Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/umn5b14oZhNFvSxWr4-S_KXBCXs.roa
File: umn5b14oZhNFvSxWr4-S_KXBCXs.roa (raw, json)
Hash identifier: Lzn2YB12Zh/rtE/AhHuJz5MEWdVINHpRq8hK9DDjSok=
Subject key identifier: BA:69:F9:6F:5E:28:66:13:45:BD:2C:56:AF:8F:92:FC:A5:C1:09:7B
Certificate issuer: /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial: 018EA7F96C903758C8A26ED0BCEC898964FC
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/umn5b14oZhNFvSxWr4-S_KXBCXs.roa
Signing time: Thu 04 Apr 2024 07:18:45 +0000
ROA not before: Thu 04 Apr 2024 07:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1241
IP address blocks: 46.12.0.0/16 maxlen: 24
46.246.128.0/17 maxlen: 24
62.1.0.0/16 maxlen: 24
77.49.0.0/16 maxlen: 24
79.103.0.0/16 maxlen: 24
130.43.0.0/17 maxlen: 24
188.4.0.0/16 maxlen: 24
193.92.0.0/16 maxlen: 24
194.219.0.0/16 maxlen: 24
195.74.224.0/19 maxlen: 24
212.54.192.0/19 maxlen: 24
212.251.0.0/17 maxlen: 24
213.16.128.0/17 maxlen: 24
2a02:2148::/29 maxlen: 41
Validation: Failed, certificate revoked on Fri 12 Apr 2024 06:27:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:f9:6c:90:37:58:c8:a2:6e:d0:bc:ec:89:89:64:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
Validity
Not Before: Apr 4 07:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba69f96f5e28661345bd2c56af8f92fca5c1097b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:19:1d:28:be:fe:ca:05:89:4b:e7:cb:3f:
4f:df:c1:96:3a:b6:61:de:c8:87:86:b2:fd:6a:79:
6b:4f:68:16:47:48:32:27:0d:e9:81:cf:9c:7b:0a:
61:c0:b0:9f:cf:f5:74:19:45:65:4d:50:66:78:25:
ee:75:22:1b:b0:00:5b:30:f5:ba:20:32:ba:d6:f3:
eb:ab:a2:7a:9d:f2:d3:34:15:b8:36:0b:e9:2f:72:
cb:49:1d:c9:e2:d1:bb:b6:1a:33:7a:94:2d:96:72:
59:e9:1e:b6:58:c4:7c:5a:31:d6:13:7f:36:4c:80:
e6:17:82:63:fb:71:b5:d8:7d:d0:17:f4:3b:92:de:
0f:72:0a:ef:bf:84:e2:19:0b:3f:5a:16:fe:e0:40:
4b:d3:fb:8d:32:c8:91:1b:69:40:bb:0b:ba:49:60:
d6:e7:30:76:65:dd:b1:59:01:0f:1a:cc:43:b3:e7:
43:1e:e4:56:ab:fe:f0:f9:1b:46:c4:72:20:95:6b:
10:aa:1e:77:31:e0:81:2d:48:ab:cf:27:e1:d4:0b:
90:75:71:72:54:34:7e:6b:ad:3a:dc:b6:56:5a:37:
01:8b:77:61:2c:8a:9f:de:55:e6:54:fa:8a:d6:33:
f7:86:6f:64:48:2c:de:34:c5:44:9f:d0:75:c5:bf:
fa:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:69:F9:6F:5E:28:66:13:45:BD:2C:56:AF:8F:92:FC:A5:C1:09:7B
X509v3 Authority Key Identifier:
keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/umn5b14oZhNFvSxWr4-S_KXBCXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.12.0.0/16
46.246.128.0/17
62.1.0.0/16
77.49.0.0/16
79.103.0.0/16
130.43.0.0/17
188.4.0.0/16
193.92.0.0/16
194.219.0.0/16
195.74.224.0/19
212.54.192.0/19
212.251.0.0/17
213.16.128.0/17
IPv6:
2a02:2148::/29
Signature Algorithm: sha256WithRSAEncryption
5d:db:8b:ab:b1:b2:3e:24:c2:e9:c9:3b:b9:c5:b9:88:f7:bc:
02:ce:d5:6e:2d:96:35:e2:d6:76:aa:0a:4b:11:5c:d8:ec:40:
a5:0a:87:92:13:e9:fe:99:5f:01:a9:36:37:4b:f6:d9:e0:9f:
fb:9a:15:c2:cb:bc:ff:7f:d2:09:40:c4:c0:52:31:dd:7e:76:
85:20:65:e0:ad:72:79:a1:7c:3c:f5:c9:f1:53:5a:c0:d0:9f:
89:3a:d8:34:22:d1:b9:06:c6:ec:c8:28:c0:ad:50:78:9c:4a:
4a:4d:6a:ee:9b:32:b8:64:53:2d:a7:cd:5d:d8:b3:4c:03:13:
4d:10:19:a3:e1:31:fe:8b:60:a1:29:c5:46:44:4b:7b:49:16:
3f:4d:cc:1e:f9:2c:d8:55:c0:d0:99:98:d7:1a:6b:0e:14:29:
0a:45:84:28:a8:7a:f6:49:e1:c5:eb:c6:97:98:cd:1b:7f:37:
b5:6b:db:6b:13:23:c5:22:6e:0d:15:ac:53:49:f0:b8:46:e8:
4b:30:44:5b:ea:e4:b3:67:dc:a0:26:c4:ea:c6:ee:c4:16:80:
8e:b3:da:05:30:e5:a0:6c:3e:48:57:3b:70:2b:3f:21:75:6a:
47:fd:fb:fb:0b:ec:e2:fa:70:db:d8:69:81:a2:b3:d7:8c:f3:
28:50:40:72
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAY6n+WyQN1jIom7QvOyJiWT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmYyYzYyMjlhZjc2M2E5OWY1MzQ5YTMyNTEwZGY0YTQ1
MjYxNDMwHhcNMjQwNDA0MDcxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTY5Zjk2ZjVlMjg2NjEzNDViZDJjNTZhZjhmOTJmY2E1YzEwOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCkZHSi+/soFiUvnyz9P38GWOrZh
3siHhrL9anlrT2gWR0gyJw3pgc+cewphwLCfz/V0GUVlTVBmeCXudSIbsABbMPW6
IDK61vPrq6J6nfLTNBW4NgvpL3LLSR3J4tG7thozepQtlnJZ6R62WMR8WjHWE382
TIDmF4Jj+3G12H3QF/Q7kt4Pcgrvv4TiGQs/Whb+4EBL0/uNMsiRG2lAuwu6SWDW
5zB2Zd2xWQEPGsxDs+dDHuRWq/7w+RtGxHIglWsQqh53MeCBLUirzyfh1AuQdXFy
VDR+a6063LZWWjcBi3dhLIqf3lXmVPqK1jP3hm9kSCzeNMVEn9B1xb/6owIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFLpp+W9eKGYTRb0sVq+PkvylwQl7MB8GA1UdIwQY
MBaAFPD/LGIpr3Y6mfU0mjJRDfSkUmFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYt
ZTY5ZjdhNWQyZDkwLzEvdW1uNWIxNG9aaE5GdlN4V3I0LVNfS1hCQ1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYtZTY5ZjdhNWQyZDkw
LzEvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBNBAIAATBHAwMALgwDBAcu
9oADAwA+AQMDAE0xAwMAT2cDBAeCKwADAwC8BAMDAMFcAwMAwtsDBAXDSuADBAXU
NsADBAfU+wADBAfVEIAwDQQCAAIwBwMFAyoCIUgwDQYJKoZIhvcNAQELBQADggEB
AF3bi6uxsj4kwunJO7nFuYj3vALO1W4tljXi1naqCksRXNjsQKUKh5IT6f6ZXwGp
NjdL9tngn/uaFcLLvP9/0glAxMBSMd1+doUgZeCtcnmhfDz1yfFTWsDQn4k62DQi
0bkGxuzIKMCtUHicSkpNau6bMrhkUy2nzV3Ys0wDE00QGaPhMf6LYKEpxUZES3tJ
Fj9NzB75LNhVwNCZmNcaaw4UKQpFhCioevZJ4cXrxpeYzRt/N7Vr22sTI8Uibg0V
rFNJ8LhG6EswRFvq5LNn3KAmxOrG7sQWgI6z2gUw5aBsPkhXO3ArPyF1akf9+/sL
7OL6cNvYaYGis9eM8yhQQHI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:32 2024 by rpki-client on console-ams.rpki-client.org