Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/UTmhjLGFTeUstex6KhQaxXHZeWM.roa
File: UTmhjLGFTeUstex6KhQaxXHZeWM.roa (raw, json)
Hash identifier: /qh0NBLjIGFP3f2aPuOhPcnOpooOHTwi82p60OSc8MI=
Subject key identifier: 51:39:A1:8C:B1:85:4D:E5:2C:B5:EC:7A:2A:14:1A:C5:71:D9:79:63
Certificate issuer: /CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Certificate serial: 01856DAF4C053043A101446F9406E9D3E9CF
Authority key identifier: 57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/UTmhjLGFTeUstex6KhQaxXHZeWM.roa
Signing time: Sun 01 Jan 2023 14:14:42 +0000
ROA not before: Sun 01 Jan 2023 14:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47753
IP address blocks: 185.249.254.0/24 maxlen: 24
2a10:a647::/32 maxlen: 32
2a10:a641::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:4c:05:30:43:a1:01:44:6f:94:06:e9:d3:e9:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Validity
Not Before: Jan 1 14:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5139a18cb1854de52cb5ec7a2a141ac571d97963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3a:1b:7e:3e:44:dc:f9:0f:f5:67:82:92:e5:
39:33:fd:3d:f5:5d:95:54:53:99:3f:be:cb:eb:94:
3c:e6:93:a4:04:a5:3c:e8:6a:7d:36:70:e3:14:21:
f6:16:2b:77:8a:bd:9f:46:18:67:31:90:10:cb:d7:
7a:3d:61:c5:22:f8:3b:35:a0:5d:35:2b:21:81:e9:
0e:53:9c:c2:81:6d:bf:ce:90:42:69:71:82:63:59:
05:35:12:7b:61:6e:f9:14:1a:43:75:48:42:1d:bb:
3c:d1:f9:25:3c:35:7d:d7:17:cb:84:24:2a:61:83:
6e:76:5a:bf:44:1f:b2:c1:88:b8:a8:9c:59:c8:77:
50:87:9c:3b:2e:7c:36:93:27:fd:cb:e9:69:0b:ac:
c3:e8:e7:72:85:81:c8:df:ba:4f:37:8c:c1:7a:57:
82:89:ce:65:bd:53:fe:dc:66:fa:dc:81:59:c2:5c:
48:f4:f2:68:22:8d:9c:19:53:af:15:b8:9a:d3:48:
07:8b:59:7b:46:76:80:bd:c7:7e:15:c6:46:8c:11:
16:bd:0a:05:b8:d5:ef:a4:53:37:6f:b7:24:fb:f0:
34:b4:4e:5e:ff:88:54:5a:dd:f2:4e:00:4c:28:cc:
7e:d0:33:66:2a:56:0b:43:e4:c0:64:a0:6c:0d:09:
71:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:39:A1:8C:B1:85:4D:E5:2C:B5:EC:7A:2A:14:1A:C5:71:D9:79:63
X509v3 Authority Key Identifier:
keyid:57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/UTmhjLGFTeUstex6KhQaxXHZeWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.254.0/24
IPv6:
2a10:a641::/40
2a10:a647::/32
Signature Algorithm: sha256WithRSAEncryption
2b:eb:44:83:37:59:06:7b:03:bc:20:9a:47:fc:72:86:40:7f:
35:12:40:0b:ca:0c:28:c6:fd:e5:f2:4c:24:84:9c:02:07:2c:
1c:16:5c:6f:e3:81:45:45:a1:70:bc:ab:0b:f2:be:73:31:e6:
44:3c:a1:46:32:ac:da:1a:da:85:2a:4f:04:ec:b5:5d:4d:b6:
74:89:91:68:47:79:0e:dd:a9:e8:db:9d:ed:78:55:fa:45:2a:
61:b3:7b:4c:8a:62:e9:e1:d9:db:b1:dd:72:c9:99:c6:70:c5:
ef:42:54:69:bc:af:da:b4:eb:6c:71:3a:c8:83:ea:ff:05:e6:
b2:97:8b:1b:9e:a5:dc:cb:49:0e:01:51:1a:08:c5:45:da:f5:
bc:0f:a7:fa:e0:2f:98:7b:41:9a:97:69:0e:b1:3a:a7:c0:a2:
b5:4e:dd:06:fb:f0:26:ff:01:4d:ee:19:7a:65:ea:04:12:4a:
56:55:32:d3:56:28:f2:a4:b3:0b:3a:78:72:3e:4d:2e:24:7d:
6a:d1:05:2f:89:0d:b1:be:63:65:63:c9:e9:58:5a:64:42:86:
0d:b9:26:2b:40:d6:b4:1e:21:74:44:b2:06:9b:a8:cf:55:b2:
ec:88:4a:f8:85:4a:97:79:68:cf:52:04:77:e3:4a:8a:01:5e:
a6:fd:b2:71
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtr0wFMEOhAURvlAbp0+nPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzZkOWEwYjU1YmQ0OTVhMWJlM2M1YzAzZmEyNTFkM2Rl
OGI4YzUwHhcNMjMwMTAxMTQxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM5YTE4Y2IxODU0ZGU1MmNiNWVjN2EyYTE0MWFjNTcxZDk3OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDobfj5E3PkP9WeCkuU5M/099V2V
VFOZP77L65Q85pOkBKU86Gp9NnDjFCH2Fit3ir2fRhhnMZAQy9d6PWHFIvg7NaBd
NSshgekOU5zCgW2/zpBCaXGCY1kFNRJ7YW75FBpDdUhCHbs80fklPDV91xfLhCQq
YYNudlq/RB+ywYi4qJxZyHdQh5w7Lnw2kyf9y+lpC6zD6OdyhYHI37pPN4zBeleC
ic5lvVP+3Gb63IFZwlxI9PJoIo2cGVOvFbia00gHi1l7RnaAvcd+FcZGjBEWvQoF
uNXvpFM3b7ck+/A0tE5e/4hUWt3yTgBMKMx+0DNmKlYLQ+TAZKBsDQlx7QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFE5oYyxhU3lLLXseioUGsVx2XljMB8GA1UdIwQY
MBaAFFd22aC1W9SVob48XAP6JR096LjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUt
YzBiYTJmM2ZjNzJhLzEvVVRtaGpMR0ZUZVVzdGV4NktoUWF4WEhaZVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUtYzBiYTJmM2ZjNzJh
LzEvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAufn+MBUE
AgACMA8DBgAqEKZBAAMFACoQpkcwDQYJKoZIhvcNAQELBQADggEBACvrRIM3WQZ7
A7wgmkf8coZAfzUSQAvKDCjG/eXyTCSEnAIHLBwWXG/jgUVFoXC8qwvyvnMx5kQ8
oUYyrNoa2oUqTwTstV1NtnSJkWhHeQ7dqejbne14VfpFKmGze0yKYunh2dux3XLJ
mcZwxe9CVGm8r9q062xxOsiD6v8F5rKXixuepdzLSQ4BURoIxUXa9bwPp/rgL5h7
QZqXaQ6xOqfAorVO3Qb78Cb/AU3uGXpl6gQSSlZVMtNWKPKksws6eHI+TS4kfWrR
BS+JDbG+Y2VjyelYWmRChg25JitA1rQeIXREsgabqM9VsuyISviFSpd5aM9SBHfj
SooBXqb9snE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:59 2024 by rpki-client on console-ams.rpki-client.org