Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/uFFgiuFIjsB_wp_YIn2LQxk_V8c.roa
File: uFFgiuFIjsB_wp_YIn2LQxk_V8c.roa (raw, json)
Hash identifier: B7e26kpA7odEq8SMatjsm7zMOlk5ehsw/ryT+J8XAbo=
Subject key identifier: B8:51:60:8A:E1:48:8E:C0:7F:C2:9F:D8:22:7D:8B:43:19:3F:57:C7
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018CEE5C6136DE5C9C9377DEE4A164A4CE13
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/uFFgiuFIjsB_wp_YIn2LQxk_V8c.roa
Signing time: Tue 09 Jan 2024 13:14:40 +0000
ROA not before: Tue 09 Jan 2024 13:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 185.236.232.0/22 maxlen: 24
45.120.176.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
103.106.0.0/22 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
193.203.202.0/24 maxlen: 24
185.234.64.0/22 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.72.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c40::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Jan 2024 11:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:5c:61:36:de:5c:9c:93:77:de:e4:a1:64:a4:ce:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jan 9 13:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b851608ae1488ec07fc29fd8227d8b43193f57c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:98:d6:70:ad:ec:ef:32:62:d6:17:37:e0:6d:
e5:d6:bd:1c:15:90:4f:35:19:5f:b2:84:e4:68:1e:
0f:e1:0d:24:40:fc:4a:28:45:c2:0a:68:b1:e1:8e:
c1:01:e9:fa:48:fd:aa:66:f3:59:af:0e:84:b6:2f:
eb:35:e2:f8:00:ec:fa:85:3f:09:e4:4a:ac:a6:98:
f3:c3:99:d2:55:48:fe:01:90:82:b0:7b:23:35:ec:
e2:42:f3:72:2d:c8:c4:c3:25:d5:fd:ce:ad:3b:c6:
09:17:1d:81:21:f1:11:8b:df:f0:5d:0b:c0:d9:08:
77:28:93:a6:6e:af:36:e0:fb:60:cc:6a:93:e8:f7:
3d:ab:8c:7c:d3:a3:c5:d8:d4:bd:dc:a8:73:10:a5:
a9:d8:d7:44:12:70:3d:c4:a0:71:cf:b5:7f:ae:98:
89:88:03:f4:d8:4d:c1:0a:a7:ec:53:96:82:f9:8b:
3e:cf:50:96:77:13:35:7b:ab:42:0d:92:8d:d4:b2:
22:07:ab:72:e5:6f:38:72:8c:1b:6f:16:e5:5b:a3:
f9:86:62:4b:f6:b7:2f:6d:fc:55:c3:34:2d:a0:3b:
2d:17:3c:49:33:ed:d1:18:fe:63:a8:7e:f1:5b:e7:
7e:26:6b:e1:37:bf:96:e2:0f:c4:3e:58:f9:59:6e:
f7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:51:60:8A:E1:48:8E:C0:7F:C2:9F:D8:22:7D:8B:43:19:3F:57:C7
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/uFFgiuFIjsB_wp_YIn2LQxk_V8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
45.120.176.0/22
74.119.192.0/22
80.92.204.0-80.92.206.255
89.221.224.0/23
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
176.120.64.0/22
176.120.72.0/22
185.234.64.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.246.114.0/23
195.149.87.0/24
IPv6:
2a09:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
65:f7:f6:03:2e:6c:90:ca:0e:fc:89:1a:25:03:35:b1:4c:99:
52:0e:8a:11:25:f9:c8:ec:2a:e1:c4:e7:49:2f:a5:d8:f1:d9:
c9:03:c2:f8:0d:8f:8b:f8:76:4c:c8:d0:bf:c3:5a:e3:b2:ac:
32:fa:bc:43:d9:11:f8:c1:a6:3f:73:00:9a:b6:6e:89:60:f3:
22:3a:b7:f1:bf:e8:80:6c:7a:a3:71:7e:57:40:23:c7:c1:94:
e7:5a:0e:a7:12:ef:c3:a5:22:2b:51:54:91:cd:c7:fc:b6:4a:
b5:bf:4e:bc:6d:73:f5:9c:62:c3:92:9d:c3:01:6c:63:b0:c3:
54:59:2f:bc:0a:cc:e7:11:84:cb:c4:5d:68:20:75:c1:e1:90:
b6:4f:58:08:a2:f1:24:d6:ac:67:d5:79:fb:59:80:1f:a6:43:
f1:8c:60:c3:ad:a4:33:e1:74:29:ee:c0:07:90:5f:21:21:c5:
81:fe:24:48:79:60:a8:4e:83:63:0e:b0:51:28:3f:21:97:f4:
7b:4c:81:2a:0c:48:b0:bb:bf:0f:d9:f7:a1:8a:7a:91:c0:60:
81:65:d0:ee:f0:9d:c0:a6:f3:8c:94:20:dc:06:7b:38:c7:20:
a9:5b:f4:e4:e2:16:85:95:9a:6d:f3:91:da:c6:68:72:d4:6d:
4b:a2:2a:6c
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzuXGE23lyck3fe5KFkpM4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwMTA5MTMxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODUxNjA4YWUxNDg4ZWMwN2ZjMjlmZDgyMjdkOGI0MzE5M2Y1N2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpjWcK3s7zJi1hc34G3l1r0cFZBP
NRlfsoTkaB4P4Q0kQPxKKEXCCmix4Y7BAen6SP2qZvNZrw6Eti/rNeL4AOz6hT8J
5Eqsppjzw5nSVUj+AZCCsHsjNeziQvNyLcjEwyXV/c6tO8YJFx2BIfERi9/wXQvA
2Qh3KJOmbq824PtgzGqT6Pc9q4x806PF2NS93KhzEKWp2NdEEnA9xKBxz7V/rpiJ
iAP02E3BCqfsU5aC+Ys+z1CWdxM1e6tCDZKN1LIiB6ty5W84cowbbxblW6P5hmJL
9rcvbfxVwzQtoDstFzxJM+3RGP5jqH7xW+d+JmvhN7+W4g/EPlj5WW73+QIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFLhRYIrhSI7Af8Kf2CJ9i0MZP1fHMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvdUZGZ2l1Rklqc0Jfd3BfWUluMkxReGtfVjhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBiQQCAAEwgYIDBAIt
Q+QDBAIteLADBAJKd8AwDAMEAlBczAMEAFBczgMEAVnd4AMEAFvCoTAMAwQAW+HZ
AwQCW+HYAwQCZyO8AwQCZ2oAAwQCZ3FEAwQCsHhAAwQCsHhIAwQCuepAAwQCuezo
AwQCufJUAwQCufqUAwQAwcvKAwQBwvZyAwQAw5VXMA0EAgACMAcDBQMqCXxAMA0G
CSqGSIb3DQEBCwUAA4IBAQBl9/YDLmyQyg78iRolAzWxTJlSDooRJfnI7CrhxOdJ
L6XY8dnJA8L4DY+L+HZMyNC/w1rjsqwy+rxD2RH4waY/cwCatm6JYPMiOrfxv+iA
bHqjcX5XQCPHwZTnWg6nEu/DpSIrUVSRzcf8tkq1v068bXP1nGLDkp3DAWxjsMNU
WS+8CsznEYTLxF1oIHXB4ZC2T1gIovEk1qxn1Xn7WYAfpkPxjGDDraQz4XQp7sAH
kF8hIcWB/iRIeWCoToNjDrBRKD8hl/R7TIEqDEiwu78P2fehinqRwGCBZdDu8J3A
pvOMlCDcBns4xyCpW/Tk4haFlZpt85Haxmhy1G1Loips
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org