Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/RUJw70E2u5BrXRES2QjfdD6K358.roa
File: RUJw70E2u5BrXRES2QjfdD6K358.roa (raw, json)
Hash identifier: K/4dY3mFckm9bGGBfGlDVW27AoFGavhLtOo+7ajpTMY=
Subject key identifier: 45:42:70:EF:41:36:BB:90:6B:5D:11:12:D9:08:DF:74:3E:8A:DF:9F
Certificate issuer: /CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Certificate serial: 018573281F95C6C300340D5B2FA8C5D7B74A
Authority key identifier: 9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/RUJw70E2u5BrXRES2QjfdD6K358.roa
Signing time: Mon 02 Jan 2023 15:44:47 +0000
ROA not before: Mon 02 Jan 2023 15:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29170
IP address blocks: 185.67.177.201/32 maxlen: 32
178.132.216.0/24 maxlen: 24
82.114.81.0/24 maxlen: 24
178.132.217.0/24 maxlen: 24
82.114.84.0/24 maxlen: 24
82.114.79.0/24 maxlen: 24
178.132.216.0/21 maxlen: 21
178.132.220.0/24 maxlen: 24
82.114.88.0/24 maxlen: 24
46.19.224.0/24 maxlen: 24
46.19.224.0/21 maxlen: 24
46.19.225.0/24 maxlen: 24
46.19.230.0/24 maxlen: 24
82.114.64.0/19 maxlen: 19
82.114.64.0/24 maxlen: 24
82.114.70.0/24 maxlen: 24
82.114.65.0/24 maxlen: 24
82.114.66.0/24 maxlen: 24
82.114.74.0/24 maxlen: 24
82.114.77.0/24 maxlen: 24
82.114.78.0/24 maxlen: 24
185.67.176.0/22 maxlen: 22
185.67.176.0/24 maxlen: 24
185.67.177.0/24 maxlen: 24
185.67.178.0/24 maxlen: 24
185.67.179.0/24 maxlen: 24
185.67.177.175/32 maxlen: 32
185.190.132.0/22 maxlen: 22
185.190.132.0/24 maxlen: 24
185.67.177.176/32 maxlen: 32
2a04:3080::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 27 Apr 2023 15:41:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:1f:95:c6:c3:00:34:0d:5b:2f:a8:c5:d7:b7:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Validity
Not Before: Jan 2 15:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=454270ef4136bb906b5d1112d908df743e8adf9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b7:c1:97:0b:da:25:41:36:48:99:e4:d7:28:
3f:71:35:43:c6:d8:4f:c7:45:d8:fa:f2:c9:55:96:
1d:48:6d:f1:56:70:90:16:68:36:ca:57:64:4b:a2:
31:2d:dd:40:e7:02:13:fc:3f:ea:87:8d:8c:1a:4d:
ab:a8:bf:63:da:76:2a:0b:6d:9b:f2:72:62:88:65:
81:a9:ad:3b:b8:72:3b:2c:ae:74:56:36:d9:66:91:
21:54:23:41:0f:88:5b:2f:27:a3:13:6f:73:fc:c7:
63:b1:f0:f9:94:44:19:9e:4f:de:29:17:04:0d:45:
08:a2:34:02:c9:24:f6:89:fb:8e:fc:a8:47:00:ed:
72:e5:06:4a:c6:ee:e3:de:08:e1:0d:c2:0a:80:3b:
a5:18:13:e2:a6:83:f1:41:ae:b6:a7:4e:eb:81:73:
1e:c1:72:59:fc:78:3c:54:d4:ab:1e:48:4b:5a:c1:
c3:a4:31:c9:46:dc:4c:f0:0f:4e:7d:a9:42:03:b9:
21:80:b9:bd:5f:2f:cd:b1:d4:38:b7:a7:ea:40:7e:
2b:6c:94:b3:4d:7c:4d:1c:46:5c:ac:1f:ed:dc:c0:
a4:4e:73:04:47:ac:17:78:5f:6f:a4:a5:6c:88:50:
8b:8b:0a:35:01:66:91:36:04:46:a1:68:1f:15:b6:
f3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:42:70:EF:41:36:BB:90:6B:5D:11:12:D9:08:DF:74:3E:8A:DF:9F
X509v3 Authority Key Identifier:
keyid:9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/RUJw70E2u5BrXRES2QjfdD6K358.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/mpLTBwi51OjHwoyX-AN8gCcUTEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.224.0/21
82.114.64.0/19
178.132.216.0/21
185.67.176.0/22
185.190.132.0/22
IPv6:
2a04:3080::/29
Signature Algorithm: sha256WithRSAEncryption
26:12:dc:77:10:6d:19:36:f5:d4:67:e7:7a:05:7a:91:77:ca:
68:aa:c3:46:e4:34:fd:d5:24:aa:d9:6c:fa:06:84:f8:dd:e8:
35:12:4a:cd:13:2d:4f:5b:b0:df:f9:dc:38:dc:e9:45:fb:72:
71:18:c4:5f:70:67:03:88:37:40:57:a2:c9:32:78:ea:2d:3d:
d7:37:43:12:5f:b0:6f:e9:b6:41:c1:af:6a:50:12:67:fa:2f:
fb:d2:68:b0:79:e6:5a:af:94:73:61:c4:0d:07:cb:2c:18:d1:
fe:28:9a:2c:0f:dd:8c:09:90:d6:6a:48:78:95:4c:73:c5:b2:
97:0d:ee:cf:16:e0:ec:8f:63:0b:70:6e:dc:ec:df:54:4a:f2:
3d:56:86:c0:37:4e:5e:c5:c1:c0:51:ca:5b:f8:19:a7:f5:2a:
bf:12:ee:e4:0e:f4:24:b3:89:59:0c:c3:94:e1:27:8d:1e:ed:
c3:34:b5:67:4b:4d:a7:01:cb:54:4b:e8:a9:d8:54:55:f1:68:
9c:c6:0b:d7:35:8f:4c:06:52:a8:35:77:4f:b9:98:a9:5c:fb:
a1:ce:6a:a0:37:63:d1:4e:8c:92:20:37:15:76:56:6b:79:35:
8a:3b:92:4d:a8:c4:9a:81:4f:df:76:ac:aa:1c:77:b3:3d:c6:
68:58:7f:9b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVzKB+VxsMANA1bL6jF17dKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTJkMzA3MDhiOWQ0ZThjN2MyOGM5N2Y4MDM3YzgwMjcx
NDRjNDcwHhcNMjMwMTAyMTU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQyNzBlZjQxMzZiYjkwNmI1ZDExMTJkOTA4ZGY3NDNlOGFkZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLfBlwvaJUE2SJnk1yg/cTVDxthP
x0XY+vLJVZYdSG3xVnCQFmg2yldkS6IxLd1A5wIT/D/qh42MGk2rqL9j2nYqC22b
8nJiiGWBqa07uHI7LK50VjbZZpEhVCNBD4hbLyejE29z/MdjsfD5lEQZnk/eKRcE
DUUIojQCyST2ifuO/KhHAO1y5QZKxu7j3gjhDcIKgDulGBPipoPxQa62p07rgXMe
wXJZ/Hg8VNSrHkhLWsHDpDHJRtxM8A9OfalCA7khgLm9Xy/NsdQ4t6fqQH4rbJSz
TXxNHEZcrB/t3MCkTnMER6wXeF9vpKVsiFCLiwo1AWaRNgRGoWgfFbbzgQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEVCcO9BNruQa10REtkI33Q+it+fMB8GA1UdIwQY
MBaAFJqS0wcIudTox8KMl/gDfIAnFExHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBMVEJ3aTUxT2pId295WC1BTjhnQ2NVVEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jOTM3YmUtZjViMS00M2M2LTk1ODct
NGUwNjYyMWJkOThhLzEvUlVKdzcwRTJ1NUJyWFJFUzJRamZkRDZLMzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jOTM3YmUtZjViMS00M2M2LTk1ODctNGUwNjYyMWJkOThh
LzEvbXBMVEJ3aTUxT2pId295WC1BTjhnQ2NVVEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLhPgAwQF
UnJAAwQDsoTYAwQCuUOwAwQCub6EMA0EAgACMAcDBQMqBDCAMA0GCSqGSIb3DQEB
CwUAA4IBAQAmEtx3EG0ZNvXUZ+d6BXqRd8poqsNG5DT91SSq2Wz6BoT43eg1EkrN
Ey1PW7Df+dw43OlF+3JxGMRfcGcDiDdAV6LJMnjqLT3XN0MSX7Bv6bZBwa9qUBJn
+i/70miweeZar5RzYcQNB8ssGNH+KJosD92MCZDWakh4lUxzxbKXDe7PFuDsj2ML
cG7c7N9USvI9VobAN05excHAUcpb+Bmn9Sq/Eu7kDvQks4lZDMOU4SeNHu3DNLVn
S02nActUS+ip2FRV8WicxgvXNY9MBlKoNXdPuZipXPuhzmqgN2PRToySIDcVdlZr
eTWKO5JNqMSagU/fdqyqHHezPcZoWH+b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:56 2024 by rpki-client on console-ams.rpki-client.org