Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/uOwo5_jtCB4HNCJJhXQq9PuHQLk.roa
File: uOwo5_jtCB4HNCJJhXQq9PuHQLk.roa (raw, json)
Hash identifier: 8LIG4+AUjZEyCAJUceXT0GTP4Xt/HxT8tHErJjswgyQ=
Subject key identifier: B8:EC:28:E7:F8:ED:08:1E:07:34:22:49:85:74:2A:F4:FB:87:40:B9
Certificate issuer: /CN=90b5bb80feef344650a9a773f61f0b2cfbf7ce8c
Certificate serial: 018CC4937EFDF201366DD8FBADB2D22B48E6
Authority key identifier: 90:B5:BB:80:FE:EF:34:46:50:A9:A7:73:F6:1F:0B:2C:FB:F7:CE:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLW7gP7vNEZQqadz9h8LLPv3zow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/uOwo5_jtCB4HNCJJhXQq9PuHQLk.roa
Signing time: Mon 01 Jan 2024 10:30:49 +0000
ROA not before: Mon 01 Jan 2024 10:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43191
IP address blocks: 185.80.70.0/24 maxlen: 24
185.80.70.0/23 maxlen: 23
185.80.69.0/24 maxlen: 24
185.80.68.0/23 maxlen: 23
185.80.68.0/24 maxlen: 24
185.80.71.0/24 maxlen: 24
79.170.118.0/24 maxlen: 24
79.170.119.0/24 maxlen: 24
2a03:5fe1::/32 maxlen: 32
2a03:5fe0::/32 maxlen: 32
2a03:5fe2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 15 Apr 2024 11:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7e:fd:f2:01:36:6d:d8:fb:ad:b2:d2:2b:48:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b5bb80feef344650a9a773f61f0b2cfbf7ce8c
Validity
Not Before: Jan 1 10:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8ec28e7f8ed081e0734224985742af4fb8740b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:61:48:22:1b:c6:60:9a:10:07:da:ba:42:95:
21:ea:29:63:00:d7:91:e4:d2:95:0f:8a:9b:d1:83:
e3:ed:d3:73:fb:fd:c9:8c:c1:71:0f:57:68:11:50:
92:8e:8b:4c:07:63:fb:f7:f5:b9:1a:c9:c0:bf:5c:
52:0e:dc:c3:ba:22:03:9d:b1:5b:7b:cf:5a:be:74:
61:09:f9:61:da:98:f4:ad:a1:b7:c7:19:c6:08:fb:
d8:63:5a:5d:4d:35:7c:d7:7f:d9:2a:ca:92:ae:d5:
6e:34:6b:6c:95:f3:f0:59:58:44:e0:48:6a:6f:1f:
70:7e:28:1a:85:09:f6:8a:e3:35:00:4b:ab:c6:f4:
f8:cb:c1:c3:41:cb:6f:b0:ee:e3:94:3c:54:2b:99:
5e:3b:be:26:b3:b3:72:c8:a3:8f:7a:96:15:fc:e3:
c0:49:d8:c9:bf:9d:d4:c3:2d:ad:ad:ec:f5:65:28:
57:b7:cc:82:fc:6d:a2:f0:3d:47:57:c1:ba:95:0d:
d2:e5:a9:d7:1c:54:f4:62:ff:82:cb:b3:f2:e3:ee:
5e:ee:d5:e1:15:cc:96:89:d4:38:04:b2:28:72:8f:
30:78:c8:60:14:53:d1:c4:6c:2e:1f:96:cc:ce:c7:
98:19:53:97:43:4e:91:a6:73:be:a4:44:ad:f6:10:
2a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:EC:28:E7:F8:ED:08:1E:07:34:22:49:85:74:2A:F4:FB:87:40:B9
X509v3 Authority Key Identifier:
keyid:90:B5:BB:80:FE:EF:34:46:50:A9:A7:73:F6:1F:0B:2C:FB:F7:CE:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLW7gP7vNEZQqadz9h8LLPv3zow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/uOwo5_jtCB4HNCJJhXQq9PuHQLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/052118-c46b-48b4-87dc-5ed5270edf23/1/kLW7gP7vNEZQqadz9h8LLPv3zow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.118.0/23
185.80.68.0/22
IPv6:
2a03:5fe0::-2a03:5fe2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
33:30:8f:2b:42:9e:eb:20:0c:6f:37:de:55:e0:61:61:41:8f:
b7:47:b2:42:71:a3:5a:f2:04:f5:77:40:aa:a9:c3:bb:26:0a:
3e:2a:5a:87:30:2e:a3:3a:1d:00:cf:e5:5f:54:97:7c:da:f1:
51:f8:cd:81:77:8d:be:fb:8f:5a:13:62:79:49:1f:a9:87:30:
43:72:0b:5c:60:ca:f9:07:9b:45:95:37:0c:11:7e:95:ca:3e:
91:ca:7e:1d:50:b2:93:15:77:cd:67:6a:65:de:ec:00:06:67:
23:8e:0d:fe:66:07:67:10:1a:6c:98:66:dc:15:00:68:60:c2:
9a:c2:9f:c6:a3:66:fb:f1:7a:2c:59:06:68:9f:d4:97:ab:3e:
30:0a:30:e1:3c:5f:bc:a0:22:99:fd:db:8d:92:fc:58:df:28:
b4:8b:14:e3:c2:43:bd:0a:91:5d:25:96:ff:1b:ca:3b:a1:12:
d5:f4:80:ff:3a:c7:d8:b5:ea:60:da:67:04:fc:95:f8:50:47:
dd:90:21:4f:4c:07:20:84:75:b2:e1:1f:2c:12:ca:b6:a8:e6:
33:ad:f6:96:4f:6c:0b:2e:c5:84:90:a9:03:45:1a:04:67:8e:
df:70:a2:42:e6:42:c6:ab:f8:c4:8d:0f:07:5b:38:6b:62:39:
ec:e7:25:ba
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEk3798gE2bdj7rbLSK0jmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjViYjgwZmVlZjM0NDY1MGE5YTc3M2Y2MWYwYjJjZmJm
N2NlOGMwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGVjMjhlN2Y4ZWQwODFlMDczNDIyNDk4NTc0MmFmNGZiODc0MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimFIIhvGYJoQB9q6QpUh6iljANeR
5NKVD4qb0YPj7dNz+/3JjMFxD1doEVCSjotMB2P79/W5GsnAv1xSDtzDuiIDnbFb
e89avnRhCflh2pj0raG3xxnGCPvYY1pdTTV813/ZKsqSrtVuNGtslfPwWVhE4Ehq
bx9wfigahQn2iuM1AEurxvT4y8HDQctvsO7jlDxUK5leO74ms7NyyKOPepYV/OPA
SdjJv53Uwy2trez1ZShXt8yC/G2i8D1HV8G6lQ3S5anXHFT0Yv+Cy7Py4+5e7tXh
FcyWidQ4BLIoco8weMhgFFPRxGwuH5bMzseYGVOXQ06RpnO+pESt9hAqYwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLjsKOf47QgeBzQiSYV0KvT7h0C5MB8GA1UdIwQY
MBaAFJC1u4D+7zRGUKmnc/YfCyz7986MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xXN2dQN3ZORVpRcWFkejloOExMUHYzem93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8wNTIxMTgtYzQ2Yi00OGI0LTg3ZGMt
NWVkNTI3MGVkZjIzLzEvdU93bzVfanRDQjRITkNKSmhYUXE5UHVIUUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8wNTIxMTgtYzQ2Yi00OGI0LTg3ZGMtNWVkNTI3MGVkZjIz
LzEva0xXN2dQN3ZORVpRcWFkejloOExMUHYzem93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBT6p2AwQC
uVBEMBYEAgACMBAwDgMFBSoDX+ADBQAqA1/iMA0GCSqGSIb3DQEBCwUAA4IBAQAz
MI8rQp7rIAxvN95V4GFhQY+3R7JCcaNa8gT1d0CqqcO7Jgo+KlqHMC6jOh0Az+Vf
VJd82vFR+M2Bd42++49aE2J5SR+phzBDcgtcYMr5B5tFlTcMEX6Vyj6Ryn4dULKT
FXfNZ2pl3uwABmcjjg3+ZgdnEBpsmGbcFQBoYMKawp/Go2b78XosWQZon9SXqz4w
CjDhPF+8oCKZ/duNkvxY3yi0ixTjwkO9CpFdJZb/G8o7oRLV9ID/OsfYtepg2mcE
/JX4UEfdkCFPTAcghHWy4R8sEsq2qOYzrfaWT2wLLsWEkKkDRRoEZ47fcKJC5kLG
q/jEjQ8HWzhrYjns5yW6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:35 2025 by rpki-client