Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/UpqoggXaB-6ZjTKff-QBysSJWJg.roa
File: UpqoggXaB-6ZjTKff-QBysSJWJg.roa (raw, json)
Hash identifier: O3cXD0Y2nz7LXP8Ob9fxNGHbH7BE/Ex3neHFHFLYiVM=
Subject key identifier: 52:9A:A8:82:05:DA:07:EE:99:8D:32:9F:7F:E4:01:CA:C4:89:58:98
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0190415F2D572F8E2AF926379311A2D8668E
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/UpqoggXaB-6ZjTKff-QBysSJWJg.roa
Signing time: Sat 22 Jun 2024 19:14:34 +0000
ROA not before: Sat 22 Jun 2024 19:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Jun 2024 20:37:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:41:5f:2d:57:2f:8e:2a:f9:26:37:93:11:a2:d8:66:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jun 22 19:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=529aa88205da07ee998d329f7fe401cac4895898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:37:8b:de:33:f9:5f:24:12:5d:40:4a:2a:34:
db:1d:5a:b9:c8:37:1b:66:cf:b2:8e:19:fb:59:0e:
a2:b8:5b:c0:8c:f5:cc:1a:35:34:ea:e5:35:ca:4f:
47:b0:86:7e:53:c1:6d:51:74:7e:70:df:ca:2b:c2:
a5:8f:6f:9c:38:75:22:e6:ed:16:02:77:b8:12:60:
05:2f:b1:07:4d:7b:4e:7f:f3:a1:2a:66:8f:5d:e3:
92:bd:ef:49:57:90:97:2a:4d:e0:3b:f5:e6:10:46:
c8:f4:44:f3:e9:b7:00:3e:bb:9c:eb:22:d3:21:6a:
bd:da:d4:05:71:f0:fb:d3:ce:54:80:1e:50:75:16:
44:cb:eb:bc:f5:9d:a2:73:59:1f:1c:9e:c0:92:0f:
ff:c8:da:02:b7:fb:05:9e:32:f9:9a:62:5d:11:96:
27:78:86:53:7b:0b:e1:4d:32:4f:7f:14:0f:9e:99:
ac:29:1a:eb:ca:b0:35:50:a9:45:86:f6:56:0e:d4:
a7:78:42:2b:4b:c6:95:38:0e:db:ae:74:1c:e7:c5:
8e:06:1c:24:8c:cd:85:76:ee:fe:57:9b:6e:3d:ad:
7a:ee:fb:38:91:f2:93:c1:a0:c4:89:7d:7b:09:f4:
9d:7a:6f:f1:4a:fc:25:d7:40:61:b4:08:f8:81:5b:
da:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9A:A8:82:05:DA:07:EE:99:8D:32:9F:7F:E4:01:CA:C4:89:58:98
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/UpqoggXaB-6ZjTKff-QBysSJWJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/24
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:22:ffff:ffff:ffff:ffff:ffff
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::-2a11:840:65:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
41:14:1e:ed:fe:60:80:18:6a:4a:ba:34:46:25:06:37:48:f7:
d3:3e:12:48:32:16:b8:f4:88:b6:5c:47:53:4a:4e:4d:18:55:
15:65:77:96:f1:b1:54:c0:48:e3:8d:71:3b:a9:ff:52:a0:60:
6e:0e:1d:61:91:ae:f2:16:be:44:7b:e0:16:39:65:f5:da:4d:
c4:77:e5:74:a5:3c:ca:7d:5f:79:ad:8c:21:11:79:7d:12:f2:
8e:fc:e0:2c:5d:41:5c:76:3c:f5:63:90:db:72:be:57:66:a7:
da:35:99:3d:7d:35:ae:0c:12:92:73:e8:71:f2:12:6e:9a:3c:
27:5a:d4:7b:51:98:b4:6a:1c:eb:bc:4e:da:d7:6c:8e:a8:05:
08:38:6c:17:1f:8d:85:da:51:1c:2b:a9:ce:85:be:4b:9c:de:
4e:a3:73:df:5f:d2:15:82:74:b7:b3:d0:e9:9d:6f:00:5f:81:
f3:82:ff:1a:17:ee:63:71:f6:b0:e4:51:e8:67:d2:92:56:2b:
cf:88:34:55:19:2e:80:fc:f4:af:5c:d2:5f:99:23:bb:62:71:
03:4d:49:82:78:92:30:49:6f:c6:a0:08:19:5e:46:41:7f:de:
64:06:2e:7b:aa:11:e9:6a:94:aa:13:08:b0:8e:6b:d9:e0:23:
5e:25:67:db
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZBBXy1XL44q+SY3kxGi2GaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwNjIyMTkxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjlhYTg4MjA1ZGEwN2VlOTk4ZDMyOWY3ZmU0MDFjYWM0ODk1ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzeL3jP5XyQSXUBKKjTbHVq5yDcb
Zs+yjhn7WQ6iuFvAjPXMGjU06uU1yk9HsIZ+U8FtUXR+cN/KK8Klj2+cOHUi5u0W
Ane4EmAFL7EHTXtOf/OhKmaPXeOSve9JV5CXKk3gO/XmEEbI9ETz6bcAPruc6yLT
IWq92tQFcfD7085UgB5QdRZEy+u89Z2ic1kfHJ7Akg//yNoCt/sFnjL5mmJdEZYn
eIZTewvhTTJPfxQPnpmsKRrryrA1UKlFhvZWDtSneEIrS8aVOA7brnQc58WOBhwk
jM2Fdu7+V5tuPa167vs4kfKTwaDEiX17CfSdem/xSvwl10BhtAj4gVvaFwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFFKaqIIF2gfumY0yn3/kAcrEiViYMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvVXBxb2dnWGFCLTZaalRLZmYtUUJ5c1NKV0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jAqBAIAATAkAwQALhCA
AwQBbWiYAwQAbWibAwQCk04AAwQBuX7uAwQAudUXMIG3BAIAAjCBsDASAwcBKhEI
QAAGAwcAKhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoR
CEAAGDASAwcFKhEIQAAgAwcAKhEIQAAiMBIDBwIqEQhAACQDBwAqEQhAACYDBwAq
EQhAADADBwAqEQhAADMDBwEqEQhAAEAwEgMHACoRCEAARwMHACoRCEAASAMHACoR
CEAAVDASAwcFKhEIQABgAwcBKhEIQABkMA0GCSqGSIb3DQEBCwUAA4IBAQBBFB7t
/mCAGGpKujRGJQY3SPfTPhJIMha49Ii2XEdTSk5NGFUVZXeW8bFUwEjjjXE7qf9S
oGBuDh1hka7yFr5Ee+AWOWX12k3Ed+V0pTzKfV95rYwhEXl9EvKO/OAsXUFcdjz1
Y5Dbcr5XZqfaNZk9fTWuDBKSc+hx8hJumjwnWtR7UZi0ahzrvE7a12yOqAUIOGwX
H42F2lEcK6nOhb5LnN5Oo3PfX9IVgnS3s9DpnW8AX4Hzgv8aF+5jcfaw5FHoZ9KS
VivPiDRVGS6A/PSvXNJfmSO7YnEDTUmCeJIwSW/GoAgZXkZBf95kBi57qhHpapSq
EwiwjmvZ4CNeJWfb
-----END CERTIFICATE-----
Generated at Fri Jun 28 00:01:53 2024 by rpki-client on console-fra.rpki-client.org