Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/uXb1PSXDgYMWytvOfI1KJ5a6LXc.roa
File: uXb1PSXDgYMWytvOfI1KJ5a6LXc.roa (raw, json)
Hash identifier: cAxkXJmgcliEfVZFkmZcYBHa1d5k1JPYqxMzAKjKjJ8=
Subject key identifier: B9:76:F5:3D:25:C3:81:83:16:CA:DB:CE:7C:8D:4A:27:96:BA:2D:77
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018BCCB1A9FAA94C85C6F6F9AED7773D8D54
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/uXb1PSXDgYMWytvOfI1KJ5a6LXc.roa
Signing time: Tue 14 Nov 2023 07:17:57 +0000
ROA not before: Tue 14 Nov 2023 07:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211642
IP address blocks: 185.219.42.0/24 maxlen: 24
185.219.43.0/24 maxlen: 24
185.219.40.0/24 maxlen: 24
185.219.41.0/24 maxlen: 24
45.128.206.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
185.240.102.0/24 maxlen: 24
45.128.207.0/24 maxlen: 24
5.253.60.0/24 maxlen: 24
5.253.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:b1:a9:fa:a9:4c:85:c6:f6:f9:ae:d7:77:3d:8d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Nov 14 07:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b976f53d25c3818316cadbce7c8d4a2796ba2d77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9e:98:63:aa:a6:30:08:23:a2:6b:40:d3:32:
44:5c:19:16:78:0f:18:38:ec:e8:84:9e:7d:4a:2c:
1f:e3:10:ab:cb:2d:45:da:cf:93:87:1e:9c:e9:d0:
ce:8b:e7:dc:6b:2a:1d:27:f4:0c:db:11:04:7e:bc:
bc:04:e0:5e:17:9a:44:e6:b3:f1:1d:5d:05:4a:87:
24:73:c3:4d:d6:9e:14:6b:83:50:c0:f4:da:f4:b7:
e6:c4:2e:4b:be:5d:1b:bf:e9:a9:81:91:87:67:92:
61:0d:34:13:60:b0:f0:5f:7c:93:d2:67:f2:51:e7:
67:1e:73:6d:cb:72:6f:30:cc:3a:8b:48:c0:86:e7:
18:66:4a:ab:7d:a1:7b:7d:92:02:bd:c5:96:1c:16:
44:b3:b0:1c:f3:c4:67:7c:1e:d4:d0:9e:0c:5c:e7:
0b:22:65:61:82:4e:2c:c8:5b:01:da:70:ca:b6:0e:
bf:44:8b:87:6a:e8:cb:fb:33:dd:0b:9f:97:28:8c:
00:56:b0:ec:6c:3a:4b:1b:75:77:47:04:cc:41:a0:
30:7a:18:4e:52:da:f4:2a:79:55:9c:cf:97:cb:66:
37:63:77:06:13:39:7b:34:16:32:43:c6:00:e7:d4:
75:92:e6:a3:93:22:4e:0b:f1:ec:70:92:db:68:31:
15:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:76:F5:3D:25:C3:81:83:16:CA:DB:CE:7C:8D:4A:27:96:BA:2D:77
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/uXb1PSXDgYMWytvOfI1KJ5a6LXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.60.0/23
45.128.204.0/24
45.128.206.0/23
185.219.40.0/22
185.240.102.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:25:f0:8e:f4:10:06:61:40:c1:d7:59:f8:1a:a2:96:3e:e8:
52:a3:cf:9a:b2:2b:00:92:2a:2a:fe:d6:0f:10:17:7e:7a:8f:
c8:33:87:82:f0:80:c6:9e:e4:ad:a1:40:d2:df:4b:f6:c7:2e:
32:d4:2f:70:27:2c:e8:ce:49:e3:03:89:80:25:09:65:2b:86:
da:30:ca:e9:45:3b:65:79:8d:6e:1d:f0:38:cf:18:41:2f:28:
ff:3a:77:6f:ff:5d:f3:89:7c:a8:b4:98:a9:ce:cf:06:fd:4f:
29:b1:ad:a1:fe:3b:a3:0a:a9:b1:51:06:8c:74:fe:7f:34:73:
cc:1e:6f:35:0c:a1:d8:9a:1a:47:30:26:99:69:9b:e4:f3:8d:
74:84:73:cb:ef:51:3b:2d:14:83:d5:5a:5b:2a:e8:0f:45:36:
fb:fa:dd:74:ab:26:ab:39:5c:02:f0:61:5e:7f:4b:83:57:fa:
4e:36:7c:95:6f:e6:de:30:c0:5e:01:50:68:79:c4:b1:3d:05:
98:76:90:6a:8c:bf:fa:1f:d3:bf:16:36:2c:4d:c4:7e:e1:74:
60:98:ac:af:49:5b:46:f1:de:b1:35:14:f1:6f:87:db:2b:98:
67:96:70:e3:15:9e:ad:9f:31:3a:8f:ec:28:49:d3:99:e3:04:
09:42:e6:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvMsan6qUyFxvb5rtd3PY1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjMxMTE0MDcxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc2ZjUzZDI1YzM4MTgzMTZjYWRiY2U3YzhkNGEyNzk2YmEyZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl56YY6qmMAgjomtA0zJEXBkWeA8Y
OOzohJ59Siwf4xCryy1F2s+Thx6c6dDOi+fcayodJ/QM2xEEfry8BOBeF5pE5rPx
HV0FSockc8NN1p4Ua4NQwPTa9LfmxC5Lvl0bv+mpgZGHZ5JhDTQTYLDwX3yT0mfy
UednHnNty3JvMMw6i0jAhucYZkqrfaF7fZICvcWWHBZEs7Ac88RnfB7U0J4MXOcL
ImVhgk4syFsB2nDKtg6/RIuHaujL+zPdC5+XKIwAVrDsbDpLG3V3RwTMQaAwehhO
Utr0KnlVnM+Xy2Y3Y3cGEzl7NBYyQ8YA59R1kuajkyJOC/HscJLbaDEVJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLl29T0lw4GDFsrbznyNSieWui13MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvdVhiMVBTWERnWU1XeXR2T2ZJMUtKNWE2TFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBf08AwQA
LYDMAwQBLYDOAwQCudsoAwQAufBmMA0GCSqGSIb3DQEBCwUAA4IBAQCfJfCO9BAG
YUDB11n4GqKWPuhSo8+asisAkioq/tYPEBd+eo/IM4eC8IDGnuStoUDS30v2xy4y
1C9wJyzozknjA4mAJQllK4baMMrpRTtleY1uHfA4zxhBLyj/Ondv/13ziXyotJip
zs8G/U8psa2h/jujCqmxUQaMdP5/NHPMHm81DKHYmhpHMCaZaZvk8410hHPL71E7
LRSD1VpbKugPRTb7+t10qyarOVwC8GFef0uDV/pONnyVb+beMMBeAVBoecSxPQWY
dpBqjL/6H9O/FjYsTcR+4XRgmKyvSVtG8d6xNRTxb4fbK5hnlnDjFZ6tnzE6j+wo
SdOZ4wQJQuaL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org