Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UxqKxZUOHcZiM_VdMRvDrimcsJY.roa
File: UxqKxZUOHcZiM_VdMRvDrimcsJY.roa (raw, json)
Hash identifier: ndi/zTOyn0opGyLFLgaISH+DOlh9O6SwaQr+lVkLhcs=
Subject key identifier: 53:1A:8A:C5:95:0E:1D:C6:62:33:F5:5D:31:1B:C3:AE:29:9C:B0:96
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01910E390B1CF449E555E968A50EB00083D8
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UxqKxZUOHcZiM_VdMRvDrimcsJY.roa
Signing time: Thu 01 Aug 2024 13:55:05 +0000
ROA not before: Thu 01 Aug 2024 13:55:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200740
IP address blocks: 45.9.72.0/24 maxlen: 24
45.138.73.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
94.142.136.0/23 maxlen: 23
94.142.136.0/24 maxlen: 24
94.142.137.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.103.254.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.112.81.0/24 maxlen: 24
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.233.202.0/23 maxlen: 23
185.252.144.0/24 maxlen: 24
193.124.188.0/23 maxlen: 23
193.124.190.0/24 maxlen: 24
193.239.160.0/23 maxlen: 23
193.239.166.0/23 maxlen: 23
194.36.178.0/23 maxlen: 23
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Aug 2024 15:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0e:39:0b:1c:f4:49:e5:55:e9:68:a5:0e:b0:00:83:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 1 13:55:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=531a8ac5950e1dc66233f55d311bc3ae299cb096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d0:e8:bf:51:15:80:88:5b:75:de:8c:6e:60:
8a:5f:83:23:91:cd:20:f6:e7:b4:ac:c9:b8:aa:a2:
36:ce:8f:fa:9e:9f:a1:cc:db:55:2b:de:03:de:a8:
91:ee:f4:91:8d:67:b3:12:b3:07:dd:95:0b:7b:16:
7d:73:18:77:4d:39:8d:97:2d:78:e6:b3:ed:42:c3:
97:85:31:4c:5d:fe:bb:0a:0f:c3:98:77:c5:98:53:
61:28:99:f2:b6:db:1b:d0:bd:e3:f9:03:32:48:72:
5e:ca:eb:ba:06:11:b7:ef:76:da:1e:20:f9:66:ae:
67:02:df:b1:0f:f7:7e:ff:0a:4b:d1:eb:e1:e5:5a:
7b:d0:e2:ee:3c:a9:45:12:c3:ff:76:99:07:74:c5:
0e:3c:d7:90:4d:a9:91:72:d7:61:00:0d:6f:1c:44:
64:9e:af:2e:b7:27:e7:88:fb:17:aa:a7:dd:e2:86:
56:40:1b:ec:97:27:84:be:7c:d5:f1:c2:79:3d:37:
39:2a:b1:6e:db:91:7a:d0:3e:a3:6d:4d:fa:81:bf:
37:15:94:c4:c5:02:45:97:81:ce:1a:89:76:4d:22:
62:89:8d:95:61:a2:91:e2:92:e8:87:25:c9:1e:95:
56:bc:d7:f3:aa:2f:c8:74:10:2f:39:b3:cb:92:b3:
90:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1A:8A:C5:95:0E:1D:C6:62:33:F5:5D:31:1B:C3:AE:29:9C:B0:96
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UxqKxZUOHcZiM_VdMRvDrimcsJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
45.138.73.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
92.118.8.0/23
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.112.81.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
193.124.188.0-193.124.190.255
193.239.160.0/23
193.239.166.0/23
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:8018::/48
Signature Algorithm: sha256WithRSAEncryption
98:44:04:ee:a9:0b:33:5a:ff:ce:ac:5b:c0:02:5d:fd:3f:82:
35:5b:f0:aa:16:17:fe:5c:e7:36:35:6f:77:4f:be:64:07:c0:
ac:b9:3a:21:6d:5e:28:3d:bc:27:7a:71:4b:04:3e:8e:89:d3:
8c:1a:43:81:71:1c:74:12:1c:61:7d:59:2e:89:10:46:28:c9:
97:c7:1f:36:0d:fc:67:80:79:ec:7e:19:4c:6a:ab:f2:1b:bd:
cd:8e:04:98:60:26:86:37:1e:b8:a2:57:0d:ca:13:0d:0d:a3:
55:ce:30:90:fd:87:d7:2c:ce:73:16:79:e3:68:2b:4c:3c:75:
f5:a5:1c:f7:37:bd:48:a3:01:98:d5:36:8b:a9:83:e8:dc:84:
79:91:20:43:a4:0f:72:e0:10:ce:ea:30:93:ec:65:fc:44:c8:
cf:f4:fd:26:3b:20:ff:e4:f1:1d:cb:d9:e0:db:fc:a6:bc:90:
90:13:ff:a5:cb:fc:73:55:b6:cb:74:7e:77:4b:a7:2d:8c:9f:
e0:c3:ac:fe:44:00:40:1b:dc:b8:9f:a7:3a:e3:58:bb:7b:42:
46:4d:65:2f:e1:e0:46:89:ac:fe:48:ca:3e:be:51:29:8f:a7:
c6:64:e2:b3:b4:21:24:5b:22:ff:9e:e9:c7:56:a4:f5:af:30:
62:4e:6d:aa
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZEOOQsc9EnlVelopQ6wAIPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwODAxMTM1NTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFhOGFjNTk1MGUxZGM2NjIzM2Y1NWQzMTFiYzNhZTI5OWNiMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNDov1EVgIhbdd6MbmCKX4Mjkc0g
9ue0rMm4qqI2zo/6np+hzNtVK94D3qiR7vSRjWezErMH3ZULexZ9cxh3TTmNly14
5rPtQsOXhTFMXf67Cg/DmHfFmFNhKJnyttsb0L3j+QMySHJeyuu6BhG373baHiD5
Zq5nAt+xD/d+/wpL0evh5Vp70OLuPKlFEsP/dpkHdMUOPNeQTamRctdhAA1vHERk
nq8utyfniPsXqqfd4oZWQBvslyeEvnzV8cJ5PTc5KrFu25F60D6jbU36gb83FZTE
xQJFl4HOGol2TSJiiY2VYaKR4pLohyXJHpVWvNfzqi/IdBAvObPLkrOQYQIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFFMaisWVDh3GYjP1XTEbw64pnLCWMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVXhxS3haVU9IY1ppTV9WZE1SdkRyaW1jc0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgbUEAgABMIGuAwQA
LQlIAwQALYpJAwQALhFpAwQCUEwgAwQAW9lMAwQBXHYIAwQBXo6IMAwDBABf1gkD
BAJf1ggDBAC5KAcDBAG5XqQDBAC5ZogDBAK5Z/wDBAC5cFEDBAG5ckgDBAC5dXQD
BAC5dXcDBAC5yL4DBAG56KowDAMEBLnpUAMEALnpUgMEAbnpygMEALn8kDAMAwQC
wXy8AwQAwXy+AwQBwe+gAwQBwe+mAwQBwiSyMDwEAgACMDYDBwAqBFIAAGgDBwAq
BFIBAAIDBwAqBFIBAAQDBwEqBFIBAAYDBwAqBFIBAAkDBwAqBFIBgBgwDQYJKoZI
hvcNAQELBQADggEBAJhEBO6pCzNa/86sW8ACXf0/gjVb8KoWF/5c5zY1b3dPvmQH
wKy5OiFtXig9vCd6cUsEPo6J04waQ4FxHHQSHGF9WS6JEEYoyZfHHzYN/GeAeex+
GUxqq/Ibvc2OBJhgJoY3HriiVw3KEw0No1XOMJD9h9csznMWeeNoK0w8dfWlHPc3
vUijAZjVNoupg+jchHmRIEOkD3LgEM7qMJPsZfxEyM/0/SY7IP/k8R3L2eDb/Ka8
kJAT/6XL/HNVtst0fndLpy2Mn+DDrP5EAEAb3LifpzrjWLt7QkZNZS/h4EaJrP5I
yj6+USmPp8Zk4rO0ISRbIv+e6cdWpPWvMGJObao=
-----END CERTIFICATE-----
Generated at Mon Aug 5 18:50:06 2024 by rpki-client on console-fra.rpki-client.org