Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/UXaFvclh_M1JeOjzbii8q381W8o.roa
File: UXaFvclh_M1JeOjzbii8q381W8o.roa (raw, json)
Hash identifier: j3JOvUJcQ3oQFXQZ76NMSDOWb+hv0ubwOU15NJ0vAu8=
Subject key identifier: 51:76:85:BD:C9:61:FC:CD:49:78:E8:F3:6E:28:BC:AB:7F:35:5B:CA
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01856FCB93A386BC3D50BB81CD4B41FE2A94
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/UXaFvclh_M1JeOjzbii8q381W8o.roa
Signing time: Mon 02 Jan 2023 00:04:50 +0000
ROA not before: Mon 02 Jan 2023 00:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62164
IP address blocks: 45.11.88.0/23 maxlen: 24
45.11.90.0/23 maxlen: 23
185.149.232.0/22 maxlen: 22
185.149.232.0/24 maxlen: 24
185.149.233.0/24 maxlen: 24
185.149.234.0/23 maxlen: 23
193.39.184.0/24 maxlen: 24
5.181.164.0/23 maxlen: 23
185.202.174.0/24 maxlen: 24
5.181.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 May 2023 22:46:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:93:a3:86:bc:3d:50:bb:81:cd:4b:41:fe:2a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 2 00:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=517685bdc961fccd4978e8f36e28bcab7f355bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:db:c1:68:f3:46:68:39:66:6d:c0:2c:5d:a6:
64:0e:3d:ae:31:e9:0d:12:5e:e0:11:fb:ab:14:ae:
4e:ad:81:d1:bf:e1:a2:ce:3b:aa:e4:f6:66:13:07:
6c:3f:bd:4c:3e:71:34:8b:8d:86:a6:a3:b6:58:19:
b9:20:f7:15:e6:df:0a:5f:27:73:c0:c8:41:6d:2a:
d5:d6:cd:17:eb:1f:3c:9f:c1:0f:2d:b4:06:07:c5:
4f:48:11:0c:68:1b:4e:36:d1:ab:51:c3:fe:33:df:
4c:53:81:1f:7e:09:74:37:c0:9d:17:60:cd:e5:39:
a8:8a:17:ab:5b:f4:8b:cd:3d:34:ba:a6:74:fa:3e:
4b:de:4d:25:c6:d7:dc:53:ad:c5:48:91:bc:a3:d3:
ad:63:32:8b:ad:52:df:5f:22:d5:3f:3e:37:81:5c:
4b:4a:a2:ac:5c:48:7b:d8:6e:d4:46:96:12:d6:f4:
5b:7f:d4:7d:cc:dd:b7:55:56:3a:53:6f:8a:d1:45:
6e:ff:0d:48:c0:db:7b:0a:96:24:65:1f:d6:36:f6:
9c:6e:8c:94:d6:6b:bd:02:51:da:c3:c8:dc:25:9a:
cc:db:41:e2:7f:83:18:4b:30:21:5a:30:7c:26:75:
35:0e:b5:8f:af:13:88:f8:a0:3a:7d:a9:12:f4:77:
0e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:76:85:BD:C9:61:FC:CD:49:78:E8:F3:6E:28:BC:AB:7F:35:5B:CA
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/UXaFvclh_M1JeOjzbii8q381W8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.164.0/23
5.181.167.0/24
45.11.88.0/22
185.149.232.0/22
185.202.174.0/24
193.39.184.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:66:2e:8f:15:fb:da:e0:24:8e:89:e8:e0:ee:6a:c9:b4:a9:
f7:d7:02:39:3c:56:82:7c:f2:c0:ff:85:25:d9:55:91:c4:1b:
65:ed:e7:9b:47:1d:17:de:cd:29:de:33:69:6f:de:83:4f:ae:
cc:a6:83:5c:47:c6:97:70:93:37:2b:52:45:a9:63:52:c7:7f:
bb:57:f5:59:96:ba:b1:4d:0f:db:bc:44:53:26:96:3b:d1:d8:
ed:08:53:d3:ce:ee:e8:40:04:88:0b:00:5b:52:16:b1:15:71:
7b:9d:4a:51:8f:6a:37:9b:d2:d4:d6:4f:11:b5:a9:69:b5:21:
e5:26:8b:d9:59:51:fa:e1:29:06:96:d9:11:02:79:92:5a:46:
8a:e4:51:93:30:c6:d3:bf:25:35:04:e5:0f:e2:2d:e4:2a:71:
e5:a2:93:a6:8f:07:bb:cd:ab:08:2a:83:97:34:38:c3:fe:1d:
41:16:04:8d:25:fe:4f:b2:d9:3a:30:63:b8:34:06:81:d8:0b:
4e:37:10:97:f1:fa:5b:7f:5e:09:60:b1:8a:42:7a:9d:06:4d:
72:aa:14:cf:cb:b1:78:05:20:04:2c:a7:c3:38:94:47:8d:f2:
39:2e:a1:9d:58:57:72:78:e8:ce:b9:c7:81:d3:b5:87:12:99:
eb:37:5f:16
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvy5Ojhrw9ULuBzUtB/iqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjMwMTAyMDAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc2ODViZGM5NjFmY2NkNDk3OGU4ZjM2ZTI4YmNhYjdmMzU1YmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tvBaPNGaDlmbcAsXaZkDj2uMekN
El7gEfurFK5OrYHRv+Gizjuq5PZmEwdsP71MPnE0i42GpqO2WBm5IPcV5t8KXydz
wMhBbSrV1s0X6x88n8EPLbQGB8VPSBEMaBtONtGrUcP+M99MU4Effgl0N8CdF2DN
5TmoiherW/SLzT00uqZ0+j5L3k0lxtfcU63FSJG8o9OtYzKLrVLfXyLVPz43gVxL
SqKsXEh72G7URpYS1vRbf9R9zN23VVY6U2+K0UVu/w1IwNt7CpYkZR/WNvacboyU
1mu9AlHaw8jcJZrM20Hif4MYSzAhWjB8JnU1DrWPrxOI+KA6fakS9HcOSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFF2hb3JYfzNSXjo824ovKt/NVvKMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvVVhhRnZjbGhfTTFKZU9qemJpaThxMzgxVzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBbWkAwQA
BbWnAwQCLQtYAwQCuZXoAwQAucquAwQAwSe4MA0GCSqGSIb3DQEBCwUAA4IBAQB/
Zi6PFfva4CSOiejg7mrJtKn31wI5PFaCfPLA/4Ul2VWRxBtl7eebRx0X3s0p3jNp
b96DT67MpoNcR8aXcJM3K1JFqWNSx3+7V/VZlrqxTQ/bvERTJpY70djtCFPTzu7o
QASICwBbUhaxFXF7nUpRj2o3m9LU1k8RtalptSHlJovZWVH64SkGltkRAnmSWkaK
5FGTMMbTvyU1BOUP4i3kKnHlopOmjwe7zasIKoOXNDjD/h1BFgSNJf5Pstk6MGO4
NAaB2AtONxCX8fpbf14JYLGKQnqdBk1yqhTPy7F4BSAELKfDOJRHjfI5LqGdWFdy
eOjOuceB07WHEpnrN18W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org