Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/UKFgDXfvP4ZxocjoHsc1uDx6jMQ.roa
File: UKFgDXfvP4ZxocjoHsc1uDx6jMQ.roa (raw, json)
Hash identifier: VhMGtuqN2MFQo1hxvctuePM66SX1OEUSxHU1EEgPKNY=
Subject key identifier: 50:A1:60:0D:77:EF:3F:86:71:A1:C8:E8:1E:C7:35:B8:3C:7A:8C:C4
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018CC795214DB3A2923F80C131A432151FF9
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/UKFgDXfvP4ZxocjoHsc1uDx6jMQ.roa
Signing time: Tue 02 Jan 2024 00:31:28 +0000
ROA not before: Tue 02 Jan 2024 00:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.107.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
5.180.104.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 16 Feb 2024 11:46:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:21:4d:b3:a2:92:3f:80:c1:31:a4:32:15:1f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jan 2 00:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50a1600d77ef3f8671a1c8e81ec735b83c7a8cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c7:e0:e3:f0:b2:52:50:8d:92:cc:48:29:cf:
80:9d:da:28:6e:9a:72:e2:79:00:82:c4:bb:48:09:
06:48:33:0d:2c:e4:9f:5d:5b:6a:65:95:d0:5e:70:
48:e2:a0:14:c3:c0:0e:9f:50:b6:34:a6:62:2d:da:
1a:91:50:a0:66:78:f8:f2:91:79:50:82:e8:a3:f3:
b2:79:f8:22:d9:83:cc:56:ad:2a:e8:41:65:fc:ac:
2d:14:06:6f:58:37:2e:b0:83:f9:99:61:74:c6:c5:
25:9e:e7:a5:1c:31:fd:31:d5:2c:af:95:e5:98:e3:
00:8f:7f:94:b0:a6:3a:df:12:c7:b5:bb:2e:94:27:
62:05:b6:02:d7:60:17:27:b0:af:3f:38:85:e7:09:
29:26:6d:0b:d1:9f:9d:ea:1c:72:de:b5:e7:bf:cb:
15:c6:3e:fc:ac:f1:73:69:ca:9e:70:68:09:e7:b4:
98:71:57:75:75:90:f2:03:51:7b:f6:9a:0d:65:8f:
fb:b9:cf:e5:93:8a:2c:c8:3e:d7:36:bc:3d:b2:27:
28:f4:f2:bc:5f:67:0e:35:12:71:55:60:2b:0d:5d:
64:20:a5:5f:5a:18:e9:2b:12:40:64:63:b1:13:31:
01:73:44:8e:bd:a8:60:3c:00:a4:eb:78:2f:3a:fd:
49:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A1:60:0D:77:EF:3F:86:71:A1:C8:E8:1E:C7:35:B8:3C:7A:8C:C4
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/UKFgDXfvP4ZxocjoHsc1uDx6jMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
5.180.107.0/24
45.131.0.0/23
45.131.3.0/24
45.136.5.0/24
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/23
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
28:1d:ef:da:03:08:f3:71:5d:77:19:12:a7:f6:46:e8:da:79:
0d:df:ed:3e:a4:3f:3b:b1:09:3b:7c:37:c8:30:f9:d0:22:b1:
02:f4:74:7a:b6:80:cb:c7:ee:f9:a2:e9:ae:f0:74:59:09:dc:
fa:d7:5d:f5:5c:2b:e7:32:ff:0b:d1:21:cb:fe:df:a5:c8:93:
d2:bc:3a:67:71:b6:53:fb:64:ca:07:68:e4:6d:29:43:4a:c6:
0f:85:2e:b0:eb:29:25:e0:aa:9e:dc:4b:1d:df:91:66:17:1c:
63:81:96:0f:56:9e:71:45:81:db:ad:c1:c4:b2:07:97:e0:fb:
87:e1:bc:a1:f5:20:01:71:70:c0:88:f3:56:6b:fc:fd:8f:e1:
2b:cd:c1:54:27:5e:0f:50:c2:71:cf:03:51:99:59:f8:7c:a5:
fd:ab:5d:17:4a:ea:ac:f3:56:cb:c9:49:f7:b1:f7:b0:20:ba:
0c:1f:cb:77:d7:20:10:24:51:52:7a:b5:b6:7e:38:fd:aa:82:
13:9a:34:74:00:88:a4:f7:aa:b1:c2:a2:81:4a:4f:45:84:7e:
58:bb:1f:86:9a:66:05:52:c1:1b:d0:da:3b:78:57:b6:6b:ab:
d2:2b:e4:d5:99:83:9e:4a:36:bf:6d:0a:52:cd:39:23:97:61:
45:61:02:90
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYzHlSFNs6KSP4DBMaQyFR/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwMTAyMDAzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGExNjAwZDc3ZWYzZjg2NzFhMWM4ZTgxZWM3MzViODNjN2E4Y2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsfg4/CyUlCNksxIKc+Andoobppy
4nkAgsS7SAkGSDMNLOSfXVtqZZXQXnBI4qAUw8AOn1C2NKZiLdoakVCgZnj48pF5
UILoo/Oyefgi2YPMVq0q6EFl/KwtFAZvWDcusIP5mWF0xsUlnuelHDH9MdUsr5Xl
mOMAj3+UsKY63xLHtbsulCdiBbYC12AXJ7CvPziF5wkpJm0L0Z+d6hxy3rXnv8sV
xj78rPFzacqecGgJ57SYcVd1dZDyA1F79poNZY/7uc/lk4osyD7XNrw9sico9PK8
X2cONRJxVWArDV1kIKVfWhjpKxJAZGOxEzEBc0SOvahgPACk63gvOv1J4QIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFFChYA137z+GcaHI6B7HNbg8eozEMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVUtGZ0RYZnZQNFp4b2Nqb0hzYzF1RHg2ak1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQABbRoAwQA
BbRrAwQBLYMAAwQALYMDAwQALYgFAwQALY2UAwQALZMsAwQCTVPIAwQBwnTkAwQB
wnTsAwQAwpIaAwQAwpIkAwQAwpIvMA0EAgACMAcDBQMqCYeAMA0GCSqGSIb3DQEB
CwUAA4IBAQAoHe/aAwjzcV13GRKn9kbo2nkN3+0+pD87sQk7fDfIMPnQIrEC9HR6
toDLx+75oumu8HRZCdz61131XCvnMv8L0SHL/t+lyJPSvDpncbZT+2TKB2jkbSlD
SsYPhS6w6ykl4Kqe3Esd35FmFxxjgZYPVp5xRYHbrcHEsgeX4PuH4byh9SABcXDA
iPNWa/z9j+ErzcFUJ14PUMJxzwNRmVn4fKX9q10XSuqs81bLyUn3sfewILoMH8t3
1yAQJFFSerW2fjj9qoITmjR0AIik96qxwqKBSk9FhH5Yux+GmmYFUsEb0No7eFe2
a6vSK+TVmYOeSja/bQpSzTkjl2FFYQKQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:45 2025 by rpki-client