Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/ui7xdRs9JA1ZFUl7MG_A5agRv3U.roa
File: ui7xdRs9JA1ZFUl7MG_A5agRv3U.roa (raw, json)
Hash identifier: C23DJUAEUpoLXI1mhfDE4BlN9epmrVFdfuf0Nire1dE=
Subject key identifier: BA:2E:F1:75:1B:3D:24:0D:59:15:49:7B:30:6F:C0:E5:A8:11:BF:75
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018B85AD696CACD7BCF881173B0EFB28520D
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/ui7xdRs9JA1ZFUl7MG_A5agRv3U.roa
Signing time: Tue 31 Oct 2023 12:20:16 +0000
ROA not before: Tue 31 Oct 2023 12:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200462
IP address blocks: 94.247.43.0/24 maxlen: 32
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
5.180.195.0/24 maxlen: 24
45.86.124.0/22 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:ad:69:6c:ac:d7:bc:f8:81:17:3b:0e:fb:28:52:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Oct 31 12:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba2ef1751b3d240d5915497b306fc0e5a811bf75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0b:20:4d:d5:8b:23:3e:81:dd:45:d9:aa:cb:
72:96:cc:e2:b2:df:1e:53:24:b1:5f:33:fb:f3:64:
8e:7e:65:4c:69:ac:83:58:d9:4c:fa:6d:64:89:88:
10:40:4a:7c:ba:f1:52:ab:81:30:ed:38:44:9b:77:
94:88:b0:f6:eb:51:e1:59:04:2b:39:f1:14:5b:a5:
59:d2:9e:06:8b:c2:06:b4:7a:06:df:73:2e:e4:30:
5d:3b:18:d8:f6:fb:2b:ad:66:11:fb:a0:06:07:03:
75:4b:f6:bb:39:76:3a:0c:77:5d:8b:9c:70:49:d0:
c6:ab:df:8b:d6:65:2c:fa:e2:d0:45:79:be:b9:4f:
df:df:20:e9:db:31:69:9c:0f:cf:60:fa:c0:4d:c7:
89:04:5f:44:bf:5d:e7:3c:a6:b1:be:ff:58:7b:eb:
25:56:de:c8:6c:ae:8c:c0:57:9b:f7:ed:27:fe:79:
55:5b:71:09:df:15:fa:46:c2:80:44:bf:72:51:6d:
eb:a5:69:9f:a3:86:88:a6:d8:95:b4:76:8d:a2:3c:
0e:7e:44:d2:7c:a1:41:79:fb:ec:99:23:e4:f8:fc:
64:e6:72:1b:e9:8d:87:13:f1:fa:a4:dd:fd:1f:88:
6c:d9:28:05:56:d7:9d:4f:34:dd:a1:1c:84:0f:e0:
93:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:2E:F1:75:1B:3D:24:0D:59:15:49:7B:30:6F:C0:E5:A8:11:BF:75
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/ui7xdRs9JA1ZFUl7MG_A5agRv3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
5.180.195.0/24
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
45:71:d6:0b:31:b4:f9:69:bf:1b:25:c9:ae:d1:cb:f2:e7:b1:
b2:9f:81:5e:39:ef:74:d1:94:47:eb:07:32:59:a1:85:7e:42:
73:7d:27:ae:a5:27:72:2b:2d:12:2b:f1:fe:7e:ed:ba:f9:69:
08:10:46:fe:6e:38:dc:84:8b:1d:d6:66:cc:c9:f6:08:43:44:
09:d4:0a:0f:a0:84:ba:1f:fb:b0:7d:ce:e9:15:b4:52:c3:f0:
47:15:cc:80:ff:0f:0e:fd:b1:d0:f4:f7:57:29:58:37:17:e4:
a2:cd:68:b4:9d:bb:a1:cf:e7:1a:8c:58:d0:6b:c7:46:79:e6:
d9:30:58:e3:cc:77:65:ba:b9:6e:a4:55:b6:ae:4a:f9:25:63:
92:26:e9:55:14:31:43:37:5a:a4:f9:01:b6:64:95:3f:de:d3:
80:d3:10:4d:2c:9f:2c:0a:08:bc:f4:02:dd:0c:fa:33:c3:63:
80:eb:70:49:54:1f:6c:0c:71:11:ef:ff:ef:f2:5a:1d:62:28:
c9:08:0f:a8:de:bb:44:1b:49:10:84:7e:7b:9f:88:da:fb:af:
03:18:1a:3a:95:f8:b0:8f:7d:64:1e:53:4d:30:c6:b5:58:48:
0e:09:10:a0:52:05:7a:93:11:39:48:1e:89:9d:fe:d7:03:e1:
52:f1:7b:e9
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYuFrWlsrNe8+IEXOw77KFINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMxMDMxMTIyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTJlZjE3NTFiM2QyNDBkNTkxNTQ5N2IzMDZmYzBlNWE4MTFiZjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAsgTdWLIz6B3UXZqstylszist8e
UySxXzP782SOfmVMaayDWNlM+m1kiYgQQEp8uvFSq4Ew7ThEm3eUiLD261HhWQQr
OfEUW6VZ0p4Gi8IGtHoG33Mu5DBdOxjY9vsrrWYR+6AGBwN1S/a7OXY6DHddi5xw
SdDGq9+L1mUs+uLQRXm+uU/f3yDp2zFpnA/PYPrATceJBF9Ev13nPKaxvv9Ye+sl
Vt7IbK6MwFeb9+0n/nlVW3EJ3xX6RsKARL9yUW3rpWmfo4aIptiVtHaNojwOfkTS
fKFBefvsmSPk+Pxk5nIb6Y2HE/H6pN39H4hs2SgFVtedTzTdoRyED+CTpQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFLou8XUbPSQNWRVJezBvwOWoEb91MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvdWk3eGRSczlKQTFaRlVsN01HX0E1YWdSdjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQB
BbTAAwQABbTDAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAEVx1gsxtPlp
vxslya7Ry/LnsbKfgV4573TRlEfrBzJZoYV+QnN9J66lJ3IrLRIr8f5+7br5aQgQ
Rv5uONyEix3WZszJ9ghDRAnUCg+ghLof+7B9zukVtFLD8EcVzID/Dw79sdD091cp
WDcX5KLNaLSdu6HP5xqMWNBrx0Z55tkwWOPMd2W6uW6kVbauSvklY5Im6VUUMUM3
WqT5AbZklT/e04DTEE0snywKCLz0At0M+jPDY4DrcElUH2wMcRHv/+/yWh1iKMkI
D6jeu0QbSRCEfnufiNr7rwMYGjqV+LCPfWQeU00wxrVYSA4JEKBSBXqTETlIHomd
/tcD4VLxe+k=
-----END CERTIFICATE-----
Generated at Wed Nov 22 15:42:44 2023 by rpki-client on console-fra.rpki-client.org