Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/UAAE9LhlASzd1A52haR5cxLDJu8.roa
File: UAAE9LhlASzd1A52haR5cxLDJu8.roa (raw, json)
Hash identifier: RE2Dnq0o523CQX4Gpp7LGk3Z22tpPy4uate8HSFqNqA=
Subject key identifier: 50:00:04:F4:B8:65:01:2C:DD:D4:0E:76:85:A4:79:73:12:C3:26:EF
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E1E6BE143C64C4CDF9AB0C59E2FB2587B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/UAAE9LhlASzd1A52haR5cxLDJu8.roa
Signing time: Fri 08 Mar 2024 14:16:10 +0000
ROA not before: Fri 08 Mar 2024 14:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211619
IP address blocks: 5.182.115.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.236.0/24 maxlen: 24
88.209.237.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.246.0/24 maxlen: 24
88.209.247.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 14:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:6b:e1:43:c6:4c:4c:df:9a:b0:c5:9e:2f:b2:58:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 8 14:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=500004f4b865012cddd40e7685a4797312c326ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4a:b1:09:bf:cc:df:c8:a0:dd:39:d6:98:ba:
5d:a0:32:f7:8d:33:2b:1e:06:64:0d:1d:0a:0e:06:
5d:14:f1:1b:49:ac:75:37:e3:35:dc:aa:c9:b9:b9:
96:9c:46:81:43:10:0a:ae:9f:84:5f:f4:ed:ce:86:
64:14:2b:26:a2:63:69:fe:05:9f:51:60:95:1d:8d:
c2:54:27:36:1f:0b:c6:f5:4c:d9:a7:44:2e:e8:4e:
4a:4c:f0:28:51:8d:34:f7:25:8a:b9:e6:b5:44:9f:
09:77:16:14:43:cd:80:c8:6a:f9:69:92:8c:0e:b3:
7c:7f:ea:c7:25:aa:21:08:76:80:5d:1d:09:37:98:
45:e3:14:f7:89:2c:20:26:1d:d3:a0:98:dc:7c:9d:
d8:99:95:12:f8:a1:e7:ce:af:10:09:da:9b:2a:0a:
43:f3:1c:36:cc:cf:02:bf:a9:f5:0d:01:51:59:96:
2b:15:2e:68:7a:a8:8a:87:ea:78:d1:ed:d4:23:d1:
80:ea:f9:3a:1d:6f:b8:7e:09:e1:f5:99:0e:ad:cb:
95:e1:36:ab:2f:b4:c0:3d:6f:7a:cc:fd:a5:21:b5:
2b:a7:82:2d:c2:79:9b:7f:0d:03:e9:0e:97:34:a1:
9a:33:4e:6b:84:6e:4b:a7:08:76:33:a4:b9:71:d0:
41:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:00:04:F4:B8:65:01:2C:DD:D4:0E:76:85:A4:79:73:12:C3:26:EF
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/UAAE9LhlASzd1A52haR5cxLDJu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.115.0/24
45.9.168.0/24
77.242.152.0/24
83.137.157.0-83.137.158.255
88.209.206.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
76:33:d4:50:2d:57:92:cd:4f:2b:1b:88:3e:64:2b:67:82:22:
fd:28:67:0e:69:0d:a9:1b:bc:b1:67:24:01:52:a1:28:ec:ac:
a3:ca:e8:28:29:9a:48:85:a0:d6:fc:2e:0a:f0:b5:33:a7:2c:
63:fc:90:cc:1f:5e:c4:f8:53:2a:db:dc:85:de:ea:0a:36:62:
0c:10:cf:09:a5:5d:78:35:e1:46:ab:22:8f:06:f5:9e:8a:3e:
a8:52:be:e8:b7:e8:36:31:db:16:62:c2:ad:ac:98:db:a2:8e:
25:f2:9f:90:03:79:0b:68:1b:24:24:83:ce:07:25:ac:0c:13:
aa:f3:b1:f0:82:f5:45:3e:44:6e:35:ef:84:57:e5:e5:78:b6:
27:b1:dd:7b:18:41:39:6f:8b:27:3e:a5:a2:72:f3:a4:52:8d:
fc:07:a5:b6:8f:3e:16:1c:81:9b:bb:06:1c:7a:42:42:d2:b9:
27:36:36:76:d7:49:ab:05:22:23:20:ac:41:86:9b:e6:ac:4e:
e6:49:4b:0f:56:22:3e:98:9e:bd:69:ca:e2:d6:68:73:2a:1c:
6d:fc:e7:a5:dd:08:0e:56:b7:b8:5f:b0:6e:e5:18:dc:bd:9d:
06:40:d9:49:4c:0b:57:c4:61:32:fc:c8:76:0c:0c:15:ff:e9:
aa:8c:77:1b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY4ea+FDxkxM35qwxZ4vslh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzA4MTQxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDAwMDRmNGI4NjUwMTJjZGRkNDBlNzY4NWE0Nzk3MzEyYzMyNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukqxCb/M38ig3TnWmLpdoDL3jTMr
HgZkDR0KDgZdFPEbSax1N+M13KrJubmWnEaBQxAKrp+EX/TtzoZkFCsmomNp/gWf
UWCVHY3CVCc2HwvG9UzZp0Qu6E5KTPAoUY009yWKuea1RJ8JdxYUQ82AyGr5aZKM
DrN8f+rHJaohCHaAXR0JN5hF4xT3iSwgJh3ToJjcfJ3YmZUS+KHnzq8QCdqbKgpD
8xw2zM8Cv6n1DQFRWZYrFS5oeqiKh+p40e3UI9GA6vk6HW+4fgnh9ZkOrcuV4Tar
L7TAPW96zP2lIbUrp4Itwnmbfw0D6Q6XNKGaM05rhG5Lpwh2M6S5cdBBzwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFFAABPS4ZQEs3dQOdoWkeXMSwybvMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVUFBRTlMaGxBU3pkMUE1MmhhUjVjeExESnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQABbZzAwQA
LQmoAwQATfKYMAwDBABTiZ0DBABTiZ4DBABY0c4DBABY0dsDBABY0eQDBAJY0ewD
BAFY0fYDBABY0f4wDAMEAFw02QMEAFw02gMEAMIpLzANBgkqhkiG9w0BAQsFAAOC
AQEAdjPUUC1Xks1PKxuIPmQrZ4Ii/ShnDmkNqRu8sWckAVKhKOyso8roKCmaSIWg
1vwuCvC1M6csY/yQzB9exPhTKtvchd7qCjZiDBDPCaVdeDXhRqsijwb1noo+qFK+
6LfoNjHbFmLCrayY26KOJfKfkAN5C2gbJCSDzgclrAwTqvOx8IL1RT5EbjXvhFfl
5Xi2J7HdexhBOW+LJz6lonLzpFKN/Aelto8+FhyBm7sGHHpCQtK5JzY2dtdJqwUi
IyCsQYab5qxO5klLD1YiPpievWnK4tZocyocbfznpd0IDla3uF+wbuUY3L2dBkDZ
SUwLV8RhMvzIdgwMFf/pqox3Gw==
-----END CERTIFICATE-----
Generated at Fri Mar 8 19:35:32 2024 by rpki-client on console-fra.rpki-client.org