Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/um8-QkXgTcipuk2I5K77Z1-5UDI.roa
File: um8-QkXgTcipuk2I5K77Z1-5UDI.roa (raw, json)
Hash identifier: 1xK1ZssiIYYnfHJUL5d0CWUvhPcbJIfypjsklEpFMzM=
Subject key identifier: BA:6F:3E:42:45:E0:4D:C8:A9:BA:4D:88:E4:AE:FB:67:5F:B9:50:32
Certificate issuer: /CN=6040732fdbcaa52900db2462075bf4ef15159695
Certificate serial: 018F3EEA58A7FF44E10EE21D3408549BF651
Authority key identifier: 60:40:73:2F:DB:CA:A5:29:00:DB:24:62:07:5B:F4:EF:15:15:96:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/um8-QkXgTcipuk2I5K77Z1-5UDI.roa
Signing time: Fri 03 May 2024 14:44:56 +0000
ROA not before: Fri 03 May 2024 14:44:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208973
IP address blocks: 45.67.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3e:ea:58:a7:ff:44:e1:0e:e2:1d:34:08:54:9b:f6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6040732fdbcaa52900db2462075bf4ef15159695
Validity
Not Before: May 3 14:44:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba6f3e4245e04dc8a9ba4d88e4aefb675fb95032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5f:b2:61:cb:42:33:38:fa:f0:d8:88:03:61:
45:44:a9:68:4a:cf:ef:db:fa:49:34:38:f9:82:bd:
09:5a:6a:a2:92:08:eb:27:1f:57:dc:80:57:a1:09:
a0:4d:f3:55:d2:ae:6f:56:eb:a9:3d:1e:39:f9:bc:
63:cc:4c:cf:2d:10:01:b9:fa:3d:92:71:cc:bb:c8:
df:7b:b8:2d:3f:2f:de:f6:f5:33:28:00:fa:df:92:
be:5e:ca:3e:34:87:e2:3f:6e:34:43:f7:a3:d6:b8:
9a:09:b7:32:54:e5:74:60:1f:f2:a5:34:31:e4:0d:
61:49:e9:c3:5e:ba:af:03:4c:1f:c9:55:cf:d3:fd:
ae:f2:16:94:b1:05:f9:ea:da:dd:10:db:71:3d:9c:
d1:10:58:ca:1a:3b:b3:e5:f9:be:5c:d4:76:5e:c2:
84:42:25:17:b9:83:22:d3:bc:b0:0b:82:d7:c7:42:
cb:dc:e7:64:d4:e9:59:01:09:1c:6a:ec:da:df:9a:
09:e9:35:ef:be:86:14:22:8b:2d:27:5a:67:9f:7a:
b4:bd:c0:29:db:3e:4d:89:e0:85:30:06:37:31:3a:
da:17:03:6a:79:27:a5:1b:ed:50:0a:b9:2c:45:aa:
9b:3c:99:e7:72:f7:e2:9e:7b:5d:0e:84:07:2d:e8:
eb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6F:3E:42:45:E0:4D:C8:A9:BA:4D:88:E4:AE:FB:67:5F:B9:50:32
X509v3 Authority Key Identifier:
keyid:60:40:73:2F:DB:CA:A5:29:00:DB:24:62:07:5B:F4:EF:15:15:96:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/um8-QkXgTcipuk2I5K77Z1-5UDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.104.0/22
Signature Algorithm: sha256WithRSAEncryption
62:d4:ad:2b:34:93:7e:ee:ae:8f:08:ec:c9:40:4f:8c:e3:94:
2e:d8:06:8b:79:42:de:51:48:b5:2b:f5:af:ce:ab:d0:8f:26:
30:0f:f2:a7:3e:86:5b:e5:eb:82:17:b4:61:d1:4e:fb:06:95:
82:ad:29:cc:9c:55:ee:9c:9c:f5:df:65:3b:12:17:a7:0a:95:
23:84:41:df:d6:a2:9b:6a:8d:4c:d7:28:00:7e:ec:73:06:8f:
7b:9f:ad:35:08:82:f5:24:4f:77:ae:f7:72:71:c8:f7:56:21:
12:f0:ba:a1:16:90:19:23:b3:51:8c:dc:56:2a:d0:84:e2:a2:
09:dc:db:19:17:d6:13:90:d5:c4:d0:27:b9:5b:24:5b:5b:50:
be:6d:d6:8a:ff:38:74:1d:cb:51:64:b1:57:01:3d:6c:2d:fc:
50:e0:33:93:ea:5b:0b:b6:fa:83:22:1f:0b:8b:b7:ad:07:c1:
15:c0:cc:c1:d5:1c:e4:42:c6:78:04:6c:7d:9d:48:3f:b3:74:
78:9d:e8:74:b3:c8:5a:71:da:01:4b:9a:f5:51:f7:fd:b1:44:
19:63:c7:9a:68:d6:f2:87:df:1f:7a:5a:41:1f:3c:90:de:66:
69:dc:a4:eb:66:ee:f5:b0:be:bf:c2:1e:ac:ad:da:b9:07:45:
f6:d6:ce:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8+6lin/0ThDuIdNAhUm/ZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNDA3MzJmZGJjYWE1MjkwMGRiMjQ2MjA3NWJmNGVmMTUx
NTk2OTUwHhcNMjQwNTAzMTQ0NDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZmM2U0MjQ1ZTA0ZGM4YTliYTRkODhlNGFlZmI2NzVmYjk1MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1+yYctCMzj68NiIA2FFRKloSs/v
2/pJNDj5gr0JWmqikgjrJx9X3IBXoQmgTfNV0q5vVuupPR45+bxjzEzPLRABufo9
knHMu8jfe7gtPy/e9vUzKAD635K+Xso+NIfiP240Q/ej1riaCbcyVOV0YB/ypTQx
5A1hSenDXrqvA0wfyVXP0/2u8haUsQX56trdENtxPZzREFjKGjuz5fm+XNR2XsKE
QiUXuYMi07ywC4LXx0LL3Odk1OlZAQkcauza35oJ6TXvvoYUIostJ1pnn3q0vcAp
2z5NieCFMAY3MTraFwNqeSelG+1QCrksRaqbPJnncvfinntdDoQHLejrPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpvPkJF4E3IqbpNiOSu+2dfuVAyMB8GA1UdIwQY
MBaAFGBAcy/byqUpANskYgdb9O8VFZaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81Njc2YTMtOWMzOS00ZGIwLTk1MWUt
ZDJiNjk4MmJjNDg0LzEvdW04LVFrWGdUY2lwdWsySTVLNzdaMS01VURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81Njc2YTMtOWMzOS00ZGIwLTk1MWUtZDJiNjk4MmJjNDg0
LzEvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUNoMA0G
CSqGSIb3DQEBCwUAA4IBAQBi1K0rNJN+7q6PCOzJQE+M45Qu2AaLeULeUUi1K/Wv
zqvQjyYwD/KnPoZb5euCF7Rh0U77BpWCrSnMnFXunJz132U7EhenCpUjhEHf1qKb
ao1M1ygAfuxzBo97n601CIL1JE93rvdyccj3ViES8LqhFpAZI7NRjNxWKtCE4qIJ
3NsZF9YTkNXE0Ce5WyRbW1C+bdaK/zh0HctRZLFXAT1sLfxQ4DOT6lsLtvqDIh8L
i7etB8EVwMzB1RzkQsZ4BGx9nUg/s3R4neh0s8hacdoBS5r1Uff9sUQZY8eaaNby
h98felpBHzyQ3mZp3KTrZu71sL6/wh6srdq5B0X21s6x
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:46 2025 by rpki-client