Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/Uw_sptte57G7qmfWs6KhiSwKwOo.roa
File: Uw_sptte57G7qmfWs6KhiSwKwOo.roa (raw, json)
Hash identifier: +RXPqSVIG6S3X3ySlTyvI5Uxq/kjKpHbIEKrf6POmTs=
Subject key identifier: 53:0F:EC:A6:DB:5E:E7:B1:BB:AA:67:D6:B3:A2:A1:89:2C:0A:C0:EA
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 018E56713BBBED156DB579D9161A9F680717
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/Uw_sptte57G7qmfWs6KhiSwKwOo.roa
Signing time: Tue 19 Mar 2024 11:20:45 +0000
ROA not before: Tue 19 Mar 2024 11:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201017
IP address blocks: 145.219.0.0/21 maxlen: 21
145.219.8.0/21 maxlen: 21
145.219.8.0/24 maxlen: 24
145.219.9.0/24 maxlen: 24
145.219.10.0/24 maxlen: 24
145.219.11.0/24 maxlen: 24
145.219.12.0/24 maxlen: 24
145.219.13.0/24 maxlen: 24
145.219.14.0/24 maxlen: 24
145.219.15.0/24 maxlen: 24
145.219.16.0/23 maxlen: 23
145.219.16.0/24 maxlen: 24
145.219.17.0/24 maxlen: 24
2a04:b0c0::/44 maxlen: 44
2a04:b0c0::/45 maxlen: 45
2a04:b0c0:8::/45 maxlen: 45
Validation: Failed, certificate revoked on Wed 03 Apr 2024 12:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:71:3b:bb:ed:15:6d:b5:79:d9:16:1a:9f:68:07:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Mar 19 11:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=530feca6db5ee7b1bbaa67d6b3a2a1892c0ac0ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:e4:6c:82:93:f0:cd:fe:1c:12:57:7e:b9:
58:10:92:69:3a:92:32:93:57:45:57:d6:a1:c2:32:
8f:a9:54:43:d8:24:e9:e9:9c:49:33:31:7d:59:e1:
fd:64:a3:a3:fe:d2:07:93:8e:1e:ef:d4:96:b3:a0:
78:70:1b:18:5a:f0:73:8c:77:74:b6:01:84:56:ff:
26:6d:c0:da:0f:0f:1e:79:fd:7c:92:48:82:69:20:
75:66:da:bb:09:d9:5a:d7:ab:d7:aa:80:2e:20:e4:
67:fd:1f:e5:78:98:f0:b1:2e:18:e9:12:53:37:d0:
14:1c:72:3e:c8:6a:1c:56:ad:7d:66:a7:83:5c:16:
81:04:74:c3:d3:30:ae:82:44:09:c5:f6:34:e8:da:
c0:a6:f1:41:66:f1:3a:1e:50:44:9b:cf:93:34:90:
d4:69:d3:e6:9f:04:1b:02:30:9a:d8:70:9c:15:5d:
b7:be:92:10:10:d4:d0:5d:ee:3d:02:32:83:be:58:
1c:df:c7:d9:79:7d:6c:a5:d4:c0:7c:2f:30:81:f1:
c5:44:92:c5:20:7e:b9:db:a9:5d:18:9e:77:94:ad:
d9:8d:55:2f:08:d7:32:35:15:f1:ab:27:2c:b1:ea:
51:4e:d7:3d:9e:85:f0:dc:88:25:85:2e:a8:30:77:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:0F:EC:A6:DB:5E:E7:B1:BB:AA:67:D6:B3:A2:A1:89:2C:0A:C0:EA
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/Uw_sptte57G7qmfWs6KhiSwKwOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.0.0-145.219.17.255
IPv6:
2a04:b0c0::/44
Signature Algorithm: sha256WithRSAEncryption
8f:56:9a:5c:99:a6:d8:3e:8d:7d:7d:a6:0c:bc:09:79:a6:dc:
ea:57:7a:7a:81:b4:5f:44:d0:2a:62:54:e9:93:2b:d8:cf:15:
66:74:76:7e:c9:f8:dd:4d:18:ff:dc:b3:00:12:d1:db:e0:bf:
3d:e6:df:eb:b4:bd:24:66:06:63:ec:5d:55:dd:c1:63:8b:07:
35:fb:d8:4a:f4:99:53:5a:e4:d7:c3:38:15:ea:db:c0:15:32:
30:c8:b2:fe:26:d7:e3:cf:ce:67:b0:62:54:7a:02:37:fd:39:
fb:2a:f0:77:1c:4c:b0:10:78:5b:fa:92:5f:ca:38:76:6f:9a:
b3:53:e4:b5:ee:0e:4d:41:fe:98:d4:ce:ed:ec:ad:b2:70:4d:
93:79:dc:9d:e0:8c:b5:fb:8d:d9:3b:70:f3:30:d7:67:ad:1e:
63:d2:93:d8:2d:15:b2:c5:d7:7f:a8:ac:76:35:42:8e:7e:f5:
22:38:d4:e6:76:cb:57:87:c0:b3:38:34:dd:47:65:a8:57:4c:
0e:c5:df:4e:23:d4:20:8b:e2:60:66:e3:6e:c7:73:22:4a:7f:
89:8d:ca:99:e8:97:08:32:b9:b3:5d:06:53:82:aa:81:e8:b8:
69:14:03:d7:5c:01:6e:39:44:e1:c7:2b:42:af:ec:f1:57:db:
41:cb:0d:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5WcTu77RVttXnZFhqfaAcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwMzE5MTEyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzBmZWNhNmRiNWVlN2IxYmJhYTY3ZDZiM2EyYTE4OTJjMGFjMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPLkbIKT8M3+HBJXfrlYEJJpOpIy
k1dFV9ahwjKPqVRD2CTp6ZxJMzF9WeH9ZKOj/tIHk44e79SWs6B4cBsYWvBzjHd0
tgGEVv8mbcDaDw8eef18kkiCaSB1Ztq7Cdla16vXqoAuIORn/R/leJjwsS4Y6RJT
N9AUHHI+yGocVq19ZqeDXBaBBHTD0zCugkQJxfY06NrApvFBZvE6HlBEm8+TNJDU
adPmnwQbAjCa2HCcFV23vpIQENTQXe49AjKDvlgc38fZeX1spdTAfC8wgfHFRJLF
IH6526ldGJ53lK3ZjVUvCNcyNRXxqycssepRTtc9noXw3IglhS6oMHfGkwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFMP7KbbXuexu6pn1rOioYksCsDqMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvVXdfc3B0dGU1N0c3cW1mV3M2S2hpU3dLd09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjATBAIAATANMAsDAwCR2wME
AZHbEDAPBAIAAjAJAwcEKgSwwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCPVppcmabY
Po19faYMvAl5ptzqV3p6gbRfRNAqYlTpkyvYzxVmdHZ+yfjdTRj/3LMAEtHb4L89
5t/rtL0kZgZj7F1V3cFjiwc1+9hK9JlTWuTXwzgV6tvAFTIwyLL+Jtfjz85nsGJU
egI3/Tn7KvB3HEywEHhb+pJfyjh2b5qzU+S17g5NQf6Y1M7t7K2ycE2Tedyd4Iy1
+43ZO3DzMNdnrR5j0pPYLRWyxdd/qKx2NUKOfvUiONTmdstXh8CzODTdR2WoV0wO
xd9OI9Qgi+JgZuNux3MiSn+JjcqZ6JcIMrmzXQZTgqqB6LhpFAPXXAFuOUThxytC
r+zxV9tByw1k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:11 2024 by rpki-client on console-fra.rpki-client.org