Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/UmOnLmdhjHa4gFiJFZPNHMme2vI.roa
File: UmOnLmdhjHa4gFiJFZPNHMme2vI.roa (raw, json)
Hash identifier: 7QVxGDIMp0tQ7xtoq7ttHNLUbPOFlcBcf2/YycMtsH4=
Subject key identifier: 52:63:A7:2E:67:61:8C:76:B8:80:58:89:15:93:CD:1C:C9:9E:DA:F2
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01863AEA22C73FED64201EE98BC8A3D04ED5
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/UmOnLmdhjHa4gFiJFZPNHMme2vI.roa
Signing time: Fri 10 Feb 2023 10:41:08 +0000
ROA not before: Fri 10 Feb 2023 10:41:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47377
IP address blocks: 90.84.96.0/19 maxlen: 24
2a01:c780::/32 maxlen: 64
2a01:cd20::/32 maxlen: 48
2a01:caa0::/32 maxlen: 48
2a01:cc00::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:ea:22:c7:3f:ed:64:20:1e:e9:8b:c8:a3:d0:4e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Feb 10 10:41:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5263a72e67618c76b88058891593cd1cc99edaf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9e:74:34:46:4a:86:af:04:83:47:5c:a0:26:
33:05:ad:12:90:0e:ce:e8:30:b8:7d:66:df:66:b6:
e8:cb:0f:be:69:6d:81:92:23:74:d4:7d:fa:dd:d7:
35:77:99:3a:51:f2:cd:42:a0:ee:c7:66:6a:4f:b0:
12:3a:3b:0e:ec:92:e7:81:08:1d:38:ee:4f:39:0e:
6e:ab:f7:61:7c:2e:15:2e:e6:40:56:e0:95:1f:8e:
13:5b:31:77:b1:e2:af:c2:6d:27:96:5c:e2:0b:39:
26:ac:4c:3b:5a:b1:3b:3e:a7:0f:71:99:8d:e2:0d:
03:b9:31:2b:6b:41:46:06:7b:b5:fb:50:00:e9:f7:
9e:85:d5:45:87:4d:62:7d:d6:2d:17:d5:98:4b:b3:
fa:7b:41:eb:de:ef:1e:32:eb:1a:de:b0:8b:10:33:
cb:4f:47:52:67:7d:e6:4f:da:31:12:b0:b9:b2:ca:
ba:ca:cb:d3:9d:db:11:55:a6:33:e7:79:0e:bd:24:
f5:8a:64:9c:07:c3:b3:85:43:fd:b5:6a:f7:a3:36:
9d:ed:9f:1c:e9:55:9e:53:f1:ac:00:d8:85:59:ef:
1b:46:9b:8d:26:56:5f:00:83:c1:4f:5b:86:19:60:
b0:93:9c:a9:48:e3:87:2c:72:5c:a3:24:a9:60:53:
f2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:63:A7:2E:67:61:8C:76:B8:80:58:89:15:93:CD:1C:C9:9E:DA:F2
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/UmOnLmdhjHa4gFiJFZPNHMme2vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.96.0/19
IPv6:
2a01:c780::/32
2a01:caa0::/32
2a01:cc00::/32
2a01:cd20::/32
Signature Algorithm: sha256WithRSAEncryption
9b:c7:4f:ad:96:dc:d7:d5:63:17:71:84:be:a8:c3:e4:d4:aa:
33:77:22:92:9b:1f:d7:e6:2c:64:2e:cc:67:79:05:5a:55:97:
9c:28:00:14:d5:5d:14:f2:db:15:3b:0a:d2:8e:09:48:41:01:
ae:66:0a:37:19:a4:63:77:ec:29:16:fa:83:a8:d8:1d:22:b4:
5d:1f:52:49:ce:ca:18:52:95:28:22:1d:34:53:6b:32:24:46:
7d:99:7f:ca:77:7e:35:45:5e:44:04:71:88:4e:03:2f:e9:a2:
63:36:64:df:03:65:20:7a:b8:c9:33:f5:e2:e2:eb:1e:ed:0e:
4f:c5:48:62:a3:1e:87:b6:93:cf:61:b5:81:27:98:af:d9:ad:
f9:ee:7c:a9:4e:00:9c:9c:cc:d3:3d:98:dc:b7:3d:a6:fa:0b:
4a:52:70:c8:20:59:16:f9:a8:dc:d8:87:4b:92:ac:b5:f0:6d:
55:cb:64:6d:16:05:70:66:49:b6:01:cd:a5:ec:06:b3:45:ce:
0e:64:4e:c4:28:5e:0d:ee:62:07:df:b8:88:e1:99:7e:83:aa:
c9:72:8c:63:4d:bf:fd:4e:5d:db:e0:b1:b6:51:ce:6c:e0:59:
0a:2f:ce:cb:63:72:71:6d:db:56:30:22:50:7e:f0:ab:8e:3e:
fc:f8:96:f5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYY66iLHP+1kIB7pi8ij0E7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMjEwMTA0MTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjYzYTcyZTY3NjE4Yzc2Yjg4MDU4ODkxNTkzY2QxY2M5OWVkYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjp50NEZKhq8Eg0dcoCYzBa0SkA7O
6DC4fWbfZrboyw++aW2BkiN01H363dc1d5k6UfLNQqDux2ZqT7ASOjsO7JLngQgd
OO5POQ5uq/dhfC4VLuZAVuCVH44TWzF3seKvwm0nllziCzkmrEw7WrE7PqcPcZmN
4g0DuTEra0FGBnu1+1AA6feehdVFh01ifdYtF9WYS7P6e0Hr3u8eMusa3rCLEDPL
T0dSZ33mT9oxErC5ssq6ysvTndsRVaYz53kOvST1imScB8OzhUP9tWr3ozad7Z8c
6VWeU/GsANiFWe8bRpuNJlZfAIPBT1uGGWCwk5ypSOOHLHJcoySpYFPyowIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFJjpy5nYYx2uIBYiRWTzRzJntryMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvVW1PbkxtZGhqSGE0Z0ZpSkZaUE5ITW1lMnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQFWlRgMCIE
AgACMBwDBQAqAceAAwUAKgHKoAMFACoBzAADBQAqAc0gMA0GCSqGSIb3DQEBCwUA
A4IBAQCbx0+tltzX1WMXcYS+qMPk1KozdyKSmx/X5ixkLsxneQVaVZecKAAU1V0U
8tsVOwrSjglIQQGuZgo3GaRjd+wpFvqDqNgdIrRdH1JJzsoYUpUoIh00U2syJEZ9
mX/Kd341RV5EBHGITgMv6aJjNmTfA2UgerjJM/Xi4use7Q5PxUhiox6HtpPPYbWB
J5iv2a357nypTgCcnMzTPZjctz2m+gtKUnDIIFkW+ajc2IdLkqy18G1Vy2RtFgVw
Zkm2Ac2l7AazRc4OZE7EKF4N7mIH37iI4Zl+g6rJcoxjTb/9Tl3b4LG2Uc5s4FkK
L87LY3JxbdtWMCJQfvCrjj78+Jb1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org