Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/UxksMIn-p2ZykQv3WS9_vOcrngo.roa
File: UxksMIn-p2ZykQv3WS9_vOcrngo.roa (raw, json)
Hash identifier: JwdJ/dnaj5eLuBmrpgsnWVaityl1bpXXY0U8OzOutU4=
Subject key identifier: 53:19:2C:30:89:FE:A7:66:72:91:0B:F7:59:2F:7F:BC:E7:2B:9E:0A
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018ECC4A0725B4D756B08ADD3AEFA6AB8DFB
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/UxksMIn-p2ZykQv3WS9_vOcrngo.roa
Signing time: Thu 11 Apr 2024 08:33:07 +0000
ROA not before: Thu 11 Apr 2024 08:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 31.41.253.0/24 maxlen: 24
45.87.255.0/24 maxlen: 24
45.95.28.0/24 maxlen: 24
45.128.129.0/24 maxlen: 24
45.131.160.0/24 maxlen: 24
45.131.161.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.222.214.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
193.201.9.0/24 maxlen: 24
194.104.232.0/24 maxlen: 24
212.60.7.0/24 maxlen: 24
217.8.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 19:59:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:4a:07:25:b4:d7:56:b0:8a:dd:3a:ef:a6:ab:8d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 11 08:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53192c3089fea76672910bf7592f7fbce72b9e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2a:2b:02:5a:45:fa:16:24:c3:5a:89:60:b1:
d1:aa:7f:76:09:04:cd:14:ff:55:05:2b:04:56:93:
ea:6e:14:a5:2b:88:7c:47:00:b2:55:4d:79:74:a2:
71:e5:f9:fc:56:33:bc:9b:19:37:75:eb:2a:77:05:
cb:85:63:53:f2:d3:53:ab:5a:8d:64:83:17:03:29:
70:c8:80:71:1e:8c:de:75:cc:73:57:33:8b:ee:74:
08:a7:e1:c2:c5:f6:fb:41:64:5a:01:6f:7f:1f:de:
a3:6d:ae:0b:5d:68:b3:7d:d0:ef:1f:67:d5:c9:8e:
78:a4:8e:5a:2c:07:10:a9:a3:22:d0:a8:14:3d:a4:
b4:f0:8d:9c:6b:ed:16:9a:9c:86:ff:ad:dd:22:f0:
f7:e1:44:ec:14:7f:6c:e2:3d:98:19:96:49:9e:4f:
4e:ba:46:e7:6d:55:ca:57:7b:ea:e7:6f:dd:f1:1f:
0a:a3:df:78:b2:e5:3f:7d:b4:fd:e1:b5:42:fc:9e:
3d:5b:f2:fd:16:63:49:24:4f:f5:2f:22:24:7c:2c:
d8:95:48:c3:c1:c4:b2:d2:4f:77:48:15:ac:50:e6:
de:28:84:91:dc:4c:ed:d0:1c:fc:85:ee:98:19:b7:
17:24:d2:85:c2:9b:8a:a1:54:3d:78:f4:47:e2:66:
bc:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:19:2C:30:89:FE:A7:66:72:91:0B:F7:59:2F:7F:BC:E7:2B:9E:0A
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/UxksMIn-p2ZykQv3WS9_vOcrngo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.253.0/24
45.87.255.0/24
45.95.28.0/24
45.128.129.0/24
45.131.160.0/23
91.190.158.0/24
94.154.188.0/23
94.154.191.0/24
176.116.17.0/24
176.126.102.0/24
185.222.214.0/24
193.187.106.0/24
193.201.9.0/24
194.104.232.0/24
212.60.7.0/24
217.8.117.0/24
Signature Algorithm: sha256WithRSAEncryption
52:e4:6b:77:9b:c0:3c:ba:61:18:9d:4f:a5:10:80:ef:25:5d:
e4:94:04:9e:8e:6e:cd:80:b0:91:4d:03:3c:27:d0:ab:c1:9a:
2a:89:23:7c:f6:2c:59:1d:6b:86:2b:31:ed:ed:41:ef:a9:ab:
44:52:90:31:90:c4:46:86:66:d0:7d:65:50:d6:1d:51:b1:59:
d1:16:41:79:a6:46:e2:39:6e:08:79:82:7e:ec:8e:05:6e:a7:
ab:a0:75:01:05:f4:bb:f6:21:cc:12:eb:ee:59:1d:33:cc:f5:
f2:49:57:50:e7:0d:c9:cb:71:e8:9b:fe:b7:83:85:27:8b:e4:
cc:c3:89:b2:8c:a9:5f:70:c2:5c:76:c9:4a:2d:78:07:74:57:
fc:0b:c8:3f:1b:9c:0b:2c:dd:f6:8c:08:75:fc:82:a8:5f:ae:
9e:d6:71:f0:6d:79:24:1d:dd:76:f4:bf:70:0d:30:44:31:28:
a0:c0:2b:b5:d1:03:03:6e:80:86:ea:02:ba:38:4c:a5:75:9b:
ae:13:dc:aa:fe:6f:42:d4:b8:ff:79:9d:70:0d:3e:3f:8d:24:
e9:e6:aa:96:1b:6f:86:d5:f6:29:32:ce:8e:3a:23:cb:dc:0f:
24:bc:05:39:12:a8:7f:f5:7d:4d:7c:b4:6e:2d:c7:be:b0:4c:
e9:29:2d:d4
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY7MSgcltNdWsIrdOu+mq437MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDExMDgzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzE5MmMzMDg5ZmVhNzY2NzI5MTBiZjc1OTJmN2ZiY2U3MmI5ZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyorAlpF+hYkw1qJYLHRqn92CQTN
FP9VBSsEVpPqbhSlK4h8RwCyVU15dKJx5fn8VjO8mxk3desqdwXLhWNT8tNTq1qN
ZIMXAylwyIBxHozedcxzVzOL7nQIp+HCxfb7QWRaAW9/H96jba4LXWizfdDvH2fV
yY54pI5aLAcQqaMi0KgUPaS08I2ca+0WmpyG/63dIvD34UTsFH9s4j2YGZZJnk9O
ukbnbVXKV3vq52/d8R8Ko994suU/fbT94bVC/J49W/L9FmNJJE/1LyIkfCzYlUjD
wcSy0k93SBWsUObeKISR3Ezt0Bz8he6YGbcXJNKFwpuKoVQ9ePRH4ma8mwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFFMZLDCJ/qdmcpEL91kvf7znK54KMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvVXhrc01Jbi1wMlp5a1F2M1dTOV92T2NybmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAHyn9AwQA
LVf/AwQALV8cAwQALYCBAwQBLYOgAwQAW76eAwQBXpq8AwQAXpq/AwQAsHQRAwQA
sH5mAwQAud7WAwQAwbtqAwQAwckJAwQAwmjoAwQA1DwHAwQA2Qh1MA0GCSqGSIb3
DQEBCwUAA4IBAQBS5Gt3m8A8umEYnU+lEIDvJV3klASejm7NgLCRTQM8J9CrwZoq
iSN89ixZHWuGKzHt7UHvqatEUpAxkMRGhmbQfWVQ1h1RsVnRFkF5pkbiOW4IeYJ+
7I4FbqeroHUBBfS79iHMEuvuWR0zzPXySVdQ5w3Jy3Hom/63g4Uni+TMw4myjKlf
cMJcdslKLXgHdFf8C8g/G5wLLN32jAh1/IKoX66e1nHwbXkkHd129L9wDTBEMSig
wCu10QMDboCG6gK6OEyldZuuE9yq/m9C1Lj/eZ1wDT4/jSTp5qqWG2+G1fYpMs6O
OiPL3A8kvAU5Eqh/9X1NfLRuLce+sEzpKS3U
-----END CERTIFICATE-----
Generated at Mon Apr 15 21:59:39 2024 by rpki-client on console-fra.rpki-client.org