Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/UujddesRodwqgzsErBVxTHRgSvM.roa
File: UujddesRodwqgzsErBVxTHRgSvM.roa (raw, json)
Hash identifier: QuE3QZ+tTW2Zre/LyrL2zzJb21y20R9G9EQzzHzK4M0=
Subject key identifier: 52:E8:DD:75:EB:11:A1:DC:2A:83:3B:04:AC:15:71:4C:74:60:4A:F3
Certificate issuer: /CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Certificate serial: 018B6B2D591E84AAC5627D0A94E3AC77E2F8
Authority key identifier: DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/UujddesRodwqgzsErBVxTHRgSvM.roa
Signing time: Thu 26 Oct 2023 08:50:15 +0000
ROA not before: Thu 26 Oct 2023 08:50:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 45.9.48.0/22 maxlen: 32
185.246.172.0/22 maxlen: 32
46.232.208.0/23 maxlen: 32
45.67.132.0/22 maxlen: 32
2a09:77c0::/30 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:2d:59:1e:84:aa:c5:62:7d:0a:94:e3:ac:77:e2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Validity
Not Before: Oct 26 08:50:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52e8dd75eb11a1dc2a833b04ac15714c74604af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c2:86:b8:79:16:f2:12:dd:5a:01:91:a0:b0:
71:87:17:2e:75:11:7e:4e:bb:12:10:e5:e0:18:c5:
0a:14:b3:00:e0:4d:bc:da:d7:ac:28:f9:55:58:e9:
e4:27:ac:28:a5:78:a7:2a:b2:c1:24:39:90:88:37:
c5:d6:ed:a5:e6:dc:df:3d:50:6a:6f:6b:2a:27:95:
00:5c:83:fa:f8:1e:d4:c1:0f:01:85:fc:0c:ba:93:
24:2f:74:44:57:77:74:be:a9:fe:b1:df:7d:40:ff:
79:7d:8d:4d:9c:32:41:9b:36:88:6d:66:b9:1a:31:
14:2a:09:ac:68:bb:85:b5:e3:d7:f7:97:81:e5:86:
dd:ab:9b:9c:5d:de:3f:98:e8:92:bc:7d:9a:da:5c:
80:c1:d0:b7:15:a1:4f:5e:44:0b:ab:9e:f9:c3:18:
8d:b9:d1:31:12:c9:0d:5c:0f:c7:83:59:28:b3:2b:
b9:4d:48:3e:b5:22:d8:53:13:a2:d0:c1:67:af:91:
ca:40:52:d9:0c:07:34:30:0c:32:e2:78:9b:11:da:
46:45:c4:6b:7b:f0:ed:ad:ab:8a:1e:aa:30:54:ce:
5b:a1:cf:39:1d:3e:e4:07:2e:88:73:fb:47:70:81:
4f:0d:3f:32:0b:2c:10:03:c3:d5:ce:6c:78:bb:f6:
e4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E8:DD:75:EB:11:A1:DC:2A:83:3B:04:AC:15:71:4C:74:60:4A:F3
X509v3 Authority Key Identifier:
keyid:DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/UujddesRodwqgzsErBVxTHRgSvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.48.0/22
45.67.132.0/22
46.232.208.0/23
185.246.172.0/22
IPv6:
2a09:77c0::/30
Signature Algorithm: sha256WithRSAEncryption
21:e5:7f:04:43:5c:69:50:99:d3:ba:f9:64:3c:90:6c:86:c5:
3f:86:88:12:f7:25:88:e9:31:83:d5:a6:11:07:b3:5b:05:5b:
9f:ce:14:bb:49:fc:d7:fd:e4:fb:53:86:ab:16:2e:1f:f6:58:
e9:64:8b:3c:49:ac:55:ff:d8:04:b7:65:1b:5d:09:6b:53:f0:
83:d8:eb:65:af:bb:49:d9:66:c0:5e:34:f0:4d:17:05:c5:31:
05:07:03:3c:29:81:db:5e:4c:47:21:76:8b:a3:71:33:f1:2a:
51:22:05:78:83:35:75:f7:05:eb:ee:18:81:3e:c5:3a:ef:61:
1e:b8:3c:1c:67:0b:39:25:a3:a9:d5:df:94:8f:a6:ed:4d:04:
33:da:72:a5:15:4b:88:ac:30:1f:f3:d1:04:33:8c:ed:96:38:
82:71:7d:52:50:78:6f:5e:f3:0e:bf:49:70:4f:47:d1:b0:7a:
76:c6:5e:c9:13:bb:52:14:f7:3c:43:6f:00:d6:63:8d:c7:0c:
e9:04:86:a5:8a:10:30:6e:1a:04:52:07:fb:5a:fd:c9:e6:1f:
b4:21:40:64:51:a3:39:8d:a2:83:02:ee:a0:70:7b:f2:19:a8:
9c:ad:db:e9:06:2f:d2:84:56:3a:2a:64:9b:ba:25:9a:40:01:
f0:f5:08:a0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYtrLVkehKrFYn0KlOOsd+L4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOGY5NjFjNmVmYmI3ZjljZTc0MjE3YjFkNWRiYjU0ZTk4
MWM2ZjIwHhcNMjMxMDI2MDg1MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU4ZGQ3NWViMTFhMWRjMmE4MzNiMDRhYzE1NzE0Yzc0NjA0YWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMKGuHkW8hLdWgGRoLBxhxcudRF+
TrsSEOXgGMUKFLMA4E282tesKPlVWOnkJ6wopXinKrLBJDmQiDfF1u2l5tzfPVBq
b2sqJ5UAXIP6+B7UwQ8BhfwMupMkL3REV3d0vqn+sd99QP95fY1NnDJBmzaIbWa5
GjEUKgmsaLuFtePX95eB5Ybdq5ucXd4/mOiSvH2a2lyAwdC3FaFPXkQLq575wxiN
udExEskNXA/Hg1kosyu5TUg+tSLYUxOi0MFnr5HKQFLZDAc0MAwy4nibEdpGRcRr
e/DtrauKHqowVM5boc85HT7kBy6Ic/tHcIFPDT8yCywQA8PVzmx4u/bkHQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFLo3XXrEaHcKoM7BKwVcUx0YErzMB8GA1UdIwQY
MBaAFN+Plhxu+7f5znQhex1du1TpgcbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMt
MjdmMmJjMTYyYTA3LzEvVXVqZGRlc1JvZHdxZ3pzRXJCVnhUSFJnU3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMtMjdmMmJjMTYyYTA3
LzEvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQkwAwQC
LUOEAwQBLujQAwQCufasMA0EAgACMAcDBQIqCXfAMA0GCSqGSIb3DQEBCwUAA4IB
AQAh5X8EQ1xpUJnTuvlkPJBshsU/hogS9yWI6TGD1aYRB7NbBVufzhS7SfzX/eT7
U4arFi4f9ljpZIs8SaxV/9gEt2UbXQlrU/CD2Otlr7tJ2WbAXjTwTRcFxTEFBwM8
KYHbXkxHIXaLo3Ez8SpRIgV4gzV19wXr7hiBPsU672EeuDwcZws5JaOp1d+Uj6bt
TQQz2nKlFUuIrDAf89EEM4ztljiCcX1SUHhvXvMOv0lwT0fRsHp2xl7JE7tSFPc8
Q28A1mONxwzpBIalihAwbhoEUgf7Wv3J5h+0IUBkUaM5jaKDAu6gcHvyGaicrdvp
Bi/ShFY6KmSbuiWaQAHw9Qig
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org