Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/UFmc6XAdUM1rsXGCo2DMBNNW4lI.roa
File: UFmc6XAdUM1rsXGCo2DMBNNW4lI.roa (raw, json)
Hash identifier: 3zhtrcb7tFDvfCLEvUD8msIzFWPSjySiwl+WMyWHOwY=
Subject key identifier: 50:59:9C:E9:70:1D:50:CD:6B:B1:71:82:A3:60:CC:04:D3:56:E2:52
Certificate issuer: /CN=24954f608ac12b684ef865f39af0e94e250b9454
Certificate serial: 018CC56DE8FAC25253B3E44C5271609DB48F
Authority key identifier: 24:95:4F:60:8A:C1:2B:68:4E:F8:65:F3:9A:F0:E9:4E:25:0B:94:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JJVPYIrBK2hO-GXzmvDpTiULlFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/UFmc6XAdUM1rsXGCo2DMBNNW4lI.roa
Signing time: Mon 01 Jan 2024 14:29:23 +0000
ROA not before: Mon 01 Jan 2024 14:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207108
IP address blocks: 185.139.7.0/24 maxlen: 24
2a12:ab46:5341::/48 maxlen: 48
2a12:ab46::/32 maxlen: 32
2a12:ab46:5343::/48 maxlen: 48
2a12:ab46:5342::/48 maxlen: 48
2a12:ab46:5345::/48 maxlen: 48
2a12:ab47::/32 maxlen: 32
2a12:ab46:5344::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 01:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e8:fa:c2:52:53:b3:e4:4c:52:71:60:9d:b4:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24954f608ac12b684ef865f39af0e94e250b9454
Validity
Not Before: Jan 1 14:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50599ce9701d50cd6bb17182a360cc04d356e252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d7:de:4f:fd:2a:a1:45:98:d9:79:8c:b5:93:
db:f9:81:b7:69:c5:a6:86:39:08:5b:7d:5f:30:ae:
ee:da:3a:91:06:93:ed:93:08:fe:6f:6d:f6:55:81:
01:dc:75:98:a5:a3:da:d6:4a:a4:17:34:b0:be:c1:
dd:7e:97:e0:27:54:4d:d8:c2:61:8b:bd:79:f9:1c:
8c:a7:8b:b8:dd:94:98:a4:d7:50:d2:09:11:ea:2e:
f1:a1:05:f3:2e:c6:2d:9c:81:11:a1:be:db:bb:03:
53:de:d1:22:e1:f3:0b:b7:ac:4d:48:cb:4d:01:46:
1d:91:e7:17:e9:7e:6f:ed:dc:d5:47:b2:e9:0d:c1:
19:1a:35:3d:78:1f:64:bc:55:d6:ea:40:08:0b:9e:
06:ac:81:59:65:73:25:11:92:e3:4e:31:5b:8b:16:
9d:e8:e2:11:44:af:98:70:f3:b2:fd:2a:8c:a5:37:
49:21:ac:55:06:ec:89:58:e5:7a:77:07:48:82:fd:
21:ce:19:b8:7e:1f:a4:1c:e9:bd:e5:07:15:cf:c1:
2d:a5:3d:bd:5c:38:fe:89:f4:c5:17:1d:d7:a4:c6:
5c:ae:5c:ed:38:63:2c:91:e5:61:2c:18:a3:06:2b:
83:b1:67:e2:ab:ac:74:30:f7:ba:89:8e:2a:86:6f:
c2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:59:9C:E9:70:1D:50:CD:6B:B1:71:82:A3:60:CC:04:D3:56:E2:52
X509v3 Authority Key Identifier:
keyid:24:95:4F:60:8A:C1:2B:68:4E:F8:65:F3:9A:F0:E9:4E:25:0B:94:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JJVPYIrBK2hO-GXzmvDpTiULlFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/UFmc6XAdUM1rsXGCo2DMBNNW4lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/JJVPYIrBK2hO-GXzmvDpTiULlFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.7.0/24
IPv6:
2a12:ab46::/31
Signature Algorithm: sha256WithRSAEncryption
12:f7:aa:bc:ec:ea:b1:76:f2:3d:b9:2d:f2:2e:07:c5:d5:92:
11:c2:d0:c0:47:07:4b:71:97:b2:50:a3:9e:f1:08:3b:41:aa:
6a:04:ee:26:ae:4a:fb:ad:6b:09:46:bf:3e:de:a2:10:17:b8:
9d:47:99:1f:ac:9c:71:a7:d2:ca:9e:bf:de:70:37:95:45:e2:
6a:ef:e5:9d:db:20:56:6c:71:6d:16:10:e9:a7:e1:e8:c5:c5:
1c:19:2a:61:25:c7:b3:ea:2c:a0:bf:fd:c4:da:55:69:d7:de:
97:68:f1:38:19:7d:87:4f:6d:2f:f2:2e:06:6e:f7:63:ed:e2:
df:b2:e0:2f:45:06:e0:9b:cc:26:30:8a:28:b6:00:12:f1:3c:
8f:29:e3:82:7d:0b:6e:73:af:1a:d6:2a:db:ea:24:31:dc:6f:
b2:71:fa:87:53:4c:e8:42:a5:dd:c5:b5:5f:a7:02:71:12:bf:
18:c6:ea:c3:32:a6:d5:dc:60:2b:3f:3b:39:87:85:d0:13:21:
01:1c:51:5d:b0:3a:f1:8c:f9:27:62:79:aa:88:f3:24:ee:5f:
65:66:e1:42:39:4a:33:e3:4b:06:e6:08:60:56:18:75:9d:62:
f2:4b:ba:8d:f3:5d:7f:a2:c0:5b:fc:92:b0:cb:6f:0f:a0:bc:
10:22:5a:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbej6wlJTs+RMUnFgnbSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0OTU0ZjYwOGFjMTJiNjg0ZWY4NjVmMzlhZjBlOTRlMjUw
Yjk0NTQwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDU5OWNlOTcwMWQ1MGNkNmJiMTcxODJhMzYwY2MwNGQzNTZlMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttfeT/0qoUWY2XmMtZPb+YG3acWm
hjkIW31fMK7u2jqRBpPtkwj+b232VYEB3HWYpaPa1kqkFzSwvsHdfpfgJ1RN2MJh
i715+RyMp4u43ZSYpNdQ0gkR6i7xoQXzLsYtnIERob7buwNT3tEi4fMLt6xNSMtN
AUYdkecX6X5v7dzVR7LpDcEZGjU9eB9kvFXW6kAIC54GrIFZZXMlEZLjTjFbixad
6OIRRK+YcPOy/SqMpTdJIaxVBuyJWOV6dwdIgv0hzhm4fh+kHOm95QcVz8EtpT29
XDj+ifTFFx3XpMZcrlztOGMskeVhLBijBiuDsWfiq6x0MPe6iY4qhm/CQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFBZnOlwHVDNa7FxgqNgzATTVuJSMB8GA1UdIwQY
MBaAFCSVT2CKwStoTvhl85rw6U4lC5RUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkpWUFlJckJLMmhPLUdYem12RHBUaVVMbEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi80ZGRkNzUtMzE2MC00MDY1LWJiNjkt
YmIxNzg3NWRiMzIzLzEvVUZtYzZYQWRVTTFyc1hHQ28yRE1CTk5XNGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi80ZGRkNzUtMzE2MC00MDY1LWJiNjktYmIxNzg3NWRiMzIz
LzEvSkpWUFlJckJLMmhPLUdYem12RHBUaVVMbEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYsHMA0E
AgACMAcDBQEqEqtGMA0GCSqGSIb3DQEBCwUAA4IBAQAS96q87OqxdvI9uS3yLgfF
1ZIRwtDARwdLcZeyUKOe8Qg7QapqBO4mrkr7rWsJRr8+3qIQF7idR5kfrJxxp9LK
nr/ecDeVReJq7+Wd2yBWbHFtFhDpp+HoxcUcGSphJcez6iygv/3E2lVp196XaPE4
GX2HT20v8i4Gbvdj7eLfsuAvRQbgm8wmMIootgAS8TyPKeOCfQtuc68a1irb6iQx
3G+ycfqHU0zoQqXdxbVfpwJxEr8YxurDMqbV3GArPzs5h4XQEyEBHFFdsDrxjPkn
YnmqiPMk7l9lZuFCOUoz40sG5ghgVhh1nWLyS7qN811/osBb/JKwy28PoLwQIlrz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:33 2024 by rpki-client on console-fra.rpki-client.org