Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UMLdrjNYdgMMNptX4Ke8cfydHwM.roa
File: UMLdrjNYdgMMNptX4Ke8cfydHwM.roa (raw, json)
Hash identifier: k55Fb4Yj+P4kdfV8Rn71TawSLfvXfpKgub1Kn3UvWZ0=
Subject key identifier: 50:C2:DD:AE:33:58:76:03:0C:36:9B:57:E0:A7:BC:71:FC:9D:1F:03
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D8EB669E12457C2980FB5C91CAB9E37FC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UMLdrjNYdgMMNptX4Ke8cfydHwM.roa
Signing time: Fri 09 Feb 2024 16:32:15 +0000
ROA not before: Fri 09 Feb 2024 16:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8151
IP address blocks: 45.144.224.0/24 maxlen: 24
194.5.84.0/24 maxlen: 24
194.242.3.0/24 maxlen: 24
2a10:6c00::/32 maxlen: 32
2a10:7406::/32 maxlen: 32
2a10:7407::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:b6:69:e1:24:57:c2:98:0f:b5:c9:1c:ab:9e:37:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 9 16:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50c2ddae335876030c369b57e0a7bc71fc9d1f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:59:60:61:fe:bf:38:b0:4a:cc:0f:db:c5:1b:
62:e8:d1:c7:09:e2:27:ea:8f:39:64:84:e4:a3:7d:
db:d9:06:09:54:37:8a:41:b7:1c:42:c0:cb:51:b0:
76:45:73:7d:66:74:0b:e9:02:b9:f6:33:bd:23:91:
e7:61:30:af:b0:3b:13:2a:c3:87:16:ac:b8:c2:72:
54:af:1c:2e:e6:60:e1:c4:fd:e8:e1:01:85:40:85:
20:0e:ef:0a:83:cb:a8:fb:85:69:42:71:d4:f6:ce:
05:59:87:e2:a8:4c:e5:c2:02:80:de:a6:0c:8a:1b:
87:6e:b3:12:f9:d4:5e:56:29:8e:c3:3b:b0:b4:37:
ba:b7:60:7c:b6:35:45:cf:8a:24:79:fb:0b:0e:e9:
e1:f8:04:0c:50:7d:0a:40:95:e7:cc:92:7b:03:98:
4d:64:61:45:71:19:c4:29:71:9e:3b:41:bf:86:2d:
19:cc:5a:4b:e0:3e:f3:63:2e:5f:9c:11:d5:7a:9f:
e9:fd:81:e8:0a:2f:e6:a7:35:e8:52:47:94:98:4d:
a7:94:1f:b2:3d:3c:8f:71:e2:1e:a1:c0:ee:e8:a0:
f7:0a:91:e8:ab:61:49:5f:8d:20:63:b1:b4:15:02:
8f:04:54:a1:de:96:a1:7f:d7:cc:a6:ab:d0:08:70:
70:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C2:DD:AE:33:58:76:03:0C:36:9B:57:E0:A7:BC:71:FC:9D:1F:03
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UMLdrjNYdgMMNptX4Ke8cfydHwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.224.0/24
194.5.84.0/24
194.242.3.0/24
IPv6:
2a10:6c00::/32
2a10:7406::/31
Signature Algorithm: sha256WithRSAEncryption
10:b8:8a:b0:08:18:bb:14:ab:59:cb:28:6f:e1:0b:5f:3a:40:
40:e8:be:06:6b:59:32:94:d1:4c:a0:83:08:52:09:cc:c6:27:
3e:ad:f1:96:61:8f:d7:b0:09:a6:b3:22:a1:ea:b8:28:44:ea:
09:c5:9f:3c:46:00:4d:ad:86:06:be:cc:c7:57:95:95:c2:c9:
39:98:46:8d:98:db:9a:b4:05:84:b3:1f:46:07:73:c9:6a:95:
3f:51:cb:18:83:f0:cd:2f:3e:e0:17:a8:0d:6a:97:59:44:ff:
e6:98:bf:db:0e:67:ff:91:f0:44:01:41:f9:ec:83:45:59:ba:
92:12:81:df:5a:9b:93:da:95:35:7c:36:7b:1d:c7:96:42:5d:
9b:eb:6d:0d:82:97:42:46:52:75:f1:c1:39:35:d5:0d:57:f5:
e6:8e:72:dc:58:a9:c0:10:74:7e:2b:9a:94:fc:53:1f:fb:2b:
47:f9:7b:5d:9e:29:26:11:cc:e7:d3:27:61:9e:da:ac:62:b0:
24:10:cc:0e:c8:aa:5a:fa:42:10:58:13:5a:44:aa:74:1c:7e:
05:2c:f8:f9:68:59:83:5e:f5:0b:ce:ae:8f:08:a5:25:3a:38:
76:6b:04:ae:c4:68:d1:e3:29:15:9b:91:b3:8a:e0:10:01:1f:
49:dc:50:46
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY2OtmnhJFfCmA+1yRyrnjf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMjA5MTYzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGMyZGRhZTMzNTg3NjAzMGMzNjliNTdlMGE3YmM3MWZjOWQxZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqllgYf6/OLBKzA/bxRti6NHHCeIn
6o85ZITko33b2QYJVDeKQbccQsDLUbB2RXN9ZnQL6QK59jO9I5HnYTCvsDsTKsOH
Fqy4wnJUrxwu5mDhxP3o4QGFQIUgDu8Kg8uo+4VpQnHU9s4FWYfiqEzlwgKA3qYM
ihuHbrMS+dReVimOwzuwtDe6t2B8tjVFz4okefsLDunh+AQMUH0KQJXnzJJ7A5hN
ZGFFcRnEKXGeO0G/hi0ZzFpL4D7zYy5fnBHVep/p/YHoCi/mpzXoUkeUmE2nlB+y
PTyPceIeocDu6KD3CpHoq2FJX40gY7G0FQKPBFSh3pahf9fMpqvQCHBwKQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFDC3a4zWHYDDDabV+CnvHH8nR8DMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVU1MZHJqTllkZ01NTnB0WDRLZThjZnlkSHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALZDgAwQA
wgVUAwQAwvIDMBQEAgACMA4DBQAqEGwAAwUBKhB0BjANBgkqhkiG9w0BAQsFAAOC
AQEAELiKsAgYuxSrWcsob+ELXzpAQOi+BmtZMpTRTKCDCFIJzMYnPq3xlmGP17AJ
prMioeq4KETqCcWfPEYATa2GBr7Mx1eVlcLJOZhGjZjbmrQFhLMfRgdzyWqVP1HL
GIPwzS8+4BeoDWqXWUT/5pi/2w5n/5HwRAFB+eyDRVm6khKB31qbk9qVNXw2ex3H
lkJdm+ttDYKXQkZSdfHBOTXVDVf15o5y3FipwBB0fiualPxTH/srR/l7XZ4pJhHM
59MnYZ7arGKwJBDMDsiqWvpCEFgTWkSqdBx+BSz4+WhZg171C86ujwilJTo4dmsE
rsRo0eMpFZuRs4rgEAEfSdxQRg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:34 2025 by rpki-client