Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/pUmlmvpXzO2IThrG3xwiO9nkrpY.roa
File: pUmlmvpXzO2IThrG3xwiO9nkrpY.roa (raw, json)
Hash identifier: 01SyGtWugFhAX9BzqK/jkk+TBZ+GJgT6JzPMfAQnCps=
Subject key identifier: A5:49:A5:9A:FA:57:CC:ED:88:4E:1A:C6:DF:1C:22:3B:D9:E4:AE:96
Certificate issuer: /CN=b85213df97329556d608b150f03c4ee75fbd98c1
Certificate serial: 01856F8B737764709EB1D1038C98C6265AE6
Authority key identifier: B8:52:13:DF:97:32:95:56:D6:08:B1:50:F0:3C:4E:E7:5F:BD:98:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFIT35cylVbWCLFQ8DxO51-9mME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/pUmlmvpXzO2IThrG3xwiO9nkrpY.roa
Signing time: Sun 01 Jan 2023 22:54:48 +0000
ROA not before: Sun 01 Jan 2023 22:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212236
IP address blocks: 193.238.45.0/24 maxlen: 24
193.238.46.0/23 maxlen: 24
193.162.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:73:77:64:70:9e:b1:d1:03:8c:98:c6:26:5a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85213df97329556d608b150f03c4ee75fbd98c1
Validity
Not Before: Jan 1 22:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a549a59afa57cced884e1ac6df1c223bd9e4ae96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:41:04:dd:f6:63:4c:79:5b:0a:37:d3:9b:69:
6e:14:0d:2a:93:c8:4c:7f:5f:5e:18:20:98:39:d5:
db:9d:6c:58:28:1f:56:ff:fe:29:d7:40:78:90:63:
a5:ee:91:3e:25:6d:98:18:7d:6c:82:dc:21:50:2f:
e6:c6:25:82:17:cb:1c:3a:1b:54:1b:09:8b:0c:92:
2a:ef:c9:b8:bb:8d:b3:96:42:31:e3:e5:8c:8e:62:
bf:b8:41:5e:14:ec:5d:a8:03:f9:c4:9b:91:8c:80:
23:73:ca:c6:ee:71:e3:d7:75:51:87:b3:52:79:22:
02:d9:a3:9b:55:19:3e:b1:65:d5:02:7c:ff:06:8d:
a5:6d:99:08:4c:4b:8d:20:3b:e8:f5:bd:7c:c0:59:
6b:d0:c2:c8:b3:15:9b:66:c1:97:7d:05:66:b9:78:
7e:4e:f6:26:cd:38:88:a4:24:3c:76:85:86:e5:56:
52:1b:15:e6:72:a9:80:19:97:2e:ad:c6:c2:85:05:
f7:bb:21:3b:fa:85:1b:ed:16:40:1b:9e:57:e4:6d:
2b:cb:3a:10:d4:0d:57:45:18:6d:b6:fd:4e:66:85:
df:e8:13:08:7b:3c:fd:8e:5e:01:d5:7c:71:d9:4e:
eb:9a:56:47:d0:ac:c1:7b:2b:cc:ce:5d:d9:bc:8d:
02:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:49:A5:9A:FA:57:CC:ED:88:4E:1A:C6:DF:1C:22:3B:D9:E4:AE:96
X509v3 Authority Key Identifier:
keyid:B8:52:13:DF:97:32:95:56:D6:08:B1:50:F0:3C:4E:E7:5F:BD:98:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFIT35cylVbWCLFQ8DxO51-9mME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/pUmlmvpXzO2IThrG3xwiO9nkrpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/uFIT35cylVbWCLFQ8DxO51-9mME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.162.139.0/24
193.238.45.0-193.238.47.255
Signature Algorithm: sha256WithRSAEncryption
d1:66:f4:d6:94:17:3d:c3:e4:97:01:34:e0:75:c9:8e:eb:e4:
26:86:06:fd:e1:1a:cb:b5:df:4e:cd:7f:af:93:82:e7:8c:1b:
56:c3:56:98:67:84:7c:1a:ec:58:94:37:47:62:a7:8b:04:ce:
52:63:de:f7:8d:04:32:ac:cf:32:a7:69:47:17:95:85:48:90:
54:59:dc:e8:6a:f2:97:66:66:4b:12:64:7b:f6:25:c9:31:a5:
1f:10:45:d1:4b:ea:ee:97:24:c2:5f:81:53:7d:48:bc:48:b5:
26:4d:89:0f:7a:33:cf:b8:f4:95:a2:4b:a0:ef:c4:22:9d:0a:
2e:1b:34:bb:24:88:01:62:ac:57:ab:87:a5:4c:18:56:ae:69:
f6:db:0c:85:5a:30:90:a2:fe:fd:6b:cd:91:ed:c7:ed:c4:65:
dd:40:18:03:d5:29:1e:f8:78:67:b9:97:63:fb:3a:3b:24:72:
0d:47:6e:99:0c:90:68:e9:b1:99:bf:91:a2:f8:bc:ff:c2:eb:
8a:2a:bc:f3:67:71:51:d6:6d:32:5a:9f:c2:7a:68:d3:16:a3:
07:c0:f8:3d:51:d9:e4:c8:3c:13:1a:a8:bf:e5:dc:78:6e:21:
0b:f4:ad:cc:27:8f:b0:50:00:d5:97:7d:a6:b6:65:ad:30:76:
47:70:25:fb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvi3N3ZHCesdEDjJjGJlrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTIxM2RmOTczMjk1NTZkNjA4YjE1MGYwM2M0ZWU3NWZi
ZDk4YzEwHhcNMjMwMTAxMjI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQ5YTU5YWZhNTdjY2VkODg0ZTFhYzZkZjFjMjIzYmQ5ZTRhZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEEE3fZjTHlbCjfTm2luFA0qk8hM
f19eGCCYOdXbnWxYKB9W//4p10B4kGOl7pE+JW2YGH1sgtwhUC/mxiWCF8scOhtU
GwmLDJIq78m4u42zlkIx4+WMjmK/uEFeFOxdqAP5xJuRjIAjc8rG7nHj13VRh7NS
eSIC2aObVRk+sWXVAnz/Bo2lbZkITEuNIDvo9b18wFlr0MLIsxWbZsGXfQVmuXh+
TvYmzTiIpCQ8doWG5VZSGxXmcqmAGZcurcbChQX3uyE7+oUb7RZAG55X5G0ryzoQ
1A1XRRhttv1OZoXf6BMIezz9jl4B1Xxx2U7rmlZH0KzBeyvMzl3ZvI0CcQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKVJpZr6V8ztiE4axt8cIjvZ5K6WMB8GA1UdIwQY
MBaAFLhSE9+XMpVW1gixUPA8TudfvZjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZJVDM1Y3lsVmJXQ0xGUThEeE81MS05bU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kZDgwOTgtN2ZlMC00MjJmLTkyZTkt
MWZiMWU5Yzg2YjUzLzEvcFVtbG12cFh6TzJJVGhyRzN4d2lPOW5rcnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kZDgwOTgtN2ZlMC00MjJmLTkyZTktMWZiMWU5Yzg2YjUz
LzEvdUZJVDM1Y3lsVmJXQ0xGUThEeE81MS05bU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwaKLMAwD
BADB7i0DBATB7iAwDQYJKoZIhvcNAQELBQADggEBANFm9NaUFz3D5JcBNOB1yY7r
5CaGBv3hGsu1307Nf6+TgueMG1bDVphnhHwa7FiUN0dip4sEzlJj3veNBDKszzKn
aUcXlYVIkFRZ3Ohq8pdmZksSZHv2JckxpR8QRdFL6u6XJMJfgVN9SLxItSZNiQ96
M8+49JWiS6DvxCKdCi4bNLskiAFirFerh6VMGFauafbbDIVaMJCi/v1rzZHtx+3E
Zd1AGAPVKR74eGe5l2P7Ojskcg1HbpkMkGjpsZm/kaL4vP/C64oqvPNncVHWbTJa
n8J6aNMWowfA+D1R2eTIPBMaqL/l3HhuIQv0rcwnj7BQANWXfaa2Za0wdkdwJfs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:57 2024 by rpki-client on console-ams.rpki-client.org