Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/1d312f-be9e-4a27-b22c-2f21f4524683/1/UmzM8OlpBn1_cgbmpy1p5uONkkY.roa
File: UmzM8OlpBn1_cgbmpy1p5uONkkY.roa (raw, json)
Hash identifier: ElhdmRYV6sildjsenHkY0WwUeHZJ84Ak11okLf1pOGU=
Subject key identifier: 52:6C:CC:F0:E9:69:06:7D:7F:72:06:E6:A7:2D:69:E6:E3:8D:92:46
Certificate issuer: /CN=88feb2b050d50ad8ce10c1c2f507fdb8a52d028c
Certificate serial: 01856D941C6138BEB141C4488F6F46AA4D60
Authority key identifier: 88:FE:B2:B0:50:D5:0A:D8:CE:10:C1:C2:F5:07:FD:B8:A5:2D:02:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iP6ysFDVCtjOEMHC9Qf9uKUtAow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/1d312f-be9e-4a27-b22c-2f21f4524683/1/UmzM8OlpBn1_cgbmpy1p5uONkkY.roa
Signing time: Sun 01 Jan 2023 13:45:01 +0000
ROA not before: Sun 01 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24579
IP address blocks: 193.110.89.0/24 maxlen: 24
193.111.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:1c:61:38:be:b1:41:c4:48:8f:6f:46:aa:4d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88feb2b050d50ad8ce10c1c2f507fdb8a52d028c
Validity
Not Before: Jan 1 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=526cccf0e969067d7f7206e6a72d69e6e38d9246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c5:7b:f3:c3:2c:4d:fb:ab:d1:81:b7:f2:ed:
21:85:96:76:74:54:7c:e6:7e:f8:db:5b:94:60:70:
3d:9a:7d:d2:4e:04:85:a0:0a:99:ac:51:6e:bd:34:
c6:0f:7c:01:dd:ec:ad:bd:cd:2b:12:c1:ae:0f:1b:
49:48:56:32:aa:df:c0:97:ff:af:ff:82:7e:60:fa:
1d:02:5b:67:6a:77:8b:15:7a:c4:10:e4:69:d8:79:
d6:5b:0b:df:79:b9:99:8a:2b:44:7c:ee:92:41:43:
e1:12:60:14:7a:f8:5d:11:dd:92:c0:5b:1d:42:38:
8a:19:17:11:f0:97:f4:2a:48:2f:71:b0:38:aa:47:
5b:93:cc:b5:68:4d:f0:ad:ec:2e:b8:43:24:2d:12:
46:a2:f4:c8:83:a3:df:ac:8d:0f:e5:8a:1f:b8:28:
4c:15:f7:2f:e9:3d:ba:71:e9:54:85:6b:df:80:69:
85:e1:a0:71:f0:e6:2c:84:25:f3:e8:75:42:02:bd:
e6:14:9d:b3:8a:40:2e:22:c3:de:9f:fd:86:b0:67:
8d:ca:c9:66:b1:0a:46:cc:a2:36:f1:a1:64:3e:c4:
d7:dc:a2:97:3f:27:41:e6:03:3d:9c:49:78:67:95:
79:48:40:f6:4a:11:99:cb:56:70:15:9b:a7:e0:e8:
32:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6C:CC:F0:E9:69:06:7D:7F:72:06:E6:A7:2D:69:E6:E3:8D:92:46
X509v3 Authority Key Identifier:
keyid:88:FE:B2:B0:50:D5:0A:D8:CE:10:C1:C2:F5:07:FD:B8:A5:2D:02:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iP6ysFDVCtjOEMHC9Qf9uKUtAow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/1d312f-be9e-4a27-b22c-2f21f4524683/1/UmzM8OlpBn1_cgbmpy1p5uONkkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/1d312f-be9e-4a27-b22c-2f21f4524683/1/iP6ysFDVCtjOEMHC9Qf9uKUtAow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.89.0/24
193.111.188.0/22
Signature Algorithm: sha256WithRSAEncryption
07:55:b3:fc:4f:a1:df:60:0a:47:c7:49:9c:38:39:cd:05:76:
84:50:02:97:6a:ea:40:61:54:b3:65:97:b9:b9:4a:8a:22:03:
a1:38:51:b3:0a:ee:69:76:5c:20:84:b0:21:47:f0:60:71:7a:
62:b0:76:97:02:40:13:10:79:d1:96:51:c1:61:94:29:20:8b:
49:62:33:59:61:2e:db:94:4e:17:06:40:64:5b:a1:a6:f7:45:
6e:22:6e:13:0b:af:64:e8:2c:07:13:54:ca:f6:bd:ab:be:5b:
61:7b:7e:06:d6:73:09:7e:ca:fb:5b:e9:f2:a5:5f:d1:7d:40:
ed:d1:15:93:ae:32:ce:3e:a9:d2:e9:61:8d:8a:b8:f7:0e:20:
e3:8e:39:2e:61:43:ec:20:c1:61:e6:73:3b:c6:28:e2:f3:cf:
54:44:5c:e3:6a:56:3e:a0:07:03:83:e5:0d:fb:9e:10:61:37:
15:12:ea:e5:20:c8:85:24:b3:ea:2b:fd:e8:2a:82:34:4d:dd:
c2:b1:82:c1:b8:f0:52:8f:f7:9b:44:fa:7e:96:69:f7:13:17:
fb:b0:a2:ea:5f:71:8f:2f:49:ad:63:5c:95:1a:c5:0d:44:95:
8b:92:e1:aa:22:4d:9e:67:41:24:aa:c9:9e:7c:a3:7f:68:59:
72:42:37:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtlBxhOL6xQcRIj29Gqk1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmViMmIwNTBkNTBhZDhjZTEwYzFjMmY1MDdmZGI4YTUy
ZDAyOGMwHhcNMjMwMTAxMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZjY2NmMGU5NjkwNjdkN2Y3MjA2ZTZhNzJkNjllNmUzOGQ5MjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MV788MsTfur0YG38u0hhZZ2dFR8
5n7421uUYHA9mn3STgSFoAqZrFFuvTTGD3wB3eytvc0rEsGuDxtJSFYyqt/Al/+v
/4J+YPodAltnaneLFXrEEORp2HnWWwvfebmZiitEfO6SQUPhEmAUevhdEd2SwFsd
QjiKGRcR8Jf0KkgvcbA4qkdbk8y1aE3wrewuuEMkLRJGovTIg6PfrI0P5YofuChM
Ffcv6T26celUhWvfgGmF4aBx8OYshCXz6HVCAr3mFJ2zikAuIsPen/2GsGeNyslm
sQpGzKI28aFkPsTX3KKXPydB5gM9nEl4Z5V5SED2ShGZy1ZwFZun4OgyWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJszPDpaQZ9f3IG5qctaebjjZJGMB8GA1UdIwQY
MBaAFIj+srBQ1QrYzhDBwvUH/bilLQKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVA2eXNGRFZDdGpPRU1IQzlRZjl1S1V0QW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8xZDMxMmYtYmU5ZS00YTI3LWIyMmMt
MmYyMWY0NTI0NjgzLzEvVW16TThPbHBCbjFfY2dibXB5MXA1dU9Oa2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8xZDMxMmYtYmU5ZS00YTI3LWIyMmMtMmYyMWY0NTI0Njgz
LzEvaVA2eXNGRFZDdGpPRU1IQzlRZjl1S1V0QW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW5ZAwQC
wW+8MA0GCSqGSIb3DQEBCwUAA4IBAQAHVbP8T6HfYApHx0mcODnNBXaEUAKXaupA
YVSzZZe5uUqKIgOhOFGzCu5pdlwghLAhR/BgcXpisHaXAkATEHnRllHBYZQpIItJ
YjNZYS7blE4XBkBkW6Gm90VuIm4TC69k6CwHE1TK9r2rvlthe34G1nMJfsr7W+ny
pV/RfUDt0RWTrjLOPqnS6WGNirj3DiDjjjkuYUPsIMFh5nM7xiji889URFzjalY+
oAcDg+UN+54QYTcVEurlIMiFJLPqK/3oKoI0Td3CsYLBuPBSj/ebRPp+lmn3Exf7
sKLqX3GPL0mtY1yVGsUNRJWLkuGqIk2eZ0EkqsmefKN/aFlyQjcC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:27 2024 by rpki-client on console-ams.rpki-client.org