Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UmPUa6YzQLW2eYhl_uEzYua6xFU.roa
File: UmPUa6YzQLW2eYhl_uEzYua6xFU.roa (raw, json)
Hash identifier: Uhn0O5aXZWY3p/6e3S23msk/AMiYRSk+wDygzbTAOJI=
Subject key identifier: 52:63:D4:6B:A6:33:40:B5:B6:79:88:65:FE:E1:33:62:E6:BA:C4:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186D5B24183652AE773460DD8D3E48758DD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UmPUa6YzQLW2eYhl_uEzYua6xFU.roa
Signing time: Sun 12 Mar 2023 12:01:14 +0000
ROA not before: Sun 12 Mar 2023 12:01:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 212.193.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.52.0/22 maxlen: 22
195.58.56.0/21 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
194.87.233.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.87.165.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d5:b2:41:83:65:2a:e7:73:46:0d:d8:d3:e4:87:58:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 12 12:01:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5263d46ba63340b5b6798865fee13362e6bac455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:84:72:f9:8e:04:56:2e:c8:77:cb:9f:0d:59:
4c:65:a7:1e:e2:d3:9c:dd:4c:47:58:3e:75:86:8b:
18:0a:67:c4:18:13:9d:29:90:5d:3e:69:2a:3b:8c:
ed:47:fb:96:be:1b:1c:42:61:4f:82:4a:b2:fe:ef:
d7:44:39:0a:bb:70:50:80:76:ad:62:a0:26:93:ce:
8e:8f:fb:50:00:d6:cd:1a:0e:7d:38:9d:17:d8:6d:
fe:4a:08:8a:3c:df:fc:63:cb:e9:e2:11:07:32:79:
4d:9c:d2:10:80:91:e9:46:6b:96:d4:e3:28:47:08:
ae:64:1a:f6:74:93:aa:94:0a:b9:9c:4a:8a:91:34:
95:d6:82:73:1c:1d:77:a5:ed:f0:93:00:ac:e5:6c:
1b:5b:3a:23:71:1c:e2:eb:a8:2a:1d:8a:f9:a2:f4:
9a:97:3a:7a:c2:b6:8e:27:49:82:d7:92:b9:59:e5:
70:75:65:0a:b3:70:1d:46:8e:a1:99:d3:96:6c:9c:
2c:99:cf:e6:ae:84:fd:7f:34:4b:21:69:40:04:78:
9a:e3:da:0a:1e:7e:b7:fb:59:a4:b2:07:e6:49:4a:
22:c4:ad:b1:b2:0e:12:2c:38:62:64:90:8d:30:e4:
20:c5:1e:12:03:3c:2f:a2:6c:71:74:a8:10:00:2b:
0d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:63:D4:6B:A6:33:40:B5:B6:79:88:65:FE:E1:33:62:E6:BA:C4:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/UmPUa6YzQLW2eYhl_uEzYua6xFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
193.124.133.0/24
193.124.203.0/24
194.58.42.0/24
194.58.45.0-194.58.47.255
194.87.22.0/24
194.87.27.0/24
194.87.82.0/24
194.87.114.0-194.87.116.255
194.87.118.0/24
194.87.136.0/24
194.87.165.0/24
194.87.171.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
194.87.233.0/24
195.58.50.0/24
195.58.52.0-195.58.63.255
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.192.208.0/23
212.193.0.0/24
212.193.12.0/24
Signature Algorithm: sha256WithRSAEncryption
06:34:92:a8:72:16:28:d8:f9:a8:11:15:7a:b8:8a:5a:a7:ec:
5c:2c:82:cc:50:40:18:00:48:5a:20:7c:17:69:7f:4d:87:0b:
ad:17:47:9f:56:b1:7d:f1:fc:ff:f8:50:b9:cf:c1:43:92:9c:
74:c5:9c:d9:4b:d5:f9:03:5e:2e:e4:4d:7e:61:30:51:85:8e:
28:10:a1:39:dc:bc:2e:3f:6b:3b:27:0c:0f:06:f1:8d:a3:d2:
0b:ff:43:db:35:99:57:b2:ee:c8:cd:ae:50:a1:18:ec:8a:00:
2d:48:a7:d2:ad:7e:a4:45:85:70:2f:a7:84:e6:26:26:bf:50:
32:87:c2:a7:b1:c5:f3:43:54:52:f1:05:20:6f:83:8a:c2:3f:
9b:c8:27:82:ca:cf:4a:d0:f0:57:10:73:8d:d5:b4:9e:53:00:
cf:fd:37:5d:4c:d8:68:6e:81:59:39:ab:2f:e6:f5:2a:62:2a:
76:35:ef:6c:d1:6e:68:bf:3e:ec:9d:68:88:9b:dd:4f:e7:bb:
36:95:9d:5a:15:40:a3:6c:c7:aa:bc:df:b1:0d:93:30:cb:2f:
f2:3e:e8:b0:36:7b:bb:38:8f:d9:05:41:23:19:ff:d3:98:ec:
10:9a:db:de:32:00:e7:c8:72:16:b5:77:07:76:64:7e:ba:22:
09:ac:f1:7f
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYbVskGDZSrnc0YN2NPkh1jdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzEyMTIwMTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjYzZDQ2YmE2MzM0MGI1YjY3OTg4NjVmZWUxMzM2MmU2YmFjNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioRy+Y4EVi7Id8ufDVlMZace4tOc
3UxHWD51hosYCmfEGBOdKZBdPmkqO4ztR/uWvhscQmFPgkqy/u/XRDkKu3BQgHat
YqAmk86Oj/tQANbNGg59OJ0X2G3+SgiKPN/8Y8vp4hEHMnlNnNIQgJHpRmuW1OMo
RwiuZBr2dJOqlAq5nEqKkTSV1oJzHB13pe3wkwCs5WwbWzojcRzi66gqHYr5ovSa
lzp6wraOJ0mC15K5WeVwdWUKs3AdRo6hmdOWbJwsmc/mroT9fzRLIWlABHia49oK
Hn63+1mksgfmSUoixK2xsg4SLDhiZJCNMOQgxR4SAzwvomxxdKgQACsNqQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFFJj1GumM0C1tnmIZf7hM2LmusRVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVW1QVWE2WXpRTFcyZVlobF91RXpZdWE2eEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBADA
fLYDBADBfIUDBADBfMsDBADCOiowDAMEAMI6LQMEBMI6IAMEAMJXFgMEAMJXGwME
AMJXUjAMAwQBwldyAwQAwld0AwQAwld2AwQAwleIAwQAwlelAwQAwlerAwQAwlfG
AwQBwlfQAwQBwlfeAwQAwlfpAwQAwzoyMAwDBALDOjQDBAbDOgADBADDhTcDBADD
hcMDBAHUwAADBAHUwNADBADUwQADBADUwQwwDQYJKoZIhvcNAQELBQADggEBAAY0
kqhyFijY+agRFXq4ilqn7FwsgsxQQBgASFogfBdpf02HC60XR59WsX3x/P/4ULnP
wUOSnHTFnNlL1fkDXi7kTX5hMFGFjigQoTncvC4/azsnDA8G8Y2j0gv/Q9s1mVey
7sjNrlChGOyKAC1Ip9KtfqRFhXAvp4TmJia/UDKHwqexxfNDVFLxBSBvg4rCP5vI
J4LKz0rQ8FcQc43VtJ5TAM/9N11M2GhugVk5qy/m9SpiKnY172zRbmi/PuydaIib
3U/nuzaVnVoVQKNsx6q837ENkzDLL/I+6LA2e7s4j9kFQSMZ/9OY7BCa294yAOfI
cha1dwd2ZH66Igms8X8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org