Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/UkKEYnv2jEkWM3_P8X8A6QEhhvY.roa
File: UkKEYnv2jEkWM3_P8X8A6QEhhvY.roa (raw, json)
Hash identifier: U+n0AL72ItoTG2fROO5lEQ6/zC3dpHk8gQae5CX/xas=
Subject key identifier: 52:42:84:62:7B:F6:8C:49:16:33:7F:CF:F1:7F:00:E9:01:21:86:F6
Certificate issuer: /CN=ae72e47d56692499a726bf800ea8380362deb6be
Certificate serial: 018B18DB6E97F8E880BD6037E56B002A7857
Authority key identifier: AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/UkKEYnv2jEkWM3_P8X8A6QEhhvY.roa
Signing time: Tue 10 Oct 2023 09:11:55 +0000
ROA not before: Tue 10 Oct 2023 09:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21309
IP address blocks: 83.216.160.0/21 maxlen: 21
83.216.160.0/20 maxlen: 20
83.216.160.0/19 maxlen: 19
86.110.136.0/21 maxlen: 21
86.110.144.0/20 maxlen: 20
86.110.144.0/21 maxlen: 21
83.216.168.0/21 maxlen: 21
83.216.176.0/20 maxlen: 20
83.216.176.0/21 maxlen: 21
213.209.240.0/20 maxlen: 20
86.110.152.0/21 maxlen: 21
83.216.184.0/21 maxlen: 21
213.174.160.0/19 maxlen: 19
213.174.160.0/21 maxlen: 21
213.174.160.0/20 maxlen: 20
213.174.168.0/21 maxlen: 21
213.174.176.0/21 maxlen: 21
213.174.176.0/20 maxlen: 20
213.174.184.0/21 maxlen: 21
213.209.192.0/19 maxlen: 19
213.209.192.0/20 maxlen: 20
213.209.192.0/18 maxlen: 18
213.209.208.0/20 maxlen: 20
86.110.128.0/19 maxlen: 19
213.209.224.0/20 maxlen: 20
213.209.224.0/19 maxlen: 19
86.110.128.0/21 maxlen: 21
86.110.128.0/20 maxlen: 20
77.89.16.0/20 maxlen: 20
77.89.32.0/19 maxlen: 19
77.89.32.0/20 maxlen: 20
77.89.48.0/20 maxlen: 20
77.89.0.0/20 maxlen: 20
77.89.0.0/18 maxlen: 18
77.89.0.0/19 maxlen: 19
185.123.9.0/24 maxlen: 24
185.123.8.0/24 maxlen: 24
185.123.8.0/22 maxlen: 22
2a03:c380::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 10 Oct 2023 10:56:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:18:db:6e:97:f8:e8:80:bd:60:37:e5:6b:00:2a:78:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae72e47d56692499a726bf800ea8380362deb6be
Validity
Not Before: Oct 10 09:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=524284627bf68c4916337fcff17f00e9012186f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3e:e3:45:80:92:96:b5:b1:11:2f:c6:bd:a7:
bc:7e:56:39:f1:07:5d:d1:f2:7d:e7:18:da:14:f4:
ad:e9:a2:aa:22:0b:41:0e:cc:be:51:1f:47:42:13:
4d:f6:cd:2a:35:41:3a:f5:18:3a:0e:d3:62:47:78:
f1:cb:08:0b:0b:f0:d3:70:76:44:98:2b:00:f9:ad:
6c:b2:46:99:ff:aa:8c:70:36:74:45:68:aa:91:2b:
e1:b7:c6:a1:6f:12:1d:1f:bc:7d:27:40:5a:b9:4f:
59:30:4c:0c:6a:fc:aa:51:fd:00:b7:e7:8c:00:97:
80:d2:5a:ef:de:98:79:e0:63:c8:c2:24:9a:77:54:
b0:5c:82:c9:73:1e:db:41:de:21:8f:eb:15:6f:ce:
1b:6a:4c:b6:ca:31:3d:9b:39:67:70:01:23:60:56:
29:0e:7f:91:06:d2:5a:ce:e5:df:c3:1a:0b:f4:4c:
3a:06:8c:10:29:bf:b2:cf:4c:36:2f:22:6b:61:70:
4d:dd:0e:71:1c:e5:20:73:cb:55:cc:28:ca:7b:54:
0d:bd:92:13:51:5c:43:06:2f:46:6d:ee:3e:f9:ab:
3d:3a:b2:2a:f4:f0:ff:d7:3d:4a:8f:19:8e:07:c2:
1f:66:17:3f:81:8f:d0:ea:42:2f:de:12:5b:7d:b8:
84:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:42:84:62:7B:F6:8C:49:16:33:7F:CF:F1:7F:00:E9:01:21:86:F6
X509v3 Authority Key Identifier:
keyid:AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/UkKEYnv2jEkWM3_P8X8A6QEhhvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.89.0.0/18
83.216.160.0/19
86.110.128.0/19
185.123.8.0/22
213.174.160.0/19
213.209.192.0/18
IPv6:
2a03:c380::/32
Signature Algorithm: sha256WithRSAEncryption
86:23:e5:9f:b5:b6:4c:af:95:58:79:92:90:cb:79:a9:51:df:
5c:17:9a:04:c6:83:1c:d4:ba:0d:f3:3a:46:16:36:e0:37:9f:
8c:b6:13:6d:d5:a2:fe:4a:8f:d6:c1:f5:84:c3:82:ee:c3:2d:
f4:45:ab:5b:5d:d6:be:7a:dc:fb:1d:fe:2e:2b:8e:3e:92:b2:
ca:ed:11:76:72:29:37:3b:e0:bf:dd:88:08:82:10:cb:73:0a:
3c:0e:c3:98:e0:e8:82:df:bd:06:93:59:26:9a:5c:62:29:7d:
2f:f8:f1:b8:b9:1f:d9:d8:ae:77:10:cc:67:c5:69:7d:10:a9:
24:8a:da:44:1e:93:cd:48:56:1d:f3:0c:70:ee:42:2c:d0:7b:
d4:22:69:53:f2:c1:70:97:e2:7f:c0:d3:52:4f:67:27:7f:68:
23:87:c9:25:bd:e0:bd:3f:ed:b2:6b:4b:00:3c:45:1a:0e:8e:
8a:14:9f:d9:40:20:c2:ff:34:be:69:8e:d2:20:b4:a8:b0:2b:
37:41:bf:1c:e3:29:fc:6e:fd:f0:35:44:f2:5f:3c:2c:4d:6c:
02:df:04:84:bf:59:ed:d4:cb:08:44:66:f7:8d:f7:84:83:11:
ef:54:21:67:c9:a0:5e:f3:c9:61:e2:7c:c6:ab:28:21:e2:45:
3d:8b:02:9e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYsY226X+OiAvWA35WsAKnhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzJlNDdkNTY2OTI0OTlhNzI2YmY4MDBlYTgzODAzNjJk
ZWI2YmUwHhcNMjMxMDEwMDkxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQyODQ2MjdiZjY4YzQ5MTYzMzdmY2ZmMTdmMDBlOTAxMjE4NmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT7jRYCSlrWxES/Gvae8flY58Qdd
0fJ95xjaFPSt6aKqIgtBDsy+UR9HQhNN9s0qNUE69Rg6DtNiR3jxywgLC/DTcHZE
mCsA+a1sskaZ/6qMcDZ0RWiqkSvht8ahbxIdH7x9J0BauU9ZMEwMavyqUf0At+eM
AJeA0lrv3ph54GPIwiSad1SwXILJcx7bQd4hj+sVb84baky2yjE9mzlncAEjYFYp
Dn+RBtJazuXfwxoL9Ew6BowQKb+yz0w2LyJrYXBN3Q5xHOUgc8tVzCjKe1QNvZIT
UVxDBi9Gbe4++as9OrIq9PD/1z1KjxmOB8IfZhc/gY/Q6kIv3hJbfbiESQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFJChGJ79oxJFjN/z/F/AOkBIYb2MB8GA1UdIwQY
MBaAFK5y5H1WaSSZpya/gA6oOANi3ra+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMt
ZmUxMmM3NWJmNGFiLzEvVWtLRVludjJqRWtXTTNfUDhYOEE2UUVoaHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMtZmUxMmM3NWJmNGFi
LzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGTVkAAwQF
U9igAwQFVm6AAwQCuXsIAwQF1a6gAwQG1dHAMA0EAgACMAcDBQAqA8OAMA0GCSqG
SIb3DQEBCwUAA4IBAQCGI+WftbZMr5VYeZKQy3mpUd9cF5oExoMc1LoN8zpGFjbg
N5+MthNt1aL+So/WwfWEw4Luwy30RatbXda+etz7Hf4uK44+krLK7RF2cik3O+C/
3YgIghDLcwo8DsOY4OiC370Gk1kmmlxiKX0v+PG4uR/Z2K53EMxnxWl9EKkkitpE
HpPNSFYd8wxw7kIs0HvUImlT8sFwl+J/wNNST2cnf2gjh8klveC9P+2ya0sAPEUa
Do6KFJ/ZQCDC/zS+aY7SILSosCs3Qb8c4yn8bv3wNUTyXzwsTWwC3wSEv1nt1MsI
RGb3jfeEgxHvVCFnyaBe88lh4nzGqygh4kU9iwKe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:50 2024 by rpki-client on console-ams.rpki-client.org