Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UW5Bg4Q--zPOgaMCgx6ntXP-JCY.roa
File: UW5Bg4Q--zPOgaMCgx6ntXP-JCY.roa (raw, json)
Hash identifier: CfBiOCM3f7fNdGnFQQU5WGtgAA6EWULuDcrSyU6gos8=
Subject key identifier: 51:6E:41:83:84:3E:FB:33:CE:81:A3:02:83:1E:A7:B5:73:FE:24:26
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C1A7159BDA25DE68DD03C92E1C8E8
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UW5Bg4Q--zPOgaMCgx6ntXP-JCY.roa
Signing time: Mon 02 Jan 2023 05:54:56 +0000
ROA not before: Mon 02 Jan 2023 05:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28753
IP address blocks: 185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
185.94.166.0/24 maxlen: 24
91.103.253.0/24 maxlen: 24
45.133.246.0/24 maxlen: 24
185.125.51.0/24 maxlen: 24
45.138.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 May 2023 08:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:1a:71:59:bd:a2:5d:e6:8d:d0:3c:92:e1:c8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=516e4183843efb33ce81a302831ea7b573fe2426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ad:ab:94:54:39:71:10:8b:3e:95:36:2b:74:
83:b1:31:d7:c3:f9:46:4f:14:66:13:85:51:0f:53:
a9:31:cf:2f:c4:c8:60:e0:b5:36:68:65:0a:2f:b0:
fb:c2:0d:c6:10:1b:00:eb:4d:8f:f6:11:29:49:ce:
28:60:9e:29:f2:6b:91:8a:1a:96:3e:f7:91:ba:85:
f0:e5:75:60:15:0f:b3:d0:d7:8f:d3:b3:3f:57:47:
64:e3:b4:4f:63:d2:11:06:ba:9f:01:48:62:74:d3:
7a:ab:46:70:75:d9:2d:f9:af:66:6e:ce:76:fe:79:
2a:27:74:cb:3f:9e:fc:06:19:ab:1e:fc:77:4e:37:
2e:17:6c:13:e5:f8:22:70:3c:7a:b8:0b:d7:54:86:
5c:be:54:23:52:53:56:14:49:3d:7d:b3:fb:81:6d:
8a:6b:98:d0:72:c4:ae:b4:dd:f1:15:46:e1:00:3c:
04:a8:58:7c:bb:8f:ff:24:e8:52:42:2c:2f:6b:32:
c7:de:9c:2f:26:7d:d6:92:8b:75:da:01:7c:27:7d:
a0:17:06:27:ff:b8:9a:59:c5:58:ab:29:ae:cd:11:
0c:0f:55:0a:67:17:3b:89:54:4e:82:48:c8:cd:ce:
4d:fd:13:cf:95:35:17:9d:1c:3b:9c:9e:48:d6:77:
e0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:6E:41:83:84:3E:FB:33:CE:81:A3:02:83:1E:A7:B5:73:FE:24:26
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UW5Bg4Q--zPOgaMCgx6ntXP-JCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.246.0/24
45.138.72.0/24
91.103.253.0/24
185.94.166.0/24
185.125.51.0/24
185.172.130.0/23
Signature Algorithm: sha256WithRSAEncryption
be:6d:31:5a:85:ec:e2:65:5b:53:18:23:6a:a0:f9:aa:09:68:
d5:77:d9:86:47:32:70:b2:38:e7:ff:fd:f0:5a:d0:91:86:e4:
d1:50:f3:44:93:02:ef:83:5b:b1:66:ef:6b:ef:9a:76:08:5f:
10:ca:97:5c:4d:36:ad:6c:c3:b8:60:58:8d:16:1c:6b:f4:78:
c0:c1:f5:7e:49:1c:f4:d4:d7:ca:54:81:d1:23:ae:6e:03:ec:
9f:48:e7:89:71:51:4c:26:79:e0:b2:e1:f5:8c:34:0b:f4:bd:
9e:11:c5:0d:e2:54:e6:a2:81:d7:ad:73:b2:82:f8:3b:c6:d8:
6e:49:b6:21:5b:09:9e:d9:c7:7e:cf:6f:e2:3b:7c:24:2d:a6:
e9:8e:25:52:7c:dd:20:20:46:8a:36:8b:bb:ac:fb:ec:ac:26:
9e:d9:f0:3b:9e:6d:7c:0b:8f:51:ec:8a:6f:ec:a0:b6:43:f2:
59:2b:5f:06:59:e5:6c:96:01:3c:36:7c:83:97:b2:24:bd:47:
bb:90:1f:cd:95:8a:26:76:8c:f4:8f:d9:00:62:d2:62:a2:7a:
a8:77:45:2c:a9:74:d3:08:ba:d6:bb:d1:3d:a3:a0:7c:0a:65:
c3:e5:89:c4:c2:72:f7:a3:1d:dc:ce:28:fa:f8:20:de:0a:cb:
18:a1:20:3a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxDBpxWb2iXeaN0DyS4cjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTZlNDE4Mzg0M2VmYjMzY2U4MWEzMDI4MzFlYTdiNTczZmUyNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq2rlFQ5cRCLPpU2K3SDsTHXw/lG
TxRmE4VRD1OpMc8vxMhg4LU2aGUKL7D7wg3GEBsA602P9hEpSc4oYJ4p8muRihqW
PveRuoXw5XVgFQ+z0NeP07M/V0dk47RPY9IRBrqfAUhidNN6q0Zwddkt+a9mbs52
/nkqJ3TLP578BhmrHvx3TjcuF2wT5fgicDx6uAvXVIZcvlQjUlNWFEk9fbP7gW2K
a5jQcsSutN3xFUbhADwEqFh8u4//JOhSQiwvazLH3pwvJn3Wkot12gF8J32gFwYn
/7iaWcVYqymuzREMD1UKZxc7iVROgkjIzc5N/RPPlTUXnRw7nJ5I1nfgsQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFFuQYOEPvszzoGjAoMep7Vz/iQmMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVVc1Qmc0US0telBPZ2FNQ2d4Nm50WFAtSkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYX2AwQA
LYpIAwQAW2f9AwQAuV6mAwQAuX0zAwQBuayCMA0GCSqGSIb3DQEBCwUAA4IBAQC+
bTFaheziZVtTGCNqoPmqCWjVd9mGRzJwsjjn//3wWtCRhuTRUPNEkwLvg1uxZu9r
75p2CF8QypdcTTatbMO4YFiNFhxr9HjAwfV+SRz01NfKVIHRI65uA+yfSOeJcVFM
JnngsuH1jDQL9L2eEcUN4lTmooHXrXOygvg7xthuSbYhWwme2cd+z2/iO3wkLabp
jiVSfN0gIEaKNou7rPvsrCae2fA7nm18C49R7Ipv7KC2Q/JZK18GWeVslgE8NnyD
l7IkvUe7kB/NlYomdoz0j9kAYtJionqod0UsqXTTCLrWu9E9o6B8CmXD5YnEwnL3
ox3czij6+CDeCssYoSA6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org