Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/umMTdtF4n-wZjPxufXmhwUd4OJE.roa
File: umMTdtF4n-wZjPxufXmhwUd4OJE.roa (raw, json)
Hash identifier: gOtFWTungwi3+c5g/fzcTWScmaWcebir+9E0449GGa8=
Subject key identifier: BA:63:13:76:D1:78:9F:EC:19:8C:FC:6E:7D:79:A1:C1:47:78:38:91
Certificate issuer: /CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Certificate serial: 01933E6952FFCDA7F8E7A234B1C110F6311A
Authority key identifier: C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/umMTdtF4n-wZjPxufXmhwUd4OJE.roa
Signing time: Mon 18 Nov 2024 08:35:10 +0000
ROA not before: Mon 18 Nov 2024 08:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58007
IP address blocks: 82.117.245.0/24 maxlen: 24
95.141.249.0/24 maxlen: 24
194.8.28.0/24 maxlen: 24
2a13:4380::/33 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Nov 2024 19:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:69:52:ff:cd:a7:f8:e7:a2:34:b1:c1:10:f6:31:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Validity
Not Before: Nov 18 08:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba631376d1789fec198cfc6e7d79a1c147783891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:03:ff:82:87:05:a4:23:30:71:8c:a1:ea:aa:
fb:8d:35:9f:0d:cf:ef:b2:78:2c:05:3b:77:84:67:
8a:33:db:42:7a:ce:6e:a5:35:a6:77:8d:85:5b:ce:
22:42:a5:95:53:a6:18:b2:78:f3:4c:0f:9f:fb:d1:
99:4e:79:11:58:e9:44:45:92:0a:41:ee:8d:b0:c7:
a7:93:82:0b:b0:5c:89:9d:3f:5f:8f:64:a4:30:cf:
6e:30:aa:f9:99:38:54:89:04:78:73:69:a0:09:29:
c3:3e:5f:02:c2:6c:95:fa:fc:85:c4:33:a0:fa:81:
a2:9b:04:a8:f4:f3:c6:66:ca:30:0c:b4:85:f0:b5:
78:08:df:86:5c:e5:87:1c:3a:24:3c:3a:e8:e8:cf:
8a:48:9e:30:03:bf:2b:e6:84:6e:6a:6f:16:a1:d4:
50:87:b9:e4:60:b3:a1:22:e1:d3:64:57:42:9c:71:
7a:35:67:e3:a9:a7:83:58:69:af:e5:83:ce:a4:92:
fb:60:05:dd:c4:cd:b2:da:2f:aa:aa:94:e4:32:6b:
2a:2b:c5:0a:51:80:d8:94:7b:e4:f4:11:d7:c4:ec:
25:0e:e5:ee:5d:93:49:88:1b:7b:f0:aa:7c:cd:27:
86:62:30:70:33:d9:54:5b:60:05:63:4a:2a:51:22:
b2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:63:13:76:D1:78:9F:EC:19:8C:FC:6E:7D:79:A1:C1:47:78:38:91
X509v3 Authority Key Identifier:
keyid:C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/umMTdtF4n-wZjPxufXmhwUd4OJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.245.0/24
95.141.249.0/24
194.8.28.0/24
IPv6:
2a13:4380::/33
Signature Algorithm: sha256WithRSAEncryption
36:33:7e:b4:ac:a3:8a:c2:fa:b8:f9:8d:46:0d:50:11:fb:18:
09:aa:58:16:c7:c4:14:bf:87:71:69:0c:2a:ef:f6:79:94:07:
9b:f4:b2:7f:2e:98:e6:63:54:e8:d2:29:76:f0:a1:b6:bf:ac:
d3:4e:1f:86:d7:92:a3:a3:b4:bc:18:52:d6:ae:39:26:19:b5:
4c:a7:9f:af:ff:14:08:23:ea:7f:b9:34:48:50:d7:cb:e5:f3:
c9:f3:2c:40:ad:32:8e:ba:5d:27:b8:80:c9:ca:b9:34:3a:5a:
c4:0c:92:8e:c1:6e:97:f7:ce:fa:1d:be:61:4a:47:d2:9b:3a:
cd:d9:b4:62:f9:5e:9c:00:f9:8a:74:46:4c:11:0f:b1:c2:af:
50:29:f8:74:14:c9:96:ba:f9:f1:3b:93:c7:89:41:3e:6e:b6:
ad:d7:56:8d:f3:29:f2:d5:30:6e:c9:98:eb:e6:5b:71:6d:e0:
b7:ab:cb:52:0a:a7:79:f8:64:54:9f:20:e2:44:0d:16:16:20:
80:10:29:d2:9b:fd:0d:2b:5b:f5:71:86:e0:04:d7:45:0a:23:
93:56:7a:71:7c:fa:e7:f8:65:f4:cf:a7:3e:d3:4f:bd:e1:d1:
fe:39:76:d5:bb:3c:69:ec:ab:a8:cd:7d:99:af:da:48:50:cc:
71:6d:86:b6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZM+aVL/zaf456I0scEQ9jEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDZjNGJlZmUwZmJiZTM2MjRiZDc0ODI5NmI1ZmUyZTdl
YzJkNjgwHhcNMjQxMTE4MDgzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTYzMTM3NmQxNzg5ZmVjMTk4Y2ZjNmU3ZDc5YTFjMTQ3NzgzODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQP/gocFpCMwcYyh6qr7jTWfDc/v
sngsBTt3hGeKM9tCes5upTWmd42FW84iQqWVU6YYsnjzTA+f+9GZTnkRWOlERZIK
Qe6NsMenk4ILsFyJnT9fj2SkMM9uMKr5mThUiQR4c2mgCSnDPl8CwmyV+vyFxDOg
+oGimwSo9PPGZsowDLSF8LV4CN+GXOWHHDokPDro6M+KSJ4wA78r5oRuam8WodRQ
h7nkYLOhIuHTZFdCnHF6NWfjqaeDWGmv5YPOpJL7YAXdxM2y2i+qqpTkMmsqK8UK
UYDYlHvk9BHXxOwlDuXuXZNJiBt78Kp8zSeGYjBwM9lUW2AFY0oqUSKymwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLpjE3bReJ/sGYz8bn15ocFHeDiRMB8GA1UdIwQY
MBaAFMlGxL7+D7vjYkvXSClrX+Ln7C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODkt
NmJiYjI3MDgxZGUyLzEvdW1NVGR0RjRuLXdaalB4dWZYbWh3VWQ0T0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODktNmJiYjI3MDgxZGUy
LzEveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAUnX1AwQA
X435AwQAwggcMA4EAgACMAgDBgcqE0OAADANBgkqhkiG9w0BAQsFAAOCAQEANjN+
tKyjisL6uPmNRg1QEfsYCapYFsfEFL+HcWkMKu/2eZQHm/Syfy6Y5mNU6NIpdvCh
tr+s004fhteSo6O0vBhS1q45Jhm1TKefr/8UCCPqf7k0SFDXy+XzyfMsQK0yjrpd
J7iAycq5NDpaxAySjsFul/fO+h2+YUpH0ps6zdm0YvlenAD5inRGTBEPscKvUCn4
dBTJlrr58TuTx4lBPm62rddWjfMp8tUwbsmY6+ZbcW3gt6vLUgqnefhkVJ8g4kQN
FhYggBAp0pv9DStb9XGG4ATXRQojk1Z6cXz65/hl9M+nPtNPveHR/jl21bs8aeyr
qM19ma/aSFDMcW2Gtg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:32 2024 by rpki-client on console-ams.rpki-client.org