Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/Uy6YVUfl-Yo8pujnCWxzrIlHWV0.roa
File: Uy6YVUfl-Yo8pujnCWxzrIlHWV0.roa (raw, json)
Hash identifier: gngU0g2ZzELbjUiRnRDZ/0+x84OLCHZdmZUY1vKQKY4=
Subject key identifier: 53:2E:98:55:47:E5:F9:8A:3C:A6:E8:E7:09:6C:73:AC:89:47:59:5D
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 0185708CE02AE38739F1509B2E09294CFA60
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/Uy6YVUfl-Yo8pujnCWxzrIlHWV0.roa
Signing time: Mon 02 Jan 2023 03:35:58 +0000
ROA not before: Mon 02 Jan 2023 03:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.145.152.0/22 maxlen: 24
80.83.80.0/21 maxlen: 24
80.83.88.0/23 maxlen: 24
80.83.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Jan 2023 04:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e0:2a:e3:87:39:f1:50:9b:2e:09:29:4c:fa:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Jan 2 03:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=532e985547e5f98a3ca6e8e7096c73ac8947595d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6d:fe:4f:e5:96:e3:ab:67:e6:6a:8d:76:7f:
c6:fc:81:9b:3f:15:b0:f0:14:e4:a3:86:73:13:11:
e9:1c:f6:65:33:d4:be:55:25:a9:72:1f:21:8a:08:
fa:f0:dc:5e:d5:55:d6:ec:f7:b7:d3:8c:53:42:3c:
ae:b5:7c:c3:d5:d4:97:68:22:36:dc:73:c8:00:14:
05:30:e3:76:de:8e:09:ec:54:4b:11:4a:2a:89:8c:
b1:66:d8:d0:21:2b:cf:c0:5c:4c:21:cf:01:a2:b0:
6d:12:69:1b:60:4c:da:f1:f6:d8:0f:bc:fc:bb:13:
bd:d0:8e:24:f0:25:6d:0e:08:b4:c6:ad:b1:75:80:
28:a5:df:b6:6b:09:26:99:1e:96:47:1c:92:75:43:
9b:05:2e:88:51:64:96:c2:29:c4:a0:01:5d:d3:a4:
6d:c6:91:2e:39:9a:77:06:b2:56:68:3a:b2:00:51:
4c:76:4e:b9:df:a8:ea:ad:0d:0d:69:e6:7c:43:7d:
9c:6a:0e:98:63:88:2a:34:a4:ca:d6:0a:cf:84:02:
85:b2:e4:23:d9:68:c0:e4:0b:99:5d:84:64:7c:94:
b6:61:b3:00:64:f1:b8:d1:57:95:9d:dc:0d:67:1a:
c2:94:1c:a4:01:79:30:77:1f:b7:84:af:ce:7e:61:
e9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:2E:98:55:47:E5:F9:8A:3C:A6:E8:E7:09:6C:73:AC:89:47:59:5D
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/Uy6YVUfl-Yo8pujnCWxzrIlHWV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.152.0/22
80.83.80.0-80.83.89.255
80.83.92.0/22
Signature Algorithm: sha256WithRSAEncryption
65:5b:86:19:57:84:67:03:1e:bc:d5:a5:35:6b:b5:a3:f6:d6:
7d:f4:48:77:ae:87:33:2b:85:a3:8c:02:cd:a3:f0:24:a8:76:
b8:de:1b:36:74:3e:91:90:17:9c:0d:7b:7a:b2:fc:d4:fc:ab:
11:4d:13:ef:bb:3b:06:34:ed:f3:d6:43:21:9a:2e:4e:f2:f1:
48:1a:d1:9b:dc:ff:cf:be:9e:01:29:ad:3f:8d:9e:f2:e6:07:
e0:ea:8b:54:50:e9:10:63:07:d0:39:64:f0:e6:07:89:4e:1f:
a5:bb:3e:43:e7:65:52:e6:64:6e:d6:8e:46:1f:ed:8b:46:ae:
30:f2:14:50:77:28:7f:8d:15:91:32:ae:79:8d:be:85:d5:f9:
d4:03:26:86:2e:6e:9b:b8:49:fd:14:5f:c1:48:a4:b6:69:97:
1c:16:a9:ba:a7:0b:6d:ae:7e:20:48:9f:3c:1d:73:6e:4b:7a:
ec:bb:84:6c:90:d1:3e:f7:08:eb:81:5f:2d:57:68:5c:46:b2:
11:19:b7:ee:37:a7:9c:a0:89:d4:9d:83:a8:54:7c:ef:c8:b1:
31:f6:36:29:42:47:04:a5:88:e0:49:a5:bf:b8:3c:a5:73:15:
1b:77:18:08:83:c1:21:8d:f3:88:8d:33:ca:12:cd:2e:34:67:
f1:f9:ce:87
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwjOAq44c58VCbLgkpTPpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMwMTAyMDMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzJlOTg1NTQ3ZTVmOThhM2NhNmU4ZTcwOTZjNzNhYzg5NDc1OTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG3+T+WW46tn5mqNdn/G/IGbPxWw
8BTko4ZzExHpHPZlM9S+VSWpch8higj68Nxe1VXW7Pe304xTQjyutXzD1dSXaCI2
3HPIABQFMON23o4J7FRLEUoqiYyxZtjQISvPwFxMIc8BorBtEmkbYEza8fbYD7z8
uxO90I4k8CVtDgi0xq2xdYAopd+2awkmmR6WRxySdUObBS6IUWSWwinEoAFd06Rt
xpEuOZp3BrJWaDqyAFFMdk6536jqrQ0NaeZ8Q32cag6YY4gqNKTK1grPhAKFsuQj
2WjA5AuZXYRkfJS2YbMAZPG40VeVndwNZxrClBykAXkwdx+3hK/OfmHpmwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFMumFVH5fmKPKbo5wlsc6yJR1ldMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvVXk2WVZVZmwtWW84cHVqbkNXeHpySWxIV1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLZGYMAwD
BARQU1ADBAFQU1gDBAJQU1wwDQYJKoZIhvcNAQELBQADggEBAGVbhhlXhGcDHrzV
pTVrtaP21n30SHeuhzMrhaOMAs2j8CSodrjeGzZ0PpGQF5wNe3qy/NT8qxFNE++7
OwY07fPWQyGaLk7y8Uga0Zvc/8++ngEprT+NnvLmB+Dqi1RQ6RBjB9A5ZPDmB4lO
H6W7PkPnZVLmZG7WjkYf7YtGrjDyFFB3KH+NFZEyrnmNvoXV+dQDJoYubpu4Sf0U
X8FIpLZplxwWqbqnC22ufiBInzwdc25Leuy7hGyQ0T73COuBXy1XaFxGshEZt+43
p5ygidSdg6hUfO/IsTH2NilCRwSliOBJpb+4PKVzFRt3GAiDwSGN84iNM8oSzS40
Z/H5zoc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:26 2024 by rpki-client on console-fra.rpki-client.org