Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/UmrEIPELN_Iq_eRx8tXYcSvGoPw.roa
File: UmrEIPELN_Iq_eRx8tXYcSvGoPw.roa (raw, json)
Hash identifier: ryfveiWjVnQP87Q22RvOvDyl8oatRA+ZsMTigGV2fMQ=
Subject key identifier: 52:6A:C4:20:F1:0B:37:F2:2A:FD:E4:71:F2:D5:D8:71:2B:C6:A0:FC
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 01956AC7E60A954CE7B2520A225C1AFF2144
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/UmrEIPELN_Iq_eRx8tXYcSvGoPw.roa
Signing time: Thu 06 Mar 2025 09:27:20 +0000
ROA not before: Thu 06 Mar 2025 09:27:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 11:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:c7:e6:0a:95:4c:e7:b2:52:0a:22:5c:1a:ff:21:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Mar 6 09:27:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=526ac420f10b37f22afde471f2d5d8712bc6a0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0a:21:7f:3e:22:44:27:d6:a0:dd:c8:93:99:
30:74:71:5b:96:be:12:97:4d:06:d9:2e:81:b1:73:
7c:23:6e:a1:a9:33:78:b7:c5:41:b3:c0:74:9a:77:
f7:24:94:d3:8a:a0:a9:0c:4b:39:85:05:4c:2f:df:
a1:1f:ae:4d:78:91:f3:ec:e3:9c:d8:85:1d:5d:49:
60:f9:e3:2c:e8:3c:5f:de:03:f0:6e:3a:cb:1e:ff:
9f:10:fd:18:5a:0b:03:9c:07:ec:7a:5a:58:a5:e8:
82:13:da:81:c7:90:d0:7b:e4:45:cb:e8:23:a5:d3:
41:b9:73:60:78:99:92:c9:66:2d:c5:75:fb:3a:55:
20:36:1f:fd:62:4f:e0:c6:ec:f7:bc:17:04:65:27:
13:94:95:60:37:38:fe:d9:f0:7f:8f:9f:f9:1f:5e:
32:4e:b3:8b:98:db:43:f1:8a:cc:68:ca:de:b2:95:
0f:67:cf:05:fb:34:af:ed:e7:a1:5e:76:af:3f:15:
5e:36:a7:b4:24:8d:28:36:52:2f:ac:fe:48:0c:5d:
09:0b:b8:bd:a8:59:6b:3f:24:ec:5a:8f:b2:1c:6d:
56:c6:a2:e9:58:02:b9:e0:52:dc:2a:bf:47:c8:2e:
64:5d:ea:92:76:2d:0a:49:c2:0f:a8:9a:96:8c:e6:
7f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6A:C4:20:F1:0B:37:F2:2A:FD:E4:71:F2:D5:D8:71:2B:C6:A0:FC
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/UmrEIPELN_Iq_eRx8tXYcSvGoPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.123.0/24
Signature Algorithm: sha256WithRSAEncryption
35:28:8a:d3:27:3b:f1:13:14:13:25:5a:51:09:d1:bb:d9:d1:
fc:62:52:0c:e3:5d:52:a5:e0:c0:78:c1:8b:d9:18:5f:00:d6:
67:3f:48:07:87:07:71:71:21:b3:c1:54:d4:bf:80:5b:11:5f:
80:94:12:1d:ad:13:8c:9e:72:62:a1:1a:70:b5:52:2d:8a:c4:
01:93:25:13:03:31:4c:8c:3b:f2:60:14:6d:39:4f:56:2f:e1:
60:f8:c0:c7:44:7e:a3:42:e3:7b:0a:a0:0f:e1:df:22:cf:75:
72:1b:9d:d4:b7:60:c5:f1:73:74:ec:fb:b1:d8:e0:06:d2:81:
c6:22:5d:bc:61:21:23:ee:16:10:6c:8b:fe:d2:ae:11:dd:ff:
62:f0:fc:27:c3:67:84:78:d6:11:8b:04:26:d9:94:79:16:c7:
92:1a:b7:8a:a5:ff:9f:67:6b:d9:58:c4:3c:17:1a:4e:af:5d:
6c:35:45:29:12:9e:25:07:8a:12:34:3a:21:90:46:41:d6:bd:
71:c3:9a:d8:cb:d3:2c:27:23:8a:f2:a0:33:de:de:95:10:4d:
c4:53:12:96:25:b1:72:cb:8e:03:15:31:d4:75:12:5f:40:68:
97:33:79:b4:d7:4f:8f:96:52:9b:85:1f:5d:9a:b8:28:cd:6b:
a5:e6:2e:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVqx+YKlUznslIKIlwa/yFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwMzA2MDkyNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZhYzQyMGYxMGIzN2YyMmFmZGU0NzFmMmQ1ZDg3MTJiYzZhMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQohfz4iRCfWoN3Ik5kwdHFblr4S
l00G2S6BsXN8I26hqTN4t8VBs8B0mnf3JJTTiqCpDEs5hQVML9+hH65NeJHz7OOc
2IUdXUlg+eMs6Dxf3gPwbjrLHv+fEP0YWgsDnAfselpYpeiCE9qBx5DQe+RFy+gj
pdNBuXNgeJmSyWYtxXX7OlUgNh/9Yk/gxuz3vBcEZScTlJVgNzj+2fB/j5/5H14y
TrOLmNtD8YrMaMrespUPZ88F+zSv7eehXnavPxVeNqe0JI0oNlIvrP5IDF0JC7i9
qFlrPyTsWo+yHG1WxqLpWAK54FLcKr9HyC5kXeqSdi0KScIPqJqWjOZ/rQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFJqxCDxCzfyKv3kcfLV2HErxqD8MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvVW1yRUlQRUxOX0lxX2VSeDh0WFljU3ZHb1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV7MA0GCSqGSIb3DQEBCwUAA4IBAQA1KIrTJzvxExQTJVpRCdG72dH8
YlIM411SpeDAeMGL2RhfANZnP0gHhwdxcSGzwVTUv4BbEV+AlBIdrROMnnJioRpw
tVItisQBkyUTAzFMjDvyYBRtOU9WL+Fg+MDHRH6jQuN7CqAP4d8iz3VyG53Ut2DF
8XN07Pux2OAG0oHGIl28YSEj7hYQbIv+0q4R3f9i8Pwnw2eEeNYRiwQm2ZR5FseS
GreKpf+fZ2vZWMQ8FxpOr11sNUUpEp4lB4oSNDohkEZB1r1xw5rYy9MsJyOK8qAz
3t6VEE3EUxKWJbFyy44DFTHUdRJfQGiXM3m010+PllKbhR9dmrgozWul5i5A
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:05:37 2025 by rpki-client