Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/3b91a2-d2a7-4e69-9c86-bdf3917a9267/1/UMv27vIuR8TqFqxcJFcujuWvErQ.roa
File: UMv27vIuR8TqFqxcJFcujuWvErQ.roa (raw, json)
Hash identifier: ze1uEL+rh+NpmWkiswlhnAvbHMD2+4bQxH/3tuO+aUA=
Subject key identifier: 50:CB:F6:EE:F2:2E:47:C4:EA:16:AC:5C:24:57:2E:8E:E5:AF:12:B4
Certificate issuer: /CN=af2bf82fda28e08f6229460ba2e24141464331e5
Certificate serial: 018572B426C005CA02321BA90EC0D27D9097
Authority key identifier: AF:2B:F8:2F:DA:28:E0:8F:62:29:46:0B:A2:E2:41:41:46:43:31:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryv4L9oo4I9iKUYLouJBQUZDMeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/3b91a2-d2a7-4e69-9c86-bdf3917a9267/1/UMv27vIuR8TqFqxcJFcujuWvErQ.roa
Signing time: Mon 02 Jan 2023 13:38:07 +0000
ROA not before: Mon 02 Jan 2023 13:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204943
IP address blocks: 185.235.48.0/22 maxlen: 22
2a0d:4b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:26:c0:05:ca:02:32:1b:a9:0e:c0:d2:7d:90:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2bf82fda28e08f6229460ba2e24141464331e5
Validity
Not Before: Jan 2 13:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50cbf6eef22e47c4ea16ac5c24572e8ee5af12b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f9:d4:4f:e8:18:94:b2:2c:f8:32:2b:81:62:
59:cf:aa:b0:54:7c:64:b5:03:07:47:b2:5e:db:2c:
89:25:de:df:70:82:96:5e:79:24:af:ce:97:9b:0f:
11:c4:49:68:cd:d5:4d:c6:27:6b:73:59:b3:98:08:
ef:0e:90:35:92:e7:67:df:11:fe:25:71:a8:94:ec:
8d:2b:ef:05:07:1c:d3:89:33:29:d8:f4:eb:dd:ce:
c6:2b:36:8c:f9:74:ae:f0:b1:4f:5b:52:41:93:bc:
02:65:1e:11:1e:53:2f:31:99:f7:50:7a:65:15:99:
c3:a7:46:8a:0b:6a:99:01:a8:68:c4:e1:d1:15:a7:
a1:fa:f2:e9:4e:b6:4b:4d:e7:fc:39:6a:a2:82:ef:
1b:e5:64:bc:8a:63:3c:8a:02:15:a8:24:3e:fa:ec:
8b:83:a4:ce:da:81:c5:2c:b4:7e:aa:c6:dd:99:d6:
40:8c:b1:7a:7c:89:d7:4a:ae:fc:15:79:8d:bc:cd:
f8:75:e8:e0:04:34:84:80:72:89:37:34:0b:ac:e8:
cc:31:b7:27:d9:e2:a1:a6:85:14:08:f2:18:e0:ee:
b7:c3:36:de:bf:0a:b7:42:aa:bc:8c:da:ba:7d:8e:
8e:41:71:60:78:a0:1e:30:07:6f:63:15:72:1e:7c:
fd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:CB:F6:EE:F2:2E:47:C4:EA:16:AC:5C:24:57:2E:8E:E5:AF:12:B4
X509v3 Authority Key Identifier:
keyid:AF:2B:F8:2F:DA:28:E0:8F:62:29:46:0B:A2:E2:41:41:46:43:31:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryv4L9oo4I9iKUYLouJBQUZDMeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3b91a2-d2a7-4e69-9c86-bdf3917a9267/1/UMv27vIuR8TqFqxcJFcujuWvErQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3b91a2-d2a7-4e69-9c86-bdf3917a9267/1/ryv4L9oo4I9iKUYLouJBQUZDMeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.48.0/22
IPv6:
2a0d:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
0f:ab:74:a7:d2:5a:95:10:67:43:22:73:2f:85:86:72:b4:cd:
e3:ad:41:40:ad:af:62:85:68:7f:32:9c:4a:e7:d8:0e:28:a0:
71:66:18:4b:a5:3c:85:65:26:35:af:a6:a3:e1:84:d7:7c:76:
85:a7:03:bc:ac:6c:86:e4:a2:f5:14:67:94:bd:ed:03:9b:3a:
64:cf:68:b4:34:30:e2:76:5a:b7:31:43:3d:f4:86:2b:20:6e:
5a:df:81:10:2b:79:36:d0:bd:b3:17:6a:69:15:21:20:8c:df:
27:13:8e:fa:c2:a4:f0:e0:00:43:6f:aa:63:f3:cf:16:ae:98:
c1:7c:d9:b5:68:9f:58:af:de:43:49:eb:29:6e:6f:b0:c0:0d:
b6:39:68:1f:84:88:76:23:20:12:16:d2:c5:ee:77:0d:67:09:
36:72:90:bc:e8:42:df:37:28:46:f3:eb:e6:83:cf:ce:c2:cc:
79:a8:eb:df:ed:63:9c:12:8d:80:e2:e7:5f:d6:6e:ec:59:3e:
08:71:24:25:56:42:e2:0b:bb:50:aa:04:5e:f2:9d:cd:ba:8a:
af:46:3c:4d:11:67:df:4c:9e:28:47:27:82:30:34:33:78:77:
16:e6:14:24:16:6e:2a:3d:41:c5:00:a1:24:8b:2a:8a:d9:80:
f2:f9:af:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVytCbABcoCMhupDsDSfZCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmJmODJmZGEyOGUwOGY2MjI5NDYwYmEyZTI0MTQxNDY0
MzMxZTUwHhcNMjMwMTAyMTMzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGNiZjZlZWYyMmU0N2M0ZWExNmFjNWMyNDU3MmU4ZWU1YWYxMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvnUT+gYlLIs+DIrgWJZz6qwVHxk
tQMHR7Je2yyJJd7fcIKWXnkkr86Xmw8RxElozdVNxidrc1mzmAjvDpA1kudn3xH+
JXGolOyNK+8FBxzTiTMp2PTr3c7GKzaM+XSu8LFPW1JBk7wCZR4RHlMvMZn3UHpl
FZnDp0aKC2qZAahoxOHRFaeh+vLpTrZLTef8OWqigu8b5WS8imM8igIVqCQ++uyL
g6TO2oHFLLR+qsbdmdZAjLF6fInXSq78FXmNvM34dejgBDSEgHKJNzQLrOjMMbcn
2eKhpoUUCPIY4O63wzbevwq3Qqq8jNq6fY6OQXFgeKAeMAdvYxVyHnz96wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFDL9u7yLkfE6hasXCRXLo7lrxK0MB8GA1UdIwQY
MBaAFK8r+C/aKOCPYilGC6LiQUFGQzHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnl2NEw5b280STlpS1VZTG91SkJRVVpETWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zYjkxYTItZDJhNy00ZTY5LTljODYt
YmRmMzkxN2E5MjY3LzEvVU12Mjd2SXVSOFRxRnF4Y0pGY3VqdVd2RXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zYjkxYTItZDJhNy00ZTY5LTljODYtYmRmMzkxN2E5MjY3
LzEvcnl2NEw5b280STlpS1VZTG91SkJRVVpETWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueswMA0E
AgACMAcDBQMqDUsAMA0GCSqGSIb3DQEBCwUAA4IBAQAPq3Sn0lqVEGdDInMvhYZy
tM3jrUFAra9ihWh/MpxK59gOKKBxZhhLpTyFZSY1r6aj4YTXfHaFpwO8rGyG5KL1
FGeUve0Dmzpkz2i0NDDidlq3MUM99IYrIG5a34EQK3k20L2zF2ppFSEgjN8nE476
wqTw4ABDb6pj888WrpjBfNm1aJ9Yr95DSespbm+wwA22OWgfhIh2IyASFtLF7ncN
Zwk2cpC86ELfNyhG8+vmg8/Owsx5qOvf7WOcEo2A4udf1m7sWT4IcSQlVkLiC7tQ
qgRe8p3NuoqvRjxNEWffTJ4oRyeCMDQzeHcW5hQkFm4qPUHFAKEkiyqK2YDy+a9G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org