Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/UIby1XtaiOHtP9DKSsfjaRxCLfc.roa
File: UIby1XtaiOHtP9DKSsfjaRxCLfc.roa (raw, json)
Hash identifier: 3qKEKzeIaPtuJQwa/6DA8RnErHQvIoV32qYpGpEwSow=
Subject key identifier: 50:86:F2:D5:7B:5A:88:E1:ED:3F:D0:CA:4A:C7:E3:69:1C:42:2D:F7
Certificate issuer: /CN=11a3864558bf42892bf9e5359bdb13f03b2527a9
Certificate serial: 01856ECBA6174FDAE396AA9D688E08B9F935
Authority key identifier: 11:A3:86:45:58:BF:42:89:2B:F9:E5:35:9B:DB:13:F0:3B:25:27:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaOGRVi_Qokr-eU1m9sT8DslJ6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/UIby1XtaiOHtP9DKSsfjaRxCLfc.roa
Signing time: Sun 01 Jan 2023 19:25:18 +0000
ROA not before: Sun 01 Jan 2023 19:25:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6823
IP address blocks: 178.251.43.0/24 maxlen: 24
178.251.44.0/24 maxlen: 24
178.251.40.0/24 maxlen: 24
178.251.40.0/21 maxlen: 21
178.251.42.0/24 maxlen: 24
178.251.41.0/24 maxlen: 24
178.251.45.0/24 maxlen: 24
178.251.47.0/24 maxlen: 24
178.251.46.0/24 maxlen: 24
37.202.48.0/21 maxlen: 21
37.202.49.0/24 maxlen: 24
37.202.48.0/24 maxlen: 24
37.202.51.0/24 maxlen: 24
37.202.50.0/24 maxlen: 24
37.202.55.0/24 maxlen: 24
37.202.53.0/24 maxlen: 24
37.202.52.0/24 maxlen: 24
37.202.54.0/24 maxlen: 24
2a01:6be0::/32 maxlen: 32
2a01:6be0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:a6:17:4f:da:e3:96:aa:9d:68:8e:08:b9:f9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a3864558bf42892bf9e5359bdb13f03b2527a9
Validity
Not Before: Jan 1 19:25:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5086f2d57b5a88e1ed3fd0ca4ac7e3691c422df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1e:f8:04:42:fa:87:c9:e1:c6:9b:09:0f:17:
1c:92:21:8b:c8:f5:da:66:7a:36:eb:ba:a6:59:e1:
03:f0:4f:c4:7e:7b:fd:ba:d5:0f:93:cf:04:6d:f6:
20:93:35:ee:a2:72:d4:d7:e8:f7:1e:a7:68:8e:64:
38:54:de:cf:17:6e:1d:10:f2:4f:59:1d:6b:12:2c:
75:02:66:16:ab:da:5c:0f:1e:7f:fc:73:89:97:15:
f8:a2:96:3c:e4:40:3e:a9:e5:a2:6e:c9:3c:4b:b7:
3f:ed:44:d7:0f:25:4e:68:58:b0:45:71:84:c8:e4:
16:1f:1c:79:0f:8b:1c:a2:3b:39:fc:fd:2b:4d:8e:
e8:7b:a2:74:39:3f:ad:36:de:ff:e8:66:2d:e7:bc:
1b:4e:b7:31:35:fd:38:73:3d:0f:ff:df:22:3e:a1:
8a:de:c3:69:2b:b3:31:97:66:14:50:9d:1f:33:6d:
10:8d:49:3b:44:f2:e4:ff:d7:aa:ef:e3:ba:57:e1:
23:f3:7f:bf:1e:c3:b9:56:d1:d7:d7:d1:fc:3e:01:
2a:3b:0d:f1:07:be:94:dc:bd:fe:ab:5f:f5:f6:4b:
ab:3b:f2:8a:5e:95:12:6e:a7:ad:38:2c:60:35:e9:
fe:8e:b8:13:e3:5f:c2:f3:14:f7:93:5c:86:ff:f8:
36:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:86:F2:D5:7B:5A:88:E1:ED:3F:D0:CA:4A:C7:E3:69:1C:42:2D:F7
X509v3 Authority Key Identifier:
keyid:11:A3:86:45:58:BF:42:89:2B:F9:E5:35:9B:DB:13:F0:3B:25:27:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaOGRVi_Qokr-eU1m9sT8DslJ6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/UIby1XtaiOHtP9DKSsfjaRxCLfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/EaOGRVi_Qokr-eU1m9sT8DslJ6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.48.0/21
178.251.40.0/21
IPv6:
2a01:6be0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:be:4f:e0:05:39:72:21:44:66:7d:8f:66:ed:3c:cb:01:ab:
8a:a4:f1:a8:f5:73:82:7a:69:36:c7:88:ad:83:24:14:5e:8c:
3b:dc:45:5c:82:28:3b:c8:08:d2:24:d9:84:25:2f:21:d0:55:
ec:09:77:f5:46:83:d2:29:77:8d:86:a0:d0:a7:8c:5e:be:82:
c2:b8:cd:c6:9e:1f:a9:a7:b5:07:24:40:9e:57:dd:56:09:1e:
d7:70:db:1b:b7:c3:71:71:43:72:5e:a5:85:fc:13:65:0a:63:
2f:e9:69:64:29:08:2f:4d:a7:2e:44:7f:b7:63:ee:97:2d:65:
24:ed:f2:5d:20:a5:f1:97:ed:48:1f:ee:42:38:5d:25:3b:31:
59:84:c7:2b:4a:f8:0c:b5:12:79:90:8e:8b:31:60:70:47:7f:
68:a1:1c:66:2a:76:92:49:c8:e4:b4:d4:b7:04:d4:cf:e1:bc:
73:28:01:3b:00:32:f7:fa:53:13:0b:0d:ae:77:93:b5:fc:35:
ce:e0:62:7a:08:39:1c:71:b3:93:f7:b4:09:a6:50:55:40:db:
74:c3:d6:f7:55:89:68:cc:65:25:98:19:e6:8c:98:65:4d:11:
4b:f1:7d:91:da:f1:28:e4:c9:68:9f:d5:8a:ff:f7:d3:d5:7d:
1e:e3:05:12
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuy6YXT9rjlqqdaI4Iufk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTM4NjQ1NThiZjQyODkyYmY5ZTUzNTliZGIxM2YwM2Iy
NTI3YTkwHhcNMjMwMTAxMTkyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDg2ZjJkNTdiNWE4OGUxZWQzZmQwY2E0YWM3ZTM2OTFjNDIyZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwB74BEL6h8nhxpsJDxcckiGLyPXa
Zno267qmWeED8E/Efnv9utUPk88EbfYgkzXuonLU1+j3HqdojmQ4VN7PF24dEPJP
WR1rEix1AmYWq9pcDx5//HOJlxX4opY85EA+qeWibsk8S7c/7UTXDyVOaFiwRXGE
yOQWHxx5D4scojs5/P0rTY7oe6J0OT+tNt7/6GYt57wbTrcxNf04cz0P/98iPqGK
3sNpK7Mxl2YUUJ0fM20QjUk7RPLk/9eq7+O6V+Ej83+/HsO5VtHX19H8PgEqOw3x
B76U3L3+q1/19kurO/KKXpUSbqetOCxgNen+jrgT41/C8xT3k1yG//g2/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFCG8tV7Wojh7T/QykrH42kcQi33MB8GA1UdIwQY
MBaAFBGjhkVYv0KJK/nlNZvbE/A7JSepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFPR1JWaV9Rb2tyLWVVMW05c1Q4RHNsSjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hY2QzNGItMzU3Zi00MzA3LTgzYzAt
MDg1N2UzZWMwM2UwLzEvVUlieTFYdGFpT0h0UDlES1NzZmphUnhDTGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hY2QzNGItMzU3Zi00MzA3LTgzYzAtMDg1N2UzZWMwM2Uw
LzEvRWFPR1JWaV9Rb2tyLWVVMW05c1Q4RHNsSjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcowAwQD
svsoMA0EAgACMAcDBQAqAWvgMA0GCSqGSIb3DQEBCwUAA4IBAQA/vk/gBTlyIURm
fY9m7TzLAauKpPGo9XOCemk2x4itgyQUXow73EVcgig7yAjSJNmEJS8h0FXsCXf1
RoPSKXeNhqDQp4xevoLCuM3Gnh+pp7UHJECeV91WCR7XcNsbt8NxcUNyXqWF/BNl
CmMv6WlkKQgvTacuRH+3Y+6XLWUk7fJdIKXxl+1IH+5COF0lOzFZhMcrSvgMtRJ5
kI6LMWBwR39ooRxmKnaSScjktNS3BNTP4bxzKAE7ADL3+lMTCw2ud5O1/DXO4GJ6
CDkccbOT97QJplBVQNt0w9b3VYlozGUlmBnmjJhlTRFL8X2R2vEo5Mlon9WK//fT
1X0e4wUS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:32 2024 by rpki-client on console-ams.rpki-client.org