Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/UMxbK1eVIp3PPm9dpTtf3liOix0.roa
File: UMxbK1eVIp3PPm9dpTtf3liOix0.roa (raw, json)
Hash identifier: KjdNqFGryxWIXHl+VzNKbbTJsX826/W/D8pxiWw5DMU=
Subject key identifier: 50:CC:5B:2B:57:95:22:9D:CF:3E:6F:5D:A5:3B:5F:DE:58:8E:8B:1D
Certificate issuer: /CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Certificate serial: 01856FC268A1ACABB8531F1567DF2DBBE3C5
Authority key identifier: BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/UMxbK1eVIp3PPm9dpTtf3liOix0.roa
Signing time: Sun 01 Jan 2023 23:54:49 +0000
ROA not before: Sun 01 Jan 2023 23:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24634
IP address blocks: 194.26.4.0/22 maxlen: 24
80.89.176.0/20 maxlen: 24
2a06:b940::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:68:a1:ac:ab:b8:53:1f:15:67:df:2d:bb:e3:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Validity
Not Before: Jan 1 23:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50cc5b2b5795229dcf3e6f5da53b5fde588e8b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:75:2e:a9:9e:d3:cd:88:13:aa:a4:e3:75:f1:
83:8e:9d:e4:b8:3b:c9:0a:07:c4:b7:15:cf:52:09:
d9:72:10:07:92:9e:c5:2e:13:4e:93:8c:ac:15:6e:
54:e2:6d:72:8f:6d:07:ea:f0:63:66:86:b1:d3:d1:
1c:99:64:72:ae:10:f6:c9:a2:74:2f:de:27:f6:93:
03:6c:0c:a8:c1:a0:54:55:92:80:ef:fb:90:99:ae:
2a:da:b5:df:b8:ce:83:90:56:3b:f8:2a:44:d6:b8:
8a:28:1e:42:84:87:50:74:19:89:6d:90:a1:5d:50:
56:f1:b8:32:d9:ea:0f:32:9e:2e:3f:c1:22:ad:9f:
cd:8d:dc:5c:6a:36:b4:58:11:2a:79:15:31:0e:e5:
7f:34:f9:31:c3:23:f4:49:33:57:04:0c:9f:d7:10:
3a:0e:01:b4:27:c8:ef:f9:33:4f:01:d1:59:26:75:
6c:e1:85:50:dd:de:60:86:3d:6f:41:67:cc:fc:1a:
44:47:7f:2a:8e:b9:17:24:c2:09:6e:bf:28:38:0f:
bc:b6:dc:e5:f4:dc:33:cf:ce:c6:cb:7e:55:4d:12:
85:34:f9:a3:7c:98:62:6a:5c:2f:7c:0e:b0:8a:df:
70:e9:d7:73:9b:d0:dd:56:ff:dc:9c:72:e6:22:3b:
fc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:CC:5B:2B:57:95:22:9D:CF:3E:6F:5D:A5:3B:5F:DE:58:8E:8B:1D
X509v3 Authority Key Identifier:
keyid:BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/UMxbK1eVIp3PPm9dpTtf3liOix0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.176.0/20
194.26.4.0/22
IPv6:
2a06:b940::/29
Signature Algorithm: sha256WithRSAEncryption
9e:09:4e:cb:92:49:5c:05:40:1a:e3:7b:63:7d:a8:19:2c:2b:
d0:1f:cd:2b:7d:47:01:0c:83:f9:97:d9:c8:d6:84:62:63:ed:
6d:87:d0:ad:22:d9:9a:96:cd:2e:20:17:bc:7b:c1:02:65:b3:
b7:f0:54:c8:6d:56:c7:af:d2:ca:b9:ad:e0:34:93:3c:51:03:
24:0e:1c:d1:54:e0:0e:37:3e:fa:15:30:95:10:99:f2:dc:66:
e9:59:09:ee:2a:36:57:46:29:a9:3e:07:9c:e1:c2:50:df:2a:
c3:75:57:8a:46:2e:1d:d3:4b:22:5e:c1:69:ba:07:1d:d3:02:
2f:d1:e9:55:5f:b0:85:b9:0a:c5:d1:d0:2d:64:8f:f5:cd:5b:
30:83:04:ff:2e:c6:47:d5:77:9d:dc:de:3f:6a:41:26:26:08:
28:d7:87:4b:51:bb:cb:e4:e0:d8:a3:d3:97:3e:e1:ec:ce:ea:
8b:29:f4:20:ce:a1:a0:58:04:dd:8b:e4:88:4a:f2:6f:8b:5b:
f8:26:f4:1c:06:89:0f:3f:3f:0a:f9:82:f0:ca:03:fc:3f:e0:
c1:fd:c9:77:c4:fb:2d:b6:97:83:2f:8d:a1:d0:26:a7:96:0e:
f5:84:44:56:01:a2:a0:8b:a4:c7:3d:72:77:e8:35:99:54:98:
79:45:d1:77
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvwmihrKu4Ux8VZ98tu+PFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGU2ZWRkMjZlZjFiMTZkODQ4ZTk4MTMwZTZmYzQ0NTBi
MzI3NTIwHhcNMjMwMTAxMjM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGNjNWIyYjU3OTUyMjlkY2YzZTZmNWRhNTNiNWZkZTU4OGU4YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnUuqZ7TzYgTqqTjdfGDjp3kuDvJ
CgfEtxXPUgnZchAHkp7FLhNOk4ysFW5U4m1yj20H6vBjZoax09EcmWRyrhD2yaJ0
L94n9pMDbAyowaBUVZKA7/uQma4q2rXfuM6DkFY7+CpE1riKKB5ChIdQdBmJbZCh
XVBW8bgy2eoPMp4uP8EirZ/Njdxcaja0WBEqeRUxDuV/NPkxwyP0STNXBAyf1xA6
DgG0J8jv+TNPAdFZJnVs4YVQ3d5ghj1vQWfM/BpER38qjrkXJMIJbr8oOA+8ttzl
9Nwzz87Gy35VTRKFNPmjfJhialwvfA6wit9w6ddzm9DdVv/cnHLmIjv8PQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFDMWytXlSKdzz5vXaU7X95YjosdMB8GA1UdIwQY
MBaAFL1Obt0m7xsW2EjpgTDm/ERQsydSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMt
OTYyOGY1MjY2NTQyLzEvVU14YksxZVZJcDNQUG05ZHBUdGYzbGlPaXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMtOTYyOGY1MjY2NTQy
LzEvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUFmwAwQC
whoEMA0EAgACMAcDBQMqBrlAMA0GCSqGSIb3DQEBCwUAA4IBAQCeCU7LkklcBUAa
43tjfagZLCvQH80rfUcBDIP5l9nI1oRiY+1th9CtItmals0uIBe8e8ECZbO38FTI
bVbHr9LKua3gNJM8UQMkDhzRVOAONz76FTCVEJny3GbpWQnuKjZXRimpPgec4cJQ
3yrDdVeKRi4d00siXsFpugcd0wIv0elVX7CFuQrF0dAtZI/1zVswgwT/LsZH1Xed
3N4/akEmJggo14dLUbvL5ODYo9OXPuHszuqLKfQgzqGgWATdi+SISvJvi1v4JvQc
BokPPz8K+YLwygP8P+DB/cl3xPsttpeDL42h0Canlg71hERWAaKgi6THPXJ36DWZ
VJh5RdF3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:10 2024 by rpki-client on console-ams.rpki-client.org