Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/umwHeVReqiNa5sj15BH-84uNoGU.roa
File: umwHeVReqiNa5sj15BH-84uNoGU.roa (raw, json)
Hash identifier: TUHmrbQDXOqdpDtv8s3Jny0Ux51N5aDmdzyDz3U8mQM=
Subject key identifier: BA:6C:07:79:54:5E:AA:23:5A:E6:C8:F5:E4:11:FE:F3:8B:8D:A0:65
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018572470830AB634903ED242A9BEB021AFB
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/umwHeVReqiNa5sj15BH-84uNoGU.roa
Signing time: Mon 02 Jan 2023 11:38:55 +0000
ROA not before: Mon 02 Jan 2023 11:38:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46844
IP address blocks: 37.9.44.0/22 maxlen: 22
91.243.89.0/24 maxlen: 24
91.243.92.0/24 maxlen: 24
91.243.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:08:30:ab:63:49:03:ed:24:2a:9b:eb:02:1a:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba6c0779545eaa235ae6c8f5e411fef38b8da065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cc:8e:bb:d8:35:a2:74:dd:55:a6:9d:39:ce:
76:06:97:06:87:6c:1b:e9:10:b4:5d:e8:36:3e:4f:
72:1d:f3:e7:91:47:85:4b:ba:a5:60:ce:07:ef:71:
8d:37:99:91:ec:0f:2b:40:53:43:62:3c:8f:80:ce:
76:a3:fe:ee:40:2a:58:53:64:95:52:be:2a:c4:f1:
25:1e:42:02:5e:91:a0:5d:9c:a7:e6:df:b2:62:0f:
8e:e4:78:63:79:2f:a2:51:78:b9:94:99:e2:d0:e9:
f9:00:74:83:a7:41:8b:c4:2e:a0:3c:ca:5c:71:3d:
80:2d:7b:23:4f:9a:55:55:28:79:c0:34:e7:70:28:
c8:ec:d0:9b:d6:ba:8c:f2:7f:de:ac:30:2d:1b:29:
1a:69:7b:52:f8:5a:bb:9f:02:de:bd:fb:da:02:b6:
7d:49:d0:75:59:fa:0d:32:bc:9f:a2:ab:52:76:e2:
9b:19:d4:2b:33:c4:44:f1:d2:f3:ce:63:29:43:a8:
49:ec:12:e1:67:2f:7d:94:ea:b0:3d:5f:b3:19:df:
27:7c:69:a3:4c:c3:ab:2f:0b:1c:00:42:48:be:2e:
b4:f1:4b:fc:d1:bb:9b:39:60:37:2e:8e:ba:a0:f2:
cf:69:fc:72:83:0f:fb:fa:31:6f:78:dc:c1:a4:f0:
6e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6C:07:79:54:5E:AA:23:5A:E6:C8:F5:E4:11:FE:F3:8B:8D:A0:65
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/umwHeVReqiNa5sj15BH-84uNoGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.44.0/22
91.243.89.0/24
91.243.92.0/24
91.243.94.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:fa:3a:dd:69:fb:62:18:a0:a9:37:86:6d:94:eb:51:bd:b9:
5b:ab:77:72:d4:37:18:c9:34:78:8b:e0:cb:b1:61:a1:2d:b7:
18:fb:2e:30:27:4b:b2:42:a3:af:50:78:d2:d6:76:c5:6e:33:
8d:5c:de:e7:c1:e7:15:f4:8c:18:c9:15:4f:86:f8:fc:50:90:
87:fd:c1:16:f6:19:0b:bb:4b:d0:a7:1b:12:1f:77:a9:10:e3:
ec:4b:2d:5f:29:59:26:58:43:8b:db:0a:29:8d:86:6c:75:cc:
49:92:7c:97:6a:09:29:69:00:5d:42:06:4c:f2:bf:bc:16:5e:
b1:85:35:0e:7f:d3:9d:9e:fd:5c:c9:e3:15:78:bb:21:a9:f4:
ac:5c:e6:12:a2:02:f9:83:24:58:49:00:76:c0:ec:1a:3d:cf:
6f:92:7c:0e:ff:9b:3f:50:33:16:b6:a1:94:ad:79:fd:79:b6:
41:b9:a4:8e:51:88:57:f0:18:16:b3:8d:e2:a2:8e:b7:f3:e7:
55:d5:49:d5:58:de:34:a7:8b:1b:0c:d3:91:89:41:ac:60:5f:
4e:91:dd:26:88:72:bf:1b:9b:cc:39:b9:42:68:f2:77:18:ae:
85:09:a5:8c:1f:46:bd:bb:00:7f:a4:e1:05:d8:10:9a:b9:88:
23:71:97:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyRwgwq2NJA+0kKpvrAhr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZjMDc3OTU0NWVhYTIzNWFlNmM4ZjVlNDExZmVmMzhiOGRhMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8yOu9g1onTdVaadOc52BpcGh2wb
6RC0Xeg2Pk9yHfPnkUeFS7qlYM4H73GNN5mR7A8rQFNDYjyPgM52o/7uQCpYU2SV
Ur4qxPElHkICXpGgXZyn5t+yYg+O5HhjeS+iUXi5lJni0On5AHSDp0GLxC6gPMpc
cT2ALXsjT5pVVSh5wDTncCjI7NCb1rqM8n/erDAtGykaaXtS+Fq7nwLevfvaArZ9
SdB1WfoNMryfoqtSduKbGdQrM8RE8dLzzmMpQ6hJ7BLhZy99lOqwPV+zGd8nfGmj
TMOrLwscAEJIvi608Uv80bubOWA3Lo66oPLPafxygw/7+jFveNzBpPBuNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLpsB3lUXqojWubI9eQR/vOLjaBlMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvdW13SGVWUmVxaU5hNXNqMTVCSC04NHVOb0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJQksAwQA
W/NZAwQAW/NcAwQAW/NeMA0GCSqGSIb3DQEBCwUAA4IBAQCw+jrdaftiGKCpN4Zt
lOtRvblbq3dy1DcYyTR4i+DLsWGhLbcY+y4wJ0uyQqOvUHjS1nbFbjONXN7nwecV
9IwYyRVPhvj8UJCH/cEW9hkLu0vQpxsSH3epEOPsSy1fKVkmWEOL2wopjYZsdcxJ
knyXagkpaQBdQgZM8r+8Fl6xhTUOf9Odnv1cyeMVeLshqfSsXOYSogL5gyRYSQB2
wOwaPc9vknwO/5s/UDMWtqGUrXn9ebZBuaSOUYhX8BgWs43ioo638+dV1UnVWN40
p4sbDNORiUGsYF9Okd0miHK/G5vMOblCaPJ3GK6FCaWMH0a9uwB/pOEF2BCauYgj
cZfR
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:25 2024 by rpki-client on console-fra.rpki-client.org