Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/UYYZXUJP3-P53Rfx4n1P_Qp0duQ.roa
File: UYYZXUJP3-P53Rfx4n1P_Qp0duQ.roa (raw, json)
Hash identifier: ME7OAfDBCqJCagNhWQTe7JP+CjsXzzROVuaTT68v4MI=
Subject key identifier: 51:86:19:5D:42:4F:DF:E3:F9:DD:17:F1:E2:7D:4F:FD:0A:74:76:E4
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 018968FF929F8D17471A14E44DAE026AB073
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/UYYZXUJP3-P53Rfx4n1P_Qp0duQ.roa
Signing time: Tue 18 Jul 2023 12:35:26 +0000
ROA not before: Tue 18 Jul 2023 12:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57664
IP address blocks: 37.16.96.0/20 maxlen: 23
178.213.232.0/21 maxlen: 21
178.213.239.0/24 maxlen: 24
37.16.112.0/20 maxlen: 20
2a00:4cc1:2501::/64 maxlen: 64
2a00:4cc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:ff:92:9f:8d:17:47:1a:14:e4:4d:ae:02:6a:b0:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Jul 18 12:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5186195d424fdfe3f9dd17f1e27d4ffd0a7476e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d3:5c:2b:d4:a0:69:d3:a3:d0:74:17:7b:c7:
20:67:d3:fe:7a:21:a7:1a:70:15:fa:aa:2a:40:bc:
e2:14:83:17:fc:0e:ac:4d:66:3d:c9:2e:b4:bf:d8:
da:f6:9b:0c:b1:a8:d9:3a:f6:ac:3e:b8:ba:9b:78:
88:3c:f9:fa:2f:d0:55:97:72:b5:af:46:2d:d9:a3:
39:be:fd:92:90:d7:bb:5b:99:d6:1f:00:5c:8e:89:
fe:0e:0d:4e:62:4a:66:dd:82:3d:61:16:cd:50:73:
33:9f:6c:89:0b:e2:63:99:51:31:2e:05:21:df:98:
d0:2b:e7:ed:1f:63:c5:c2:7b:94:6c:e7:74:45:ff:
83:14:4d:ce:7c:cc:50:91:33:93:6b:89:30:ad:9b:
1f:af:1e:fc:c1:da:04:13:7d:1b:9c:44:0f:9e:96:
bd:f3:15:a1:95:52:b8:25:c5:95:54:19:87:2c:c0:
b2:5d:9c:a6:0c:5b:4e:9e:a3:cd:58:9d:e7:1b:87:
cf:cf:d3:c0:a4:83:f8:cb:33:74:57:ea:5e:12:cf:
af:8b:33:38:e1:26:b3:e0:11:6f:8b:dc:a7:e1:e2:
dc:e4:04:0c:b3:66:af:76:4b:38:6d:d8:87:c6:2a:
8b:46:88:5c:db:cf:0f:5e:bc:e3:a3:55:f8:f2:ff:
68:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:86:19:5D:42:4F:DF:E3:F9:DD:17:F1:E2:7D:4F:FD:0A:74:76:E4
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/UYYZXUJP3-P53Rfx4n1P_Qp0duQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.96.0/19
178.213.232.0/21
IPv6:
2a00:4cc0::/32
2a00:4cc1:2501::/64
Signature Algorithm: sha256WithRSAEncryption
21:3b:64:15:00:8d:11:29:64:4c:75:41:1b:1a:5e:16:d6:7e:
60:82:26:46:ce:f8:5f:60:44:9b:55:21:c9:b5:e1:4b:19:e5:
65:50:ad:72:82:7d:28:a5:93:46:93:60:e3:ef:89:24:30:7b:
12:89:b7:87:d7:81:88:c6:72:c1:4d:de:dc:2a:b9:f4:6d:ee:
c8:23:2c:c1:e5:30:79:ff:22:b6:43:76:a0:95:77:f8:79:73:
96:05:f4:dc:12:24:33:b8:e0:93:8e:05:8c:0d:6f:5f:fc:c7:
11:91:41:c2:d5:22:37:f9:c4:5e:bc:4b:4c:19:81:9d:83:51:
89:60:d3:e7:d5:2e:39:ff:43:95:b9:ce:b4:65:a0:79:49:84:
dd:e5:df:61:09:4f:9a:0b:2b:6f:54:16:2e:26:8c:eb:08:13:
dc:fb:f5:31:6f:69:28:e2:cf:a0:88:7d:a6:37:ce:76:c0:1f:
77:c8:54:43:22:ff:80:2f:a4:6c:e2:81:fc:0c:cb:d9:ef:77:
54:5b:8d:d3:48:0f:d9:12:96:e1:db:15:40:5f:ab:f5:d2:cc:
f6:58:c6:cc:9a:16:a4:31:42:47:6d:33:6d:8d:a1:51:d5:86:
96:03:22:f6:90:09:6a:3a:6b:66:7c:23:8e:6e:c8:c8:15:69:
7a:90:86:5f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYlo/5KfjRdHGhTkTa4CarBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjMwNzE4MTIzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg2MTk1ZDQyNGZkZmUzZjlkZDE3ZjFlMjdkNGZmZDBhNzQ3NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9NcK9SgadOj0HQXe8cgZ9P+eiGn
GnAV+qoqQLziFIMX/A6sTWY9yS60v9ja9psMsajZOvasPri6m3iIPPn6L9BVl3K1
r0Yt2aM5vv2SkNe7W5nWHwBcjon+Dg1OYkpm3YI9YRbNUHMzn2yJC+JjmVExLgUh
35jQK+ftH2PFwnuUbOd0Rf+DFE3OfMxQkTOTa4kwrZsfrx78wdoEE30bnEQPnpa9
8xWhlVK4JcWVVBmHLMCyXZymDFtOnqPNWJ3nG4fPz9PApIP4yzN0V+peEs+vizM4
4Saz4BFvi9yn4eLc5AQMs2avdks4bdiHxiqLRohc288PXrzjo1X48v9obQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFGGGV1CT9/j+d0X8eJ9T/0KdHbkMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvVVlZWlhVSlAzLVA1M1JmeDRuMVBfUXAwZHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQFJRBgAwQD
stXoMBgEAgACMBIDBQAqAEzAAwkAKgBMwSUBAAAwDQYJKoZIhvcNAQELBQADggEB
ACE7ZBUAjREpZEx1QRsaXhbWfmCCJkbO+F9gRJtVIcm14UsZ5WVQrXKCfSilk0aT
YOPviSQwexKJt4fXgYjGcsFN3twqufRt7sgjLMHlMHn/IrZDdqCVd/h5c5YF9NwS
JDO44JOOBYwNb1/8xxGRQcLVIjf5xF68S0wZgZ2DUYlg0+fVLjn/Q5W5zrRloHlJ
hN3l32EJT5oLK29UFi4mjOsIE9z79TFvaSjiz6CIfaY3znbAH3fIVEMi/4AvpGzi
gfwMy9nvd1RbjdNID9kSluHbFUBfq/XSzPZYxsyaFqQxQkdtM22NoVHVhpYDIvaQ
CWo6a2Z8I45uyMgVaXqQhl8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:16 2024 by rpki-client on console-fra.rpki-client.org