Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UJeO-YOD7K8dVWs_Tf9f0xdbryY.roa
File: UJeO-YOD7K8dVWs_Tf9f0xdbryY.roa (raw, json)
Hash identifier: CCwDXvUknUjEZANQBn6V1EROS1InCRUbmpcjboAA4Vs=
Subject key identifier: 50:97:8E:F9:83:83:EC:AF:1D:55:6B:3F:4D:FF:5F:D3:17:5B:AF:26
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018FD4DB3935CAA4B9A7CF5529CFFF6D331F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UJeO-YOD7K8dVWs_Tf9f0xdbryY.roa
Signing time: Sat 01 Jun 2024 17:31:27 +0000
ROA not before: Sat 01 Jun 2024 17:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.147.224.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 12:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:db:39:35:ca:a4:b9:a7:cf:55:29:cf:ff:6d:33:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 1 17:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50978ef98383ecaf1d556b3f4dff5fd3175baf26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:59:57:f3:ac:00:4d:86:32:06:08:0c:32:2e:
0a:c6:da:6b:c4:dd:a4:e4:1b:58:e9:5b:df:28:ea:
67:0f:ba:4c:8d:b7:ea:f9:20:a8:27:26:6a:39:fb:
4e:5c:79:b9:22:87:76:6d:df:ba:cf:d6:d4:c9:1f:
3b:d4:1b:69:a7:75:d0:01:5e:0d:8a:1e:6f:86:ec:
f4:21:89:77:3d:ee:5e:ee:0e:bd:b9:2f:ff:54:12:
fb:4a:0b:8c:98:c4:7c:de:99:63:5c:84:a0:20:ac:
00:2b:ed:a0:92:92:b3:93:58:d6:fb:6e:76:ae:36:
07:89:78:7c:6c:19:a6:0a:f0:fb:ac:50:11:1d:1a:
d0:44:f8:02:82:98:ae:28:ee:69:0e:62:3b:b6:22:
19:f1:a9:e7:28:d0:50:67:1d:b5:0f:ea:d5:f4:bc:
b1:7e:b9:d8:12:26:7e:e8:3f:bd:44:f7:aa:69:19:
7e:8a:24:32:c6:aa:17:0b:90:43:eb:b2:84:0a:9c:
b0:33:79:5b:56:11:05:31:35:78:32:7b:fd:36:a7:
30:0b:45:6e:37:16:e1:fd:23:04:39:36:ac:49:55:
dc:52:9b:41:8f:27:9d:8e:83:3f:3a:95:77:a4:a7:
e9:ec:b5:eb:03:bc:b2:4d:6f:a4:ec:e8:d4:48:2d:
39:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:97:8E:F9:83:83:EC:AF:1D:55:6B:3F:4D:FF:5F:D3:17:5B:AF:26
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UJeO-YOD7K8dVWs_Tf9f0xdbryY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.222.30.0/24
194.5.67.0/24
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
74:18:c8:f2:e5:c0:83:79:91:3c:24:b1:0a:53:3c:17:6f:df:
26:47:87:a6:25:f0:a9:8c:79:a4:1c:da:74:91:35:1e:2a:ab:
66:4f:d5:a0:3e:54:7d:0a:83:2a:11:79:e4:56:eb:9a:aa:2b:
eb:2d:b0:94:50:7c:a5:97:b9:21:6e:99:5f:fd:c6:0a:19:da:
bf:0e:34:c3:c4:fc:81:34:44:e3:9c:57:cf:a7:95:0b:7c:60:
93:4e:69:7b:a7:ea:02:b1:23:8a:94:55:62:07:39:46:79:5e:
d2:36:78:b8:21:78:14:68:29:e1:79:16:26:21:80:be:ec:c0:
ae:bb:ca:17:81:5d:6c:ce:a6:20:5f:ee:a3:ad:8f:fb:31:fc:
a6:e4:11:7a:13:63:1a:36:7b:c1:a7:06:f5:90:bd:69:09:d5:
d1:72:b6:d8:c6:40:54:c4:e4:14:98:b3:3b:2d:f3:05:3b:ea:
02:7f:f5:6d:ce:1c:cb:9b:da:85:4b:a3:79:cc:25:b7:33:e0:
9d:cf:7d:17:31:24:f2:21:03:45:fc:48:b8:22:55:ee:f5:c9:
e1:b1:bd:45:b2:11:6e:0b:81:64:fd:ea:14:05:71:9b:40:ed:
6d:c8:bf:b5:ef:c8:d2:ed:4c:4c:cd:0a:97:dd:70:86:76:b0:
57:0a:d1:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/U2zk1yqS5p89VKc//bTMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNjAxMTczMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk3OGVmOTgzODNlY2FmMWQ1NTZiM2Y0ZGZmNWZkMzE3NWJhZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmllX86wATYYyBggMMi4KxtprxN2k
5BtY6VvfKOpnD7pMjbfq+SCoJyZqOftOXHm5Iod2bd+6z9bUyR871Btpp3XQAV4N
ih5vhuz0IYl3Pe5e7g69uS//VBL7SguMmMR83pljXISgIKwAK+2gkpKzk1jW+252
rjYHiXh8bBmmCvD7rFARHRrQRPgCgpiuKO5pDmI7tiIZ8annKNBQZx21D+rV9Lyx
frnYEiZ+6D+9RPeqaRl+iiQyxqoXC5BD67KECpywM3lbVhEFMTV4Mnv9NqcwC0Vu
Nxbh/SMEOTasSVXcUptBjyedjoM/OpV3pKfp7LXrA7yyTW+k7OjUSC05zQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFCXjvmDg+yvHVVrP03/X9MXW68mMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVUplTy1ZT0Q3SzhkVldzX1RmOWYweGRicnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZPgAwQA
ud4eAwQAwgVDAwQAwkysMA0GCSqGSIb3DQEBCwUAA4IBAQB0GMjy5cCDeZE8JLEK
UzwXb98mR4emJfCpjHmkHNp0kTUeKqtmT9WgPlR9CoMqEXnkVuuaqivrLbCUUHyl
l7khbplf/cYKGdq/DjTDxPyBNETjnFfPp5ULfGCTTml7p+oCsSOKlFViBzlGeV7S
Nni4IXgUaCnheRYmIYC+7MCuu8oXgV1szqYgX+6jrY/7Mfym5BF6E2MaNnvBpwb1
kL1pCdXRcrbYxkBUxOQUmLM7LfMFO+oCf/VtzhzLm9qFS6N5zCW3M+Cdz30XMSTy
IQNF/Ei4IlXu9cnhsb1FshFuC4Fk/eoUBXGbQO1tyL+178jS7UxMzQqX3XCGdrBX
CtGp
-----END CERTIFICATE-----
Generated at Tue Oct 8 17:14:56 2024 by rpki-client on console-fra.rpki-client.org