb:ee:d5:62:37:29:e9:dd:00:bf:9e:
1b:bb:59:b4:03:a2:a7:9f:89:03:09:3a:3d:cf:d7:c5:b6:82:
fe:b7:69:02:d1:3f:06:7f:99:f6:d7:8e:cf:94:da:36:8a:7a:
34:6a:24:24:f5:4a:1a:92:a7:f4:c9:6d:c8:ef:60:34:f0:b1:
e6:f3:31:45:a9:b1:86:1d:6a:41:15:e0:b9:1c:5c:b1:1d:c9:
98:3a:e7:bb:e7:37:c0:25:f8:c0:fc:b2:09:50:e1:ec:33:d5:
eb:4c:ec:f5:4b:3c:0c:c6:b0:32:5a:22:e3:8a:62:fe:43:c8:
ab:a5:af:7d:35:b1:12:d7:8b:d5:4c:80:d4:c8:d0:2c:7a:1a:
72:02:34:c1:64:4f:da:b3:70:75:5e:5e:f7:b4:55:91:a1:77:
9a:1e:d4:0d:4e:22:5b:52:15:08:e7:67:7e:f5:57:e9:21:78:
d7:70:d1:c6:b2:44:55:99:db:00:b3:74:45:c0:68:e0:ec:9f:
c1:1b:4e:c7:4b:fe:39:9a:e1:49:d6:a0:9a:18:6d:18:b3:99:
f8:6b:00:0d:64:9f:9b:4f:dd:15:ee:d7:52:4a:ca:9c:d1:a0:
6f:2c:f7:31:41:58:8c:88:5f:0e:9c:ac:17:4c:a5:d4:3c:45:
0b:f9:ff:7b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY7T20eulieOaAfWUcW5VlcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNDEyMTk0OTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDhhNzMxOTE1ZGU3Y2FjZDZkNmI5OGZkYmNhZmRhZTk2NWZmNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF9YrVHrcAekJ2BjQSIZClCHrfo1
konvINDGe5zzyaIJUeRbMyeG9VvOVM1+u2AhVJffmDy1ZG/JzA/Bxm1qCJQQZQfR
tgj2/NgfFr8mXNAInMc+H/poTIxpvLI/l6mXNUXkBXvsmk17zEAWyHuKNO1PQwZP
Oawxzio5Bzg8hZbiG8fRysDEQOiw9Ljkp7iUryLL+jvbKp9iP+iG2oVgAU4wo3TL
4sROcXbT6+9ZIhSXHQiSyN85zlUa6p1YofIhoqMPf0/eQNYkqX20Rr4XcDwN/5ee
pCd7bv3dbCYmiIf9U/jQnXyy2HuNO7kZAXTJpLzFFxsEy51YOZfw+eJh9QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFCKcxkV3nys1ta5j9vK/a6WX/Y/MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVUlwekdSWGVmS3pXMXJtUDI4cjlycFpmOWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLSusAwQA
QIkdMAwDBAJAiSwDBABAiS4DBABAiUgDBABAiVUDBABAiXIDBABAiXQwDQYJKoZI
hvcNAQELBQADggEBAFqoLThfAGbr7tViNynp3QC/nhu7WbQDoqefiQMJOj3P18W2
gv63aQLRPwZ/mfbXjs+U2jaKejRqJCT1ShqSp/TJbcjvYDTwsebzMUWpsYYdakEV
4LkcXLEdyZg657vnN8Al+MD8sglQ4ewz1etM7PVLPAzGsDJaIuOKYv5DyKulr301
sRLXi9VMgNTI0Cx6GnICNMFkT9qzcHVeXve0VZGhd5oe1A1OIltSFQjnZ371V+kh
eNdw0cayRFWZ2wCzdEXAaODsn8EbTsdL/jma4UnWoJoYbRizmfhrAA1kn5tP3RXu
11JKypzRoG8s9zFBWIyIXw6crBdMpdQ8RQv5/3s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org