Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/umjlxoRdgSMNpSK9OSC2grt_lAQ.roa
File: umjlxoRdgSMNpSK9OSC2grt_lAQ.roa (raw, json)
Hash identifier: KQF7ZseuS6bL7O8z49IblCjjvMSYo8SnDy+Bg6a4m14=
Subject key identifier: BA:68:E5:C6:84:5D:81:23:0D:A5:22:BD:39:20:B6:82:BB:7F:94:04
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0189BF0D7921ACFCA4966B5C074C449C0C57
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/umjlxoRdgSMNpSK9OSC2grt_lAQ.roa
Signing time: Fri 04 Aug 2023 05:37:58 +0000
ROA not before: Fri 04 Aug 2023 05:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
81.29.151.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 14 Aug 2023 05:35:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:0d:79:21:ac:fc:a4:96:6b:5c:07:4c:44:9c:0c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Aug 4 05:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba68e5c6845d81230da522bd3920b682bb7f9404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:b1:45:46:cd:ba:bc:5a:0a:91:40:5d:96:
84:a5:e1:06:53:ee:4b:7f:27:c7:50:5f:b8:57:de:
6c:f1:60:d0:71:5a:f9:3f:cc:61:b6:9d:46:2e:e0:
fe:e4:3b:63:b7:fe:80:98:09:99:d0:34:0e:3a:5e:
e6:cb:16:0f:fd:7c:2e:27:ec:be:26:02:9a:88:15:
b7:86:c5:87:95:4b:e7:70:9a:dd:dd:1c:4d:9d:15:
fc:e5:c5:87:22:55:28:6f:6a:f8:2f:8f:60:0a:18:
fb:a5:30:ba:37:d0:ca:6d:18:d3:ab:b9:92:79:07:
8b:15:f4:6b:43:42:12:f5:c8:59:0c:fc:92:55:b0:
da:a4:f4:50:6f:a1:69:69:41:5b:90:a0:e0:d2:90:
0b:96:e8:51:86:58:b3:a0:b1:2a:70:e0:73:32:49:
08:3b:bd:3d:9a:0a:8d:36:e3:5b:d6:c1:86:6f:cb:
9a:48:05:72:b9:5d:ca:8d:a6:c8:7f:98:dd:69:d9:
c8:f8:a5:b3:ba:75:b7:37:64:e7:89:d3:35:83:c2:
66:77:bc:d6:86:05:15:1a:66:34:c5:da:25:13:d4:
19:86:d2:f3:03:9d:74:03:f2:4f:1d:a9:16:c9:22:
54:10:a9:14:dd:77:2a:ce:88:a5:61:81:61:75:71:
80:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:68:E5:C6:84:5D:81:23:0D:A5:22:BD:39:20:B6:82:BB:7F:94:04
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/umjlxoRdgSMNpSK9OSC2grt_lAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
81.29.151.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
8a:db:b6:d0:05:98:ba:c9:97:6e:08:9e:f4:ba:be:ac:64:5e:
dd:29:51:e1:8d:cb:50:99:1e:4c:db:f3:49:ba:4c:f7:1d:3e:
5b:53:cf:f2:18:84:e9:4a:fc:74:1b:12:2b:90:67:30:d9:49:
5d:eb:0c:94:7f:6e:11:e5:07:7f:93:b4:20:68:a4:9a:79:e8:
bc:be:ad:32:33:59:56:c4:f3:e5:af:a4:17:1f:a0:e1:56:8b:
4b:05:75:b5:63:b7:10:5b:d4:03:5f:6e:67:ed:0b:92:34:3f:
d0:19:b6:e5:17:c9:d5:eb:07:b6:db:29:e5:5f:24:5a:08:a7:
9d:3b:1f:a7:8f:7d:e6:14:ba:08:44:1e:d2:d3:bf:57:ed:07:
f6:ea:38:f6:bf:d9:3c:03:41:8e:c9:37:e2:58:e2:88:01:23:
43:2b:8e:a8:ad:cd:33:43:a4:b1:62:fc:82:c7:8b:81:05:d6:
2e:e2:73:2b:41:02:4e:01:de:38:8b:02:e9:49:a8:64:0b:0d:
28:52:00:4f:54:3f:1b:23:f3:6b:04:03:85:71:bb:c3:6e:8d:
f3:6a:37:fd:b0:fa:ee:61:35:5a:0a:a8:8b:90:ea:33:01:c7:
c5:f3:23:35:d9:fd:19:5c:54:a3:7d:71:b2:11:22:1d:d5:e4:
aa:1b:da:32
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYm/DXkhrPyklmtcB0xEnAxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwODA0MDUzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTY4ZTVjNjg0NWQ4MTIzMGRhNTIyYmQzOTIwYjY4MmJiN2Y5NDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAexRUbNurxaCpFAXZaEpeEGU+5L
fyfHUF+4V95s8WDQcVr5P8xhtp1GLuD+5Dtjt/6AmAmZ0DQOOl7myxYP/XwuJ+y+
JgKaiBW3hsWHlUvncJrd3RxNnRX85cWHIlUob2r4L49gChj7pTC6N9DKbRjTq7mS
eQeLFfRrQ0IS9chZDPySVbDapPRQb6FpaUFbkKDg0pALluhRhlizoLEqcOBzMkkI
O709mgqNNuNb1sGGb8uaSAVyuV3KjabIf5jdadnI+KWzunW3N2TnidM1g8Jmd7zW
hgUVGmY0xdolE9QZhtLzA510A/JPHakWySJUEKkU3XcqzoilYYFhdXGA1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLpo5caEXYEjDaUivTkgtoK7f5QEMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvdW1qbHhvUmRnU01OcFNLOU9TQzJncnRfbEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULgAwQA
UR2XMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQCK27bQBZi6yZdu
CJ70ur6sZF7dKVHhjctQmR5M2/NJukz3HT5bU8/yGITpSvx0GxIrkGcw2Uld6wyU
f24R5Qd/k7QgaKSaeei8vq0yM1lWxPPlr6QXH6DhVotLBXW1Y7cQW9QDX25n7QuS
ND/QGbblF8nV6we22ynlXyRaCKedOx+nj33mFLoIRB7S079X7Qf26jj2v9k8A0GO
yTfiWOKIASNDK46orc0zQ6SxYvyCx4uBBdYu4nMrQQJOAd44iwLpSahkCw0oUgBP
VD8bI/NrBAOFcbvDbo3zajf9sPruYTVaCqiLkOozAcfF8yM12f0ZXFSjfXGyESId
1eSqG9oy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org