Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/UHhc7-3xgQqRkl-tuARL3ZbZW40.roa
File: UHhc7-3xgQqRkl-tuARL3ZbZW40.roa (raw, json)
Hash identifier: P4cgIGv2cEOcojl5uWx/IbKGrgKCcyix6u55WgX5x1Q=
Subject key identifier: 50:78:5C:EF:ED:F1:81:0A:91:92:5F:AD:B8:04:4B:DD:96:D9:5B:8D
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01887B32487C719FBDE98906FB1BB361EFB2
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/UHhc7-3xgQqRkl-tuARL3ZbZW40.roa
Signing time: Fri 02 Jun 2023 08:21:12 +0000
ROA not before: Fri 02 Jun 2023 08:21:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
45.151.139.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:200:4000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200:7000::/36 maxlen: 36
2a11:202::/32 maxlen: 32
2a09:4e01:5000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:3000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:5000::/36 maxlen: 36
2a10:c0c7:3000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:32:48:7c:71:9f:bd:e9:89:06:fb:1b:b3:61:ef:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jun 2 08:21:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50785cefedf1810a91925fadb8044bdd96d95b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:00:64:ec:be:45:47:38:00:8e:53:51:d3:a7:
c4:bd:0e:08:dd:85:a2:46:02:31:51:75:74:4e:eb:
f4:8a:7c:6f:84:27:15:5e:97:fb:ab:ed:18:26:82:
59:df:36:2c:6d:f0:64:83:51:a5:30:02:35:43:8a:
8c:df:08:f4:c6:ad:f0:48:7c:bd:cd:f1:04:5b:b6:
aa:5c:22:6d:f0:1d:2c:07:b2:b3:bc:f3:2f:f7:2f:
75:49:ed:65:7a:21:57:b4:02:06:19:ad:c2:9a:f0:
86:47:d8:b0:6e:bd:c3:05:97:79:6b:1f:50:67:57:
f5:ed:fe:03:c4:bb:30:ef:0d:f7:00:a0:76:04:ee:
52:da:08:9c:58:65:0b:75:57:e2:c4:80:80:0d:62:
ee:3a:cb:48:b3:74:2f:96:39:d4:c9:b1:08:90:17:
ce:91:01:eb:55:bf:ca:b2:20:62:a3:34:5d:47:40:
79:4e:76:9d:ac:b5:1f:85:a3:c5:e5:2f:24:2b:35:
a9:e9:03:15:3a:a8:89:12:15:af:eb:52:31:89:d4:
c4:47:ae:c0:9a:e7:1e:62:b8:ee:d7:07:ca:19:a0:
2a:49:d0:4d:0d:ec:24:99:a2:ba:98:b8:11:b7:75:
4e:17:79:63:64:72:33:ab:c0:56:94:6f:12:6b:13:
bc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:78:5C:EF:ED:F1:81:0A:91:92:5F:AD:B8:04:4B:DD:96:D9:5B:8D
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/UHhc7-3xgQqRkl-tuARL3ZbZW40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a0c:e8c0::/29
2a10:c0c0::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
15:97:84:f9:20:63:a0:cd:a8:cc:a8:3f:f1:ce:d7:56:7b:d1:
14:37:97:d5:9c:3f:db:65:51:74:e5:eb:fe:f1:a9:4c:c4:ac:
06:d4:9d:24:a9:14:bd:7e:90:7c:f3:3c:ad:a8:a0:c6:0a:4c:
ad:0f:e4:f8:75:ee:a7:da:e0:0b:89:cc:d3:9d:09:9b:6b:66:
62:18:c2:94:60:90:d4:4e:7c:d9:45:ce:23:5e:a0:f6:93:e2:
0e:c6:f7:b1:62:a6:ed:d0:d5:a4:14:f2:92:64:7a:db:c4:aa:
15:01:97:30:b9:fc:a4:0e:ee:32:23:a3:e9:25:b2:8f:1d:8b:
c3:5f:f1:ad:7b:94:66:44:08:60:35:bd:89:02:65:bc:9a:23:
64:ed:29:b8:e9:b5:9e:7e:89:3b:7c:3c:96:76:5b:fb:37:9a:
24:12:8a:88:f0:ce:72:70:b0:15:ab:cb:7a:01:89:d5:0f:94:
a9:59:b1:a1:3d:6e:51:aa:93:ef:12:a8:01:f3:0c:cf:f8:3c:
20:bc:9b:85:c5:2d:23:86:9e:e5:5d:36:89:95:ab:64:e5:e0:
1a:4f:58:37:05:e5:48:5b:46:41:89:de:33:68:5b:04:cc:55:
c1:1e:c8:7c:5f:bb:f8:e1:a7:0b:7e:86:34:04:c4:07:ea:5f:
dc:92:98:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYh7Mkh8cZ+96YkG+xuzYe+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwNjAyMDgyMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDc4NWNlZmVkZjE4MTBhOTE5MjVmYWRiODA0NGJkZDk2ZDk1YjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsABk7L5FRzgAjlNR06fEvQ4I3YWi
RgIxUXV0Tuv0inxvhCcVXpf7q+0YJoJZ3zYsbfBkg1GlMAI1Q4qM3wj0xq3wSHy9
zfEEW7aqXCJt8B0sB7KzvPMv9y91Se1leiFXtAIGGa3CmvCGR9iwbr3DBZd5ax9Q
Z1f17f4DxLsw7w33AKB2BO5S2gicWGULdVfixICADWLuOstIs3QvljnUybEIkBfO
kQHrVb/KsiBiozRdR0B5TnadrLUfhaPF5S8kKzWp6QMVOqiJEhWv61IxidTER67A
muceYrju1wfKGaAqSdBNDewkmaK6mLgRt3VOF3ljZHIzq8BWlG8SaxO8PwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFFB4XO/t8YEKkZJfrbgES92W2VuNMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvVUhoYzctM3hnUXFSa2wtdHVBUkwzWmJaVzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwHgQCAAEwGAMEAC2XiwME
AlOr8AMEAFQ2JAMEAMJxaTBOBAIAAjBIMBADBgQqCU4BMAMGBSoJTgFAAwUDKgzo
wAMFAyoQwMADBgQqEQIAAAMGBSoRAgBAAwYEKhECAHAwDgMFACoRAgEDBQAqEQIC
MA0GCSqGSIb3DQEBCwUAA4IBAQAVl4T5IGOgzajMqD/xztdWe9EUN5fVnD/bZVF0
5ev+8alMxKwG1J0kqRS9fpB88zytqKDGCkytD+T4de6n2uALiczTnQmba2ZiGMKU
YJDUTnzZRc4jXqD2k+IOxvexYqbt0NWkFPKSZHrbxKoVAZcwufykDu4yI6PpJbKP
HYvDX/Gte5RmRAhgNb2JAmW8miNk7Sm46bWefok7fDyWdlv7N5okEoqI8M5ycLAV
q8t6AYnVD5SpWbGhPW5RqpPvEqgB8wzP+DwgvJuFxS0jhp7lXTaJlatk5eAaT1g3
BeVIW0ZBid4zaFsEzFXBHsh8X7v44acLfoY0BMQH6l/ckphs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:45 2023 by rpki-client on console-fra.rpki-client.org