Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/Uh-x3c3ct8ufKsiWeGYr8sVt9SA.roa
File: Uh-x3c3ct8ufKsiWeGYr8sVt9SA.roa (raw, json)
Hash identifier: tSKOh6bwBKTKtXAnASOYpxjYffNAultiBjdfQXU4pV4=
Subject key identifier: 52:1F:B1:DD:CD:DC:B7:CB:9F:2A:C8:96:78:66:2B:F2:C5:6D:F5:20
Certificate issuer: /CN=0e2d420e661c86571089ff0b51965a86e0d7bc75
Certificate serial: 018BCE23478CC4124AEC2DDCDA75810B753C
Authority key identifier: 0E:2D:42:0E:66:1C:86:57:10:89:FF:0B:51:96:5A:86:E0:D7:BC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Di1CDmYchlcQif8LUZZahuDXvHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/Uh-x3c3ct8ufKsiWeGYr8sVt9SA.roa
Signing time: Tue 14 Nov 2023 14:01:40 +0000
ROA not before: Tue 14 Nov 2023 14:01:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 37.221.174.0/23 maxlen: 23
37.221.160.0/21 maxlen: 24
37.221.164.0/24 maxlen: 24
37.221.167.0/24 maxlen: 24
37.221.168.0/23 maxlen: 24
37.221.170.0/23 maxlen: 23
37.221.172.0/23 maxlen: 23
195.60.76.0/23 maxlen: 24
185.5.175.0/24 maxlen: 24
185.5.174.0/24 maxlen: 24
185.5.173.0/24 maxlen: 24
109.163.224.0/24 maxlen: 24
109.163.225.0/24 maxlen: 24
109.163.226.0/23 maxlen: 23
109.163.229.0/24 maxlen: 24
109.163.228.0/24 maxlen: 24
109.163.230.0/23 maxlen: 24
109.163.232.0/24 maxlen: 24
109.163.233.0/24 maxlen: 24
109.163.234.0/23 maxlen: 24
109.163.236.0/22 maxlen: 24
109.163.239.0/24 maxlen: 24
185.5.172.0/24 maxlen: 24
2a03:5180:b::/48 maxlen: 64
2a03:5180:6::/48 maxlen: 48
2a03:5180:1::/48 maxlen: 64
2a03:5180:5::/48 maxlen: 48
2a03:5180::/32 maxlen: 48
2a03:5180:8::/48 maxlen: 48
2a03:5180:3::/48 maxlen: 48
2a03:5180:7::/48 maxlen: 48
2a03:5180:2::/48 maxlen: 48
2a03:5180:1:6::/64 maxlen: 64
2a03:5180::/48 maxlen: 48
2a03:5180:11::/48 maxlen: 48
2a03:5180:4::/48 maxlen: 48
2a03:5180:9::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:23:47:8c:c4:12:4a:ec:2d:dc:da:75:81:0b:75:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e2d420e661c86571089ff0b51965a86e0d7bc75
Validity
Not Before: Nov 14 14:01:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=521fb1ddcddcb7cb9f2ac89678662bf2c56df520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f8:1d:9d:c4:b4:fe:a8:2a:61:06:a9:f6:79:
6f:27:86:f0:b2:ca:2c:86:e9:b7:9d:46:2b:11:fa:
47:5d:fd:44:d3:3e:ee:7c:72:ec:5b:d8:5a:0d:2d:
d2:17:a4:63:d6:3e:98:10:67:04:25:3b:a5:ef:fc:
0c:55:e8:0e:ef:66:2b:5a:57:fc:7b:24:3d:ec:b6:
47:a5:f0:fc:db:66:6c:75:f0:cc:a5:34:79:cf:3b:
d8:f6:32:70:5c:60:32:d8:4b:44:25:51:2d:b7:ba:
f6:dc:ff:c0:87:92:77:2e:d4:a9:f5:43:d2:09:74:
a5:a4:a6:fe:e7:5b:50:48:10:d3:53:da:e6:8a:95:
7b:15:92:7d:26:85:d3:fb:0f:3e:00:73:7f:8a:79:
1a:70:78:a6:6a:82:70:e0:70:67:57:f4:ec:8a:cd:
dc:04:22:5d:c5:11:5c:59:74:29:0e:1b:97:47:62:
7d:87:cd:5c:f1:d4:55:0c:72:b7:95:ef:bb:b7:54:
51:49:8b:84:8c:16:62:ab:d6:2c:0a:b2:d5:df:8d:
0b:7f:e7:8e:45:67:63:31:2f:c6:b5:9f:28:1f:f0:
4c:b6:cf:59:df:62:db:cd:64:5e:2a:32:ba:34:d6:
c2:e5:ac:80:5a:06:44:ad:6b:97:50:fc:76:74:8b:
05:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1F:B1:DD:CD:DC:B7:CB:9F:2A:C8:96:78:66:2B:F2:C5:6D:F5:20
X509v3 Authority Key Identifier:
keyid:0E:2D:42:0E:66:1C:86:57:10:89:FF:0B:51:96:5A:86:E0:D7:BC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Di1CDmYchlcQif8LUZZahuDXvHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/Uh-x3c3ct8ufKsiWeGYr8sVt9SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/Di1CDmYchlcQif8LUZZahuDXvHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.160.0/20
109.163.224.0/20
185.5.172.0/22
195.60.76.0/23
IPv6:
2a03:5180::/32
Signature Algorithm: sha256WithRSAEncryption
83:36:75:b0:ed:53:40:67:9c:fd:1f:04:57:ba:12:2d:7a:ad:
36:b6:d4:66:5c:00:6d:c8:af:7e:4e:db:6c:34:5e:2e:35:bb:
d8:eb:c3:8b:c2:57:0f:fe:cf:10:bd:f2:79:25:c1:e2:11:33:
41:84:45:8d:36:a6:ba:bc:65:3d:36:ea:b8:32:ef:03:6c:85:
44:6a:d1:a0:70:07:5c:30:be:b3:f7:83:00:1a:dd:8d:c1:88:
ae:5a:dd:b1:f5:dc:d0:9f:ef:7a:7e:c0:43:a3:07:dc:ff:4f:
57:d3:72:e3:ad:e4:be:ac:0e:21:e5:f1:e5:f6:18:e1:b0:2b:
8f:6a:8d:ce:ec:bb:5e:8e:de:37:0e:1e:83:1b:ba:cd:02:32:
16:60:e2:1a:5d:b0:c3:2c:44:c1:25:f7:24:84:b9:a4:fe:06:
4e:62:0e:cb:19:44:eb:a8:7b:ec:37:3b:12:c1:e3:b5:fd:d4:
1d:24:54:12:03:f4:48:88:fe:fd:1e:f2:a7:62:42:b6:ce:8d:
42:03:36:42:ad:66:86:42:d8:15:82:1d:b0:d1:f8:88:07:10:
c7:a9:62:aa:2f:14:04:14:fa:05:94:89:c1:8f:c1:1d:06:c0:
6f:04:46:14:65:3f:32:d7:32:6f:1f:cc:3c:07:42:87:c6:b4:
a8:cf:93:60
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYvOI0eMxBJK7C3c2nWBC3U8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMmQ0MjBlNjYxYzg2NTcxMDg5ZmYwYjUxOTY1YTg2ZTBk
N2JjNzUwHhcNMjMxMTE0MTQwMTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjFmYjFkZGNkZGNiN2NiOWYyYWM4OTY3ODY2MmJmMmM1NmRmNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfgdncS0/qgqYQap9nlvJ4bwssos
hum3nUYrEfpHXf1E0z7ufHLsW9haDS3SF6Rj1j6YEGcEJTul7/wMVegO72YrWlf8
eyQ97LZHpfD822ZsdfDMpTR5zzvY9jJwXGAy2EtEJVEtt7r23P/Ah5J3LtSp9UPS
CXSlpKb+51tQSBDTU9rmipV7FZJ9JoXT+w8+AHN/inkacHimaoJw4HBnV/Tsis3c
BCJdxRFcWXQpDhuXR2J9h81c8dRVDHK3le+7t1RRSYuEjBZiq9YsCrLV340Lf+eO
RWdjMS/GtZ8oH/BMts9Z32LbzWReKjK6NNbC5ayAWgZErWuXUPx2dIsFWQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFIfsd3N3LfLnyrIlnhmK/LFbfUgMB8GA1UdIwQY
MBaAFA4tQg5mHIZXEIn/C1GWWobg17x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGkxQ0RtWWNobGNRaWY4TFVaWmFodURYdkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NTAwMDktNmZhMS00ZWYxLTgzMmEt
NzUxODhiM2MxMTJlLzEvVWgteDNjM2N0OHVmS3NpV2VHWXI4c1Z0OVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NTAwMDktNmZhMS00ZWYxLTgzMmEtNzUxODhiM2MxMTJl
LzEvRGkxQ0RtWWNobGNRaWY4TFVaWmFodURYdkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJd2gAwQE
baPgAwQCuQWsAwQBwzxMMA0EAgACMAcDBQAqA1GAMA0GCSqGSIb3DQEBCwUAA4IB
AQCDNnWw7VNAZ5z9HwRXuhIteq02ttRmXABtyK9+TttsNF4uNbvY68OLwlcP/s8Q
vfJ5JcHiETNBhEWNNqa6vGU9Nuq4Mu8DbIVEatGgcAdcML6z94MAGt2NwYiuWt2x
9dzQn+96fsBDowfc/09X03LjreS+rA4h5fHl9hjhsCuPao3O7Ltejt43Dh6DG7rN
AjIWYOIaXbDDLETBJfckhLmk/gZOYg7LGUTrqHvsNzsSweO1/dQdJFQSA/RIiP79
HvKnYkK2zo1CAzZCrWaGQtgVgh2w0fiIBxDHqWKqLxQEFPoFlInBj8EdBsBvBEYU
ZT8y1zJvH8w8B0KHxrSoz5Ng
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:16 2024 by rpki-client on console-ams.rpki-client.org