Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/UPG1HsbbNxdpbMK0xfCGfVGg97M.roa
File: UPG1HsbbNxdpbMK0xfCGfVGg97M.roa (raw, json)
Hash identifier: Lf3UhymMR+gc8i1X16Jok8oKfsg+YtoXyd8aOAWKQR4=
Subject key identifier: 50:F1:B5:1E:C6:DB:37:17:69:6C:C2:B4:C5:F0:86:7D:51:A0:F7:B3
Certificate issuer: /CN=7651762de3d3f19cedd438b03cf23986ce91727f
Certificate serial: 018CC8012264155D1FFD88B44494BD1AF071
Authority key identifier: 76:51:76:2D:E3:D3:F1:9C:ED:D4:38:B0:3C:F2:39:86:CE:91:72:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/UPG1HsbbNxdpbMK0xfCGfVGg97M.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34756
IP address blocks: 77.95.96.0/21 maxlen: 21
193.138.109.0/24 maxlen: 24
45.15.12.0/22 maxlen: 22
185.47.236.0/22 maxlen: 22
195.114.12.0/24 maxlen: 24
176.58.24.0/21 maxlen: 21
176.58.30.0/24 maxlen: 24
176.58.31.0/24 maxlen: 24
195.230.110.0/24 maxlen: 24
2a03:fc00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 06 Mar 2024 11:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:22:64:15:5d:1f:fd:88:b4:44:94:bd:1a:f0:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7651762de3d3f19cedd438b03cf23986ce91727f
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50f1b51ec6db3717696cc2b4c5f0867d51a0f7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:81:a8:92:50:41:2a:a2:07:a6:a8:58:5f:59:
ce:42:f8:45:7b:2f:6f:28:92:f7:e1:86:1c:12:a2:
d0:ad:47:95:17:5e:e7:28:5b:64:8e:ce:32:94:a6:
f3:70:75:e4:dc:b1:e2:e4:a5:62:7f:5f:a9:6a:c7:
fc:ce:77:cc:e8:c7:c3:73:d3:9b:14:c1:f4:34:31:
2b:c8:fe:a6:7b:c2:72:bf:db:a7:e0:24:cf:d6:e2:
45:15:cb:c3:ad:e9:bf:1d:a6:84:7b:ed:a9:9d:24:
72:6f:65:38:11:bf:62:37:9b:cc:64:80:7b:a9:34:
b3:57:84:50:a9:5b:b4:ca:c6:50:3a:a4:94:e6:04:
b8:47:aa:8a:93:1e:c0:b4:88:a2:a8:e1:bd:a3:7f:
f4:2e:1b:08:75:f7:36:d9:9a:0e:2a:e2:cf:aa:de:
98:0a:1c:2b:cf:18:e4:9e:75:d9:67:0c:5e:79:29:
86:9f:93:46:5c:1a:87:80:17:35:7b:20:80:61:07:
91:54:50:dc:a7:be:0c:70:e9:02:3a:24:05:3f:17:
ac:64:28:6e:11:ba:6a:6e:ad:ea:81:6e:8a:57:6d:
93:4d:88:72:d0:1e:b5:fe:3a:5e:33:7f:77:83:35:
9d:dc:f0:3a:05:40:da:fd:8e:be:2f:87:59:54:5d:
2b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F1:B5:1E:C6:DB:37:17:69:6C:C2:B4:C5:F0:86:7D:51:A0:F7:B3
X509v3 Authority Key Identifier:
keyid:76:51:76:2D:E3:D3:F1:9C:ED:D4:38:B0:3C:F2:39:86:CE:91:72:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/UPG1HsbbNxdpbMK0xfCGfVGg97M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e2808-e8f4-42a7-a827-7abce600c218/1/dlF2LePT8Zzt1DiwPPI5hs6Rcn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.12.0/22
77.95.96.0/21
176.58.24.0/21
185.47.236.0/22
193.138.109.0/24
195.114.12.0/24
195.230.110.0/24
IPv6:
2a03:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
46:ba:3c:6d:44:fc:87:9e:4d:34:8d:14:bc:14:6f:da:42:24:
f4:bd:4d:a8:db:5c:85:10:72:1b:97:91:89:af:08:c7:c4:a9:
3b:c4:37:f5:48:88:ce:05:51:1b:9e:e9:15:c3:d8:74:4f:d4:
0e:2a:5b:90:54:d2:08:fc:69:b8:e6:40:67:8e:59:28:b4:7f:
e9:13:80:09:df:29:bb:6d:f0:a1:b6:ff:26:48:b0:e9:cf:62:
fd:c1:d1:a4:2b:15:c4:fe:a6:be:ea:a8:43:51:a6:3a:5d:8a:
12:ce:17:98:6a:9d:bc:a3:29:5a:65:68:c2:1d:ad:2d:a6:f0:
98:4d:9e:d7:4a:69:b5:18:16:f4:30:cf:a4:40:da:1b:55:76:
a3:d0:72:a4:c7:a1:c8:1c:58:79:d5:59:b2:2b:d3:db:6c:b3:
08:21:38:1f:a0:b0:4a:6b:31:5f:14:29:72:62:b1:9f:ed:ca:
af:a7:22:b3:57:69:3f:ed:52:b6:c4:92:61:c9:99:f1:0c:92:
e9:17:73:77:65:c0:d7:99:7b:82:4c:d4:20:79:73:37:d1:df:
01:9b:e7:f1:6f:e3:e8:8c:6b:80:50:ca:a1:eb:6a:52:76:a9:
37:6b:a5:21:c9:81:dd:ad:3e:ca:fd:71:c4:8c:36:46:24:bc:
d6:ca:34:e6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzIASJkFV0f/Yi0RJS9GvBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NTE3NjJkZTNkM2YxOWNlZGQ0MzhiMDNjZjIzOTg2Y2U5
MTcyN2YwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGYxYjUxZWM2ZGIzNzE3Njk2Y2MyYjRjNWYwODY3ZDUxYTBmN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoGoklBBKqIHpqhYX1nOQvhFey9v
KJL34YYcEqLQrUeVF17nKFtkjs4ylKbzcHXk3LHi5KVif1+pasf8znfM6MfDc9Ob
FMH0NDEryP6me8Jyv9un4CTP1uJFFcvDrem/HaaEe+2pnSRyb2U4Eb9iN5vMZIB7
qTSzV4RQqVu0ysZQOqSU5gS4R6qKkx7AtIiiqOG9o3/0LhsIdfc22ZoOKuLPqt6Y
ChwrzxjknnXZZwxeeSmGn5NGXBqHgBc1eyCAYQeRVFDcp74McOkCOiQFPxesZChu
Ebpqbq3qgW6KV22TTYhy0B61/jpeM393gzWd3PA6BUDa/Y6+L4dZVF0rlwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFDxtR7G2zcXaWzCtMXwhn1RoPezMB8GA1UdIwQY
MBaAFHZRdi3j0/Gc7dQ4sDzyOYbOkXJ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGxGMkxlUFQ4Wnp0MURpd1BQSTVoczZSY244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80ZTI4MDgtZThmNC00MmE3LWE4Mjct
N2FiY2U2MDBjMjE4LzEvVVBHMUhzYmJOeGRwYk1LMHhmQ0dmVkdnOTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80ZTI4MDgtZThmNC00MmE3LWE4MjctN2FiY2U2MDBjMjE4
LzEvZGxGMkxlUFQ4Wnp0MURpd1BQSTVoczZSY244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLQ8MAwQD
TV9gAwQDsDoYAwQCuS/sAwQAwYptAwQAw3IMAwQAw+ZuMA0EAgACMAcDBQMqA/wA
MA0GCSqGSIb3DQEBCwUAA4IBAQBGujxtRPyHnk00jRS8FG/aQiT0vU2o21yFEHIb
l5GJrwjHxKk7xDf1SIjOBVEbnukVw9h0T9QOKluQVNII/Gm45kBnjlkotH/pE4AJ
3ym7bfChtv8mSLDpz2L9wdGkKxXE/qa+6qhDUaY6XYoSzheYap28oylaZWjCHa0t
pvCYTZ7XSmm1GBb0MM+kQNobVXaj0HKkx6HIHFh51VmyK9PbbLMIITgfoLBKazFf
FClyYrGf7cqvpyKzV2k/7VK2xJJhyZnxDJLpF3N3ZcDXmXuCTNQgeXM30d8Bm+fx
b+PojGuAUMqh62pSdqk3a6UhyYHdrT7K/XHEjDZGJLzWyjTm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:27 2024 by rpki-client on console-ams.rpki-client.org