Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/UMZGHasffmf4Jc664HGpRpH43PQ.roa
File: UMZGHasffmf4Jc664HGpRpH43PQ.roa (raw, json)
Hash identifier: W8EpbTHFSRpWGPQ6U1aMVn+C3L6pPgsTQRMWZL9X58Y=
Subject key identifier: 50:C6:46:1D:AB:1F:7E:67:F8:25:CE:BA:E0:71:A9:46:91:F8:DC:F4
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 0194228DCBE46C8E014C58D8BE023DC4306B
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/UMZGHasffmf4Jc664HGpRpH43PQ.roa
Signing time: Wed 01 Jan 2025 15:48:25 +0000
ROA not before: Wed 01 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212396
IP address blocks: 2a03:ee40:753::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 Jan 2025 11:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cb:e4:6c:8e:01:4c:58:d8:be:02:3d:c4:30:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50c6461dab1f7e67f825cebae071a94691f8dcf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f7:21:2e:b9:a2:db:70:51:20:3b:e0:ca:8b:
4e:b1:15:c6:3c:5e:18:d9:1b:ab:db:d5:54:63:db:
e1:e2:a7:e4:3d:ee:4d:03:cc:f3:25:dd:cd:6d:5b:
a0:1c:d4:4e:13:f4:04:8d:51:59:f2:6f:b4:04:37:
d4:d5:3c:5d:eb:9d:1a:0d:83:a3:98:8a:af:93:ba:
56:ac:da:22:32:91:28:a2:ac:e6:96:7e:10:5d:42:
95:3e:15:d2:2d:04:26:17:f8:b2:3c:b5:75:ae:0a:
04:00:a2:9c:c5:91:4f:31:13:d5:3e:d8:69:a3:25:
59:8d:c5:58:67:e6:01:a7:e7:3d:e1:47:63:b5:10:
4a:f3:dd:f3:26:a9:a9:aa:8c:f5:6a:2b:13:99:59:
ca:04:89:49:ec:ea:57:0b:25:79:ee:d6:52:2e:a6:
0a:8f:50:48:5a:19:20:a1:72:a0:76:88:89:af:a9:
fa:ba:26:62:a6:ce:6d:a0:5d:ac:aa:00:d4:65:79:
32:c8:9d:de:7b:8e:d5:4a:3b:00:5c:87:f5:2b:fc:
f6:5b:25:29:aa:b6:a1:39:5c:b7:1e:40:31:04:a3:
5b:53:07:5b:49:f3:35:8f:4d:9e:97:24:76:4d:46:
79:47:f9:66:d0:dc:42:de:96:fb:39:a3:56:af:04:
1c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C6:46:1D:AB:1F:7E:67:F8:25:CE:BA:E0:71:A9:46:91:F8:DC:F4
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/UMZGHasffmf4Jc664HGpRpH43PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:ee40:753::/48
Signature Algorithm: sha256WithRSAEncryption
5b:98:73:74:88:8d:2e:9f:fc:90:3a:02:4d:20:b2:fa:30:ef:
5a:0d:97:a5:b6:0c:13:00:52:1f:12:f8:90:4e:2c:6c:ae:a2:
08:10:eb:c2:eb:fc:e1:bd:fd:1d:3e:94:35:85:0d:65:17:1c:
7c:68:bc:e1:57:c7:11:ff:cd:d7:28:eb:b7:46:68:9f:54:9d:
28:3e:0e:32:3b:6a:eb:c7:6e:f1:c4:39:88:8c:7b:a0:9a:8c:
a0:ef:6e:bd:52:d8:b4:c2:8d:c8:ad:30:13:0d:3c:b9:7c:2d:
dd:7a:72:2b:fc:d0:0d:7d:6d:46:bc:37:1a:4b:6a:bb:c7:ac:
a2:dc:5a:11:a7:54:b3:fc:4a:61:ac:4f:60:b5:b9:c7:3a:ce:
5f:ed:37:7d:48:3e:cc:3e:bf:9c:28:a8:bc:c8:70:e6:5d:59:
d8:24:2c:4b:42:bd:4e:43:d4:80:d8:27:f8:bc:9d:ac:d1:72:
fb:60:42:04:79:99:b4:a3:37:e3:62:69:ca:1c:18:a7:5a:9e:
88:b5:9e:a4:00:9e:1b:5f:6b:2e:a1:0c:1f:21:58:12:f9:be:
0a:1c:0b:91:a1:27:7f:f8:3c:ec:90:68:16:4b:fd:74:55:50:
1c:d1:e8:4a:5a:98:17:d4:00:1c:c7:46:dd:9c:b6:da:aa:93:
f1:41:6c:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijcvkbI4BTFjYvgI9xDBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjUwMTAxMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGM2NDYxZGFiMWY3ZTY3ZjgyNWNlYmFlMDcxYTk0NjkxZjhkY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPchLrmi23BRIDvgyotOsRXGPF4Y
2Rur29VUY9vh4qfkPe5NA8zzJd3NbVugHNROE/QEjVFZ8m+0BDfU1Txd650aDYOj
mIqvk7pWrNoiMpEooqzmln4QXUKVPhXSLQQmF/iyPLV1rgoEAKKcxZFPMRPVPthp
oyVZjcVYZ+YBp+c94UdjtRBK893zJqmpqoz1aisTmVnKBIlJ7OpXCyV57tZSLqYK
j1BIWhkgoXKgdoiJr6n6uiZips5toF2sqgDUZXkyyJ3ee47VSjsAXIf1K/z2WyUp
qrahOVy3HkAxBKNbUwdbSfM1j02elyR2TUZ5R/lm0NxC3pb7OaNWrwQcYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFDGRh2rH35n+CXOuuBxqUaR+Nz0MB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvVU1aR0hhc2ZmbWY0SmM2NjRIR3BScEg0M1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgPuQAdT
MA0GCSqGSIb3DQEBCwUAA4IBAQBbmHN0iI0un/yQOgJNILL6MO9aDZeltgwTAFIf
EviQTixsrqIIEOvC6/zhvf0dPpQ1hQ1lFxx8aLzhV8cR/83XKOu3RmifVJ0oPg4y
O2rrx27xxDmIjHugmoyg7269Uti0wo3IrTATDTy5fC3denIr/NANfW1GvDcaS2q7
x6yi3FoRp1Sz/EphrE9gtbnHOs5f7Td9SD7MPr+cKKi8yHDmXVnYJCxLQr1OQ9SA
2Cf4vJ2s0XL7YEIEeZm0ozfjYmnKHBinWp6ItZ6kAJ4bX2suoQwfIVgS+b4KHAuR
oSd/+DzskGgWS/10VVAc0ehKWpgX1AAcx0bdnLbaqpPxQWyR
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:34:28 2025 by rpki-client