Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/UMR4GUolVypz5M5OSw5xsWFEhI8.roa
File: UMR4GUolVypz5M5OSw5xsWFEhI8.roa (raw, json)
Hash identifier: pHhdRgy3hgWOs38zNSM72ismnYko/uN+uanwZD0oiEA=
Subject key identifier: 50:C4:78:19:4A:25:57:2A:73:E4:CE:4E:4B:0E:71:B1:61:44:84:8F
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A2CCD1279EDE30547781AF1043FE5
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/UMR4GUolVypz5M5OSw5xsWFEhI8.roa
Signing time: Sun 01 Jan 2023 03:05:01 +0000
ROA not before: Sun 01 Jan 2023 03:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56676
IP address blocks: 178.170.187.0/24 maxlen: 24
141.101.189.0/24 maxlen: 24
46.243.163.0/24 maxlen: 24
37.230.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:2c:cd:12:79:ed:e3:05:47:78:1a:f1:04:3f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50c478194a25572a73e4ce4e4b0e71b16144848f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:84:7d:00:50:26:b1:eb:b1:bd:3b:0f:8a:79:
f4:f4:3b:c9:cb:74:06:7d:d3:b6:df:30:17:9a:6d:
d7:b3:fa:f5:6b:b0:f0:56:5e:3d:71:db:66:57:b2:
ea:c8:65:bf:33:5b:49:e4:be:93:9d:8a:99:68:93:
89:63:f4:4b:f3:3a:4b:ea:a1:02:f8:9f:d6:25:57:
8e:ab:a6:45:04:35:2a:87:bd:8e:38:3a:44:36:2e:
c3:6f:ad:f6:14:a5:06:1a:40:4f:d0:29:a6:3a:c4:
2a:c6:4f:f1:cb:c3:00:1e:1d:24:24:e4:93:c2:83:
d2:cd:4c:05:d0:4f:64:29:54:75:34:6f:80:8e:68:
ac:de:68:62:9f:62:4e:64:3a:47:4f:59:d1:be:19:
e3:2c:5b:42:17:91:98:41:2a:07:92:9e:76:85:02:
23:53:8f:ce:6e:2e:04:33:84:51:f7:98:d8:7a:88:
f5:e3:37:92:eb:51:d6:4a:e6:37:33:74:a9:c7:e3:
04:30:f9:48:5f:77:a3:90:28:ec:38:b3:a6:57:97:
db:8b:ee:a9:7c:8f:60:7a:dd:de:b9:47:60:68:eb:
52:e2:95:bd:96:81:49:de:b9:6d:28:67:fb:1a:73:
98:43:48:3b:3c:89:50:4e:47:97:d3:73:6c:fc:42:
a6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C4:78:19:4A:25:57:2A:73:E4:CE:4E:4B:0E:71:B1:61:44:84:8F
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/UMR4GUolVypz5M5OSw5xsWFEhI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.148.0/24
46.243.163.0/24
141.101.189.0/24
178.170.187.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:d3:93:d3:16:4e:f8:7c:1e:14:a2:e8:2e:39:0c:96:06:55:
90:03:cf:e2:04:d5:50:f9:c9:7a:e8:a8:4b:cd:57:8e:2d:96:
f2:f1:9c:a2:da:6b:58:50:24:8d:ca:54:be:bb:bc:3b:96:b7:
c5:be:2e:5f:33:1c:0a:00:e3:e6:d1:51:ea:89:e8:40:1e:3e:
33:17:9e:af:2c:88:91:44:7b:5e:e7:11:f3:35:1b:25:91:8b:
36:45:fc:1e:47:e5:95:c6:e7:e7:d2:90:98:db:ce:09:a5:49:
57:f7:56:ef:77:78:cb:19:58:3f:25:d4:28:d2:62:f7:e0:41:
9c:9e:d9:3d:13:70:f0:2f:29:6a:12:b8:67:0f:03:4d:38:15:
11:c3:0f:e7:11:20:8f:cc:d0:13:87:f4:fb:f8:e7:a5:1e:2c:
aa:ec:6d:69:24:d1:52:ec:0f:c0:26:9a:ce:96:8d:da:de:6f:
64:ca:77:d4:46:26:e6:9a:22:25:15:ef:7c:2e:42:1f:ed:d9:
a0:7a:0d:af:1a:0d:d4:52:e6:fd:66:f3:0f:3a:1f:9f:33:25:
b9:2b:53:5a:99:7e:ce:66:b3:c0:09:eb:f2:15:41:22:62:7f:
0f:12:63:c6:9b:87:58:84:a0:64:69:58:67:dd:3e:00:77:e2:
17:c3:bb:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVrSizNEnnt4wVHeBrxBD/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGM0NzgxOTRhMjU1NzJhNzNlNGNlNGU0YjBlNzFiMTYxNDQ4NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IR9AFAmseuxvTsPinn09DvJy3QG
fdO23zAXmm3Xs/r1a7DwVl49cdtmV7LqyGW/M1tJ5L6TnYqZaJOJY/RL8zpL6qEC
+J/WJVeOq6ZFBDUqh72OODpENi7Db632FKUGGkBP0CmmOsQqxk/xy8MAHh0kJOST
woPSzUwF0E9kKVR1NG+Ajmis3mhin2JOZDpHT1nRvhnjLFtCF5GYQSoHkp52hQIj
U4/Obi4EM4RR95jYeoj14zeS61HWSuY3M3Spx+MEMPlIX3ejkCjsOLOmV5fbi+6p
fI9get3euUdgaOtS4pW9loFJ3rltKGf7GnOYQ0g7PIlQTkeX03Ns/EKmywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFDEeBlKJVcqc+TOTksOcbFhRISPMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvVU1SNEdVb2xWeXB6NU01T1N3NXhzV0ZFaEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJeaUAwQA
LvOjAwQAjWW9AwQAsqq7MA0GCSqGSIb3DQEBCwUAA4IBAQAu05PTFk74fB4Uougu
OQyWBlWQA8/iBNVQ+cl66KhLzVeOLZby8Zyi2mtYUCSNylS+u7w7lrfFvi5fMxwK
AOPm0VHqiehAHj4zF56vLIiRRHte5xHzNRslkYs2RfweR+WVxufn0pCY284JpUlX
91bvd3jLGVg/JdQo0mL34EGcntk9E3DwLylqErhnDwNNOBURww/nESCPzNATh/T7
+OelHiyq7G1pJNFS7A/AJprOlo3a3m9kynfURibmmiIlFe98LkIf7dmgeg2vGg3U
Uub9ZvMPOh+fMyW5K1NamX7OZrPACevyFUEiYn8PEmPGm4dYhKBkaVhn3T4Ad+IX
w7vy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org