Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/uMsNMavIRcZljchMd1HqhbWEs3s.roa
File: uMsNMavIRcZljchMd1HqhbWEs3s.roa (raw, json)
Hash identifier: vHvfC7habbIydPFxI2w87cMsToTbLj7InvhN/Emmxig=
Subject key identifier: B8:CB:0D:31:AB:C8:45:C6:65:8D:C8:4C:77:51:EA:85:B5:84:B3:7B
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 018CAFF686461909E6F7883C74F3AF14E6FB
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/uMsNMavIRcZljchMd1HqhbWEs3s.roa
Signing time: Thu 28 Dec 2023 10:26:58 +0000
ROA not before: Thu 28 Dec 2023 10:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203
IP address blocks: 212.26.36.0/24 maxlen: 24
212.26.37.0/24 maxlen: 24
212.26.38.0/24 maxlen: 24
212.26.43.0/24 maxlen: 24
212.26.44.0/24 maxlen: 24
212.26.42.0/24 maxlen: 24
212.26.40.0/24 maxlen: 24
212.26.41.0/24 maxlen: 24
212.26.39.0/24 maxlen: 24
212.26.48.0/24 maxlen: 24
212.26.45.0/24 maxlen: 24
212.26.46.0/24 maxlen: 24
45.94.14.0/24 maxlen: 24
212.26.0.0/17 maxlen: 17
212.26.7.0/24 maxlen: 24
212.26.8.0/24 maxlen: 24
212.26.6.0/24 maxlen: 24
212.26.16.0/24 maxlen: 24
212.26.17.0/24 maxlen: 24
212.26.24.0/21 maxlen: 24
212.26.23.0/24 maxlen: 24
212.26.21.0/24 maxlen: 24
212.26.22.0/24 maxlen: 24
212.26.19.0/24 maxlen: 24
212.26.20.0/24 maxlen: 24
212.26.18.0/24 maxlen: 24
212.138.250.0/24 maxlen: 24
212.138.84.0/23 maxlen: 24
212.138.80.0/23 maxlen: 23
212.138.83.0/24 maxlen: 24
212.138.82.0/24 maxlen: 24
212.138.86.0/24 maxlen: 24
212.138.88.0/24 maxlen: 25
212.138.98.0/23 maxlen: 23
212.138.92.0/24 maxlen: 24
212.138.97.0/24 maxlen: 24
212.138.96.0/24 maxlen: 24
212.138.94.0/24 maxlen: 24
212.138.104.0/24 maxlen: 25
212.138.108.0/24 maxlen: 24
212.138.118.0/24 maxlen: 24
212.138.116.0/24 maxlen: 24
212.138.117.0/24 maxlen: 24
212.138.115.0/24 maxlen: 24
212.138.120.0/24 maxlen: 24
212.138.121.0/24 maxlen: 24
212.138.119.0/24 maxlen: 24
212.138.125.0/24 maxlen: 25
212.138.127.0/24 maxlen: 25
212.138.128.0/24 maxlen: 24
212.138.126.0/24 maxlen: 25
212.138.130.0/24 maxlen: 24
212.138.43.0/24 maxlen: 24
212.138.42.0/24 maxlen: 25
212.138.41.0/24 maxlen: 25
212.138.56.0/21 maxlen: 24
212.138.52.0/22 maxlen: 24
212.138.64.0/22 maxlen: 24
212.138.71.0/24 maxlen: 24
212.138.70.0/24 maxlen: 24
212.138.72.0/22 maxlen: 24
212.138.76.0/22 maxlen: 24
212.138.192.0/24 maxlen: 24
212.138.190.0/24 maxlen: 24
212.138.188.0/24 maxlen: 25
212.138.187.0/24 maxlen: 24
212.138.196.0/24 maxlen: 24
212.138.194.0/24 maxlen: 24
212.138.203.0/24 maxlen: 24
212.138.201.0/24 maxlen: 24
212.138.206.0/24 maxlen: 24
212.138.139.0/24 maxlen: 24
212.138.134.0/24 maxlen: 24
212.138.140.0/24 maxlen: 24
212.138.155.0/24 maxlen: 25
212.138.153.0/24 maxlen: 25
212.138.157.0/24 maxlen: 24
212.138.162.0/24 maxlen: 24
212.138.160.0/24 maxlen: 24
212.138.166.0/24 maxlen: 24
212.138.164.0/24 maxlen: 25
212.138.168.0/24 maxlen: 24
212.138.172.0/24 maxlen: 24
212.138.170.0/24 maxlen: 24
212.138.176.0/24 maxlen: 24
212.138.175.0/24 maxlen: 25
212.138.177.0/24 maxlen: 24
212.138.183.0/24 maxlen: 25
212.138.181.0/24 maxlen: 25
212.138.180.0/24 maxlen: 25
212.138.185.0/24 maxlen: 24
212.138.0.0/16 maxlen: 16
91.229.52.0/22 maxlen: 22
2001:1490:1::/48 maxlen: 48
2001:1490:107::/48 maxlen: 48
2001:1490:103::/48 maxlen: 48
2001:1490:106::/48 maxlen: 48
2001:1490:110:8000::/49 maxlen: 49
2001:1497:2::/48 maxlen: 48
2001:1490::/48 maxlen: 48
2001:1490:111::/48 maxlen: 48
2001:1490:110::/48 maxlen: 49
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:f6:86:46:19:09:e6:f7:88:3c:74:f3:af:14:e6:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Dec 28 10:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8cb0d31abc845c6658dc84c7751ea85b584b37b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:03:43:96:8f:27:4e:19:34:18:d6:eb:8e:69:
1e:ac:63:97:19:bd:27:9d:4a:98:20:5f:c4:01:a5:
18:00:fd:e6:29:6d:81:0e:bc:35:cb:32:5a:67:d3:
44:4a:d7:9e:cc:33:4b:74:fd:bd:65:46:a0:60:65:
12:67:39:99:57:a1:4a:34:ee:a1:b7:98:71:20:a4:
aa:56:50:82:d9:ce:fc:54:1e:33:e6:16:3d:13:5f:
ea:48:1e:49:d7:79:c6:d3:3e:43:09:7a:40:a2:40:
db:19:40:fd:79:f7:d7:54:7e:47:a4:79:93:c4:1e:
5e:38:54:e6:fd:ba:8f:90:7e:10:9d:64:e8:b1:52:
8b:e9:19:ba:e4:83:a5:7a:99:c2:33:06:d1:f7:a1:
ac:68:c5:fd:af:7b:6b:84:e9:c5:2a:1c:92:26:e6:
d0:83:13:e6:60:f3:e1:10:c1:60:5d:96:bc:6e:dc:
d4:ee:6b:96:ae:03:d0:bc:07:14:04:34:bd:c3:5d:
a8:a1:87:85:cf:1e:9e:5b:55:b5:36:23:f1:75:bf:
b2:05:d6:be:c2:66:02:9c:5c:ec:79:9a:aa:c0:62:
57:6b:2c:b1:5f:e5:45:88:d2:c1:87:ef:b6:66:02:
68:67:28:c4:35:a8:02:0b:5c:d6:93:bc:dd:02:01:
9e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:CB:0D:31:AB:C8:45:C6:65:8D:C8:4C:77:51:EA:85:B5:84:B3:7B
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/uMsNMavIRcZljchMd1HqhbWEs3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.14.0/24
91.229.52.0/22
212.26.0.0/17
212.138.0.0/16
IPv6:
2001:1490::/47
2001:1490:103::/48
2001:1490:106::/47
2001:1490:110::/47
2001:1497:2::/48
Signature Algorithm: sha256WithRSAEncryption
7a:f7:58:3a:7c:78:a6:09:0a:6a:1c:32:c6:f8:d6:40:e0:24:
15:48:9e:c5:c0:6f:27:62:58:a3:1c:3e:06:cd:02:6a:69:21:
0b:39:3b:de:dd:2a:5e:77:fa:b7:ae:8f:98:a9:9e:6e:fa:81:
d3:f2:18:d5:f0:02:a5:4b:d3:71:42:a7:1e:ce:45:d6:26:a3:
21:fd:03:e9:1c:6d:eb:29:11:c6:68:3a:4a:aa:03:52:d6:79:
43:c2:ed:24:37:43:51:14:f7:3f:f7:7f:bb:60:f6:11:a9:82:
02:87:4b:60:76:0c:86:cf:a5:aa:be:7b:7c:43:ae:c4:f3:39:
1a:78:1a:28:f1:11:c5:16:71:be:ec:d6:cf:b0:98:5f:5b:4e:
c8:ce:10:3f:3e:a6:45:98:f4:75:4a:53:53:a8:5e:9e:51:ad:
d2:2e:d3:8b:05:53:90:d8:29:3f:72:a9:cb:05:db:ad:82:aa:
d0:a9:8c:bd:af:fa:11:66:1c:82:97:ad:e6:c8:99:7f:74:4a:
1f:b6:23:00:14:0b:35:13:a8:63:bb:61:29:15:64:aa:68:ad:
ae:57:cf:09:ab:04:81:27:e9:cb:f8:8a:3b:97:a4:19:ab:aa:
23:8c:7a:97:a5:25:ba:f8:8b:27:4f:60:03:4a:75:5b:ff:b9:
06:5a:6c:ce
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYyv9oZGGQnm94g8dPOvFOb7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjMxMjI4MTAyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGNiMGQzMWFiYzg0NWM2NjU4ZGM4NGM3NzUxZWE4NWI1ODRiMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoANDlo8nThk0GNbrjmkerGOXGb0n
nUqYIF/EAaUYAP3mKW2BDrw1yzJaZ9NESteezDNLdP29ZUagYGUSZzmZV6FKNO6h
t5hxIKSqVlCC2c78VB4z5hY9E1/qSB5J13nG0z5DCXpAokDbGUD9effXVH5HpHmT
xB5eOFTm/bqPkH4QnWTosVKL6Rm65IOlepnCMwbR96GsaMX9r3trhOnFKhySJubQ
gxPmYPPhEMFgXZa8btzU7muWrgPQvAcUBDS9w12ooYeFzx6eW1W1NiPxdb+yBda+
wmYCnFzseZqqwGJXayyxX+VFiNLBh++2ZgJoZyjENagCC1zWk7zdAgGeVQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFLjLDTGryEXGZY3ITHdR6oW1hLN7MB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvdU1zTk1hdklSY1psamNoTWQxSHFoYldFczNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDAdBAIAATAXAwQALV4OAwQC
W+U0AwQH1BoAAwMA1IowMwQCAAIwLQMHASABFJAAAAMHACABFJABAwMHASABFJAB
BgMHASABFJABEAMHACABFJcAAjANBgkqhkiG9w0BAQsFAAOCAQEAevdYOnx4pgkK
ahwyxvjWQOAkFUiexcBvJ2JYoxw+Bs0CamkhCzk73t0qXnf6t66PmKmebvqB0/IY
1fACpUvTcUKnHs5F1iajIf0D6Rxt6ykRxmg6SqoDUtZ5Q8LtJDdDURT3P/d/u2D2
EamCAodLYHYMhs+lqr57fEOuxPM5GngaKPERxRZxvuzWz7CYX1tOyM4QPz6mRZj0
dUpTU6henlGt0i7TiwVTkNgpP3KpywXbrYKq0KmMva/6EWYcgpet5siZf3RKH7Yj
ABQLNROoY7thKRVkqmitrlfPCasEgSfpy/iKO5ekGauqI4x6l6UluviLJ09gA0p1
W/+5Blpszg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org