Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/Umw0NFo2mdRQAC-Lx7fZ8c1vu0U.roa
File: Umw0NFo2mdRQAC-Lx7fZ8c1vu0U.roa (raw, json)
Hash identifier: nI5CSXUqKJ4EnvTAz0yTMahn24jkbHWd4EwWiTqNi94=
Subject key identifier: 52:6C:34:34:5A:36:99:D4:50:00:2F:8B:C7:B7:D9:F1:CD:6F:BB:45
Certificate issuer: /CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Certificate serial: 018570D5492AFF165B9BA46184A67024F0AF
Authority key identifier: FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/Umw0NFo2mdRQAC-Lx7fZ8c1vu0U.roa
Signing time: Mon 02 Jan 2023 04:55:04 +0000
ROA not before: Mon 02 Jan 2023 04:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211873
IP address blocks: 185.149.28.0/22 maxlen: 22
2a06:34c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 08 Jun 2023 15:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:49:2a:ff:16:5b:9b:a4:61:84:a6:70:24:f0:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Validity
Not Before: Jan 2 04:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=526c34345a3699d450002f8bc7b7d9f1cd6fbb45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:dc:70:8d:91:30:64:67:2b:96:4c:67:81:79:
ce:b0:9e:7c:1a:f6:79:0a:0f:fa:b1:5d:ab:5e:78:
f7:58:ed:ce:6d:6c:6d:47:e1:ff:ea:dd:d6:ed:e3:
01:61:ca:19:fd:03:a6:23:a2:89:05:ac:27:e2:0c:
3a:d9:92:5d:a6:8d:11:ab:9d:e8:c3:34:ff:51:27:
58:64:29:ca:dd:0f:b1:3e:0d:6b:f3:64:56:e2:f5:
11:ea:a2:00:d8:77:64:0b:81:07:05:b3:37:95:8b:
9b:6c:7a:66:67:7f:dc:d6:a8:47:10:43:c0:cf:43:
8e:a5:db:ce:25:b1:62:41:9d:25:37:d1:1f:ab:a0:
f1:77:d0:29:f2:aa:a3:42:69:ff:74:dc:7b:47:3e:
18:85:04:18:2c:fd:bc:43:1f:30:70:5b:a4:ca:fa:
69:26:a4:15:80:f5:11:a8:ec:ad:c1:d8:04:9f:90:
ee:1d:75:f2:95:2f:b1:bd:b8:d5:5b:ca:50:33:1b:
db:de:99:3d:98:6f:b2:15:7e:3a:af:60:e7:cf:93:
74:5e:af:68:2b:2c:01:8c:e7:b0:b0:62:8e:1e:39:
84:32:65:28:32:df:53:95:1b:2a:a3:3c:6a:11:61:
54:b7:5c:76:74:85:90:1a:b6:0d:e5:02:cd:53:79:
85:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6C:34:34:5A:36:99:D4:50:00:2F:8B:C7:B7:D9:F1:CD:6F:BB:45
X509v3 Authority Key Identifier:
keyid:FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/Umw0NFo2mdRQAC-Lx7fZ8c1vu0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.28.0/22
IPv6:
2a06:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
08:01:4c:30:c5:d6:35:cc:df:6f:12:fc:2c:d9:77:e2:75:6c:
af:95:62:99:50:e3:03:ab:ed:a2:fe:ce:b3:58:f1:31:95:0b:
92:de:fe:09:ae:94:14:6d:21:18:b9:3e:82:d2:1a:87:80:3b:
48:b0:62:1d:09:ab:68:b7:82:b2:6b:8f:4e:dc:a3:e2:6e:bb:
c8:83:d8:77:33:5b:f6:00:f0:b5:86:8a:09:9a:7d:03:99:68:
07:bb:87:1b:64:a0:fe:1a:ae:5b:69:d3:51:10:b2:ef:09:f6:
18:5f:f5:9b:61:da:b0:57:f4:75:68:01:25:c9:df:67:50:f4:
c8:fb:99:2f:a5:54:45:eb:4e:0b:23:1f:7c:3c:98:3c:f5:49:
84:39:be:4b:4d:f7:fd:01:11:16:84:7d:17:4f:67:2d:63:62:
c5:b4:5a:31:69:1d:86:db:99:04:82:fc:2a:af:2d:2b:93:ed:
bd:67:98:92:a4:7f:bb:98:53:a0:e9:86:66:f8:a4:18:bd:d8:
75:ee:15:69:87:a8:16:3a:ac:6c:04:4a:c5:43:de:d1:9e:cc:
9a:36:70:4c:35:9f:64:4d:f9:4b:8f:c7:e6:0a:99:29:70:8d:
dd:1b:a9:83:d3:8b:73:0d:91:21:57:6e:d9:39:82:af:9a:69:
2f:43:4b:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw1Ukq/xZbm6RhhKZwJPCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZmNkNDUxNWI0OTMwMzkyMTY3NThkZTczOGU0ZjFhZThl
MzIyNGMwHhcNMjMwMTAyMDQ1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZjMzQzNDVhMzY5OWQ0NTAwMDJmOGJjN2I3ZDlmMWNkNmZiYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNxwjZEwZGcrlkxngXnOsJ58GvZ5
Cg/6sV2rXnj3WO3ObWxtR+H/6t3W7eMBYcoZ/QOmI6KJBawn4gw62ZJdpo0Rq53o
wzT/USdYZCnK3Q+xPg1r82RW4vUR6qIA2HdkC4EHBbM3lYubbHpmZ3/c1qhHEEPA
z0OOpdvOJbFiQZ0lN9Efq6Dxd9Ap8qqjQmn/dNx7Rz4YhQQYLP28Qx8wcFukyvpp
JqQVgPURqOytwdgEn5DuHXXylS+xvbjVW8pQMxvb3pk9mG+yFX46r2Dnz5N0Xq9o
KywBjOewsGKOHjmEMmUoMt9TlRsqozxqEWFUt1x2dIWQGrYN5QLNU3mFEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFJsNDRaNpnUUAAvi8e32fHNb7tFMB8GA1UdIwQY
MBaAFPv81FFbSTA5IWdY3nOOTxro4yJMMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1felVVVnRKTURraFoxamVjNDVQR3Vqaklrdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvZDY0ODZhLThmZjctNDI2Zi04ZDg2
LTA5OGQwNGNlNTFiMi8xL1VtdzBORm8ybWRSUUFDLUx4N2ZaOGMxdnUwVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjgvZDY0ODZhLThmZjctNDI2Zi04ZDg2LTA5OGQwNGNlNTFi
Mi8xLzEtX3pVVVZ0Sk1Ea2haMWplYzQ1UEd1ampJa3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5lRww
DQQCAAIwBwMFAyoGNMAwDQYJKoZIhvcNAQELBQADggEBAAgBTDDF1jXM328S/CzZ
d+J1bK+VYplQ4wOr7aL+zrNY8TGVC5Le/gmulBRtIRi5PoLSGoeAO0iwYh0Jq2i3
grJrj07co+Juu8iD2HczW/YA8LWGigmafQOZaAe7hxtkoP4arltp01EQsu8J9hhf
9Zth2rBX9HVoASXJ32dQ9Mj7mS+lVEXrTgsjH3w8mDz1SYQ5vktN9/0BERaEfRdP
Zy1jYsW0WjFpHYbbmQSC/CqvLSuT7b1nmJKkf7uYU6Dphmb4pBi92HXuFWmHqBY6
rGwESsVD3tGezJo2cEw1n2RN+UuPx+YKmSlwjd0bqYPTi3MNkSFXbtk5gq+aaS9D
S5I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:39 2024 by rpki-client on console-ams.rpki-client.org