Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0_4DyydohItN3KwtsPiLppwe8l4.roa
File: 0_4DyydohItN3KwtsPiLppwe8l4.roa (raw, json)
Hash identifier: 9Y3YfY7RE9wKEzqSdPl/Gdiv7t+04S9YT810aIJgy14=
Subject key identifier: D3:FE:03:CB:27:68:84:8B:4D:DC:AC:2D:B0:F8:8B:A6:9C:1E:F2:5E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF3AE27F67B2A9262B4B054074006840D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0_4DyydohItN3KwtsPiLppwe8l4.roa
Signing time: Fri 07 Jun 2024 17:10:27 +0000
ROA not before: Fri 07 Jun 2024 17:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jun 2024 18:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f3:ae:27:f6:7b:2a:92:62:b4:b0:54:07:40:06:84:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 7 17:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3fe03cb2768848b4ddcac2db0f88ba69c1ef25e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:76:04:aa:67:2c:76:ed:1d:85:c7:d0:c7:a2:
27:aa:73:43:43:9e:4a:95:ff:27:92:1c:5d:fa:fc:
fa:bd:0d:eb:d5:f9:f0:d6:3d:ec:52:11:eb:6e:d6:
4a:d0:98:26:ed:40:64:d6:d2:fe:c6:0a:88:47:ec:
77:cf:f8:43:d8:6c:72:68:fb:0e:69:90:6e:b6:cd:
1e:6f:45:dc:78:b1:22:ba:a8:62:de:4b:6e:3e:30:
3a:86:3d:9f:a6:3f:0f:75:81:10:19:c2:cc:88:a9:
21:fa:58:0e:cd:4a:2f:89:e6:cb:1b:75:a3:96:33:
2a:59:1e:a9:1f:e0:ec:ad:57:95:af:60:ad:91:34:
28:66:7e:ec:09:59:4a:ed:8d:83:e6:fc:ce:e7:70:
e4:e9:be:b4:3a:e4:19:74:f5:a4:13:39:be:4e:d2:
e2:5e:b8:7c:82:7d:86:5a:87:45:78:8a:c9:30:40:
98:2f:3f:77:3c:06:83:2c:9a:97:09:fb:cf:5b:24:
91:1b:16:c7:f6:ed:63:cf:7f:19:02:8e:29:c6:b3:
70:36:66:41:82:05:b9:27:05:c8:48:bd:e8:34:d1:
6e:7d:b1:b6:0d:df:f3:79:a1:88:f7:df:e5:f2:4c:
1a:83:8c:31:6c:f8:1d:f1:45:17:c5:28:26:45:0c:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:FE:03:CB:27:68:84:8B:4D:DC:AC:2D:B0:F8:8B:A6:9C:1E:F2:5E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/0_4DyydohItN3KwtsPiLppwe8l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:e6:e6:d6:80:02:90:89:6b:e1:72:d3:f5:a5:61:12:63:0a:
c8:9a:db:bd:ea:46:79:e2:e6:0e:3a:ee:ea:ab:47:1c:8a:23:
47:8e:4b:6a:09:e9:80:06:5d:55:7b:10:bb:46:c6:53:2f:40:
ca:9f:d9:f9:d7:8c:f8:53:77:b1:ec:f7:a2:9b:0a:d4:9f:bc:
e2:d1:15:96:f0:84:e1:78:9b:b8:c1:3b:56:8e:b8:25:c3:2e:
75:7e:e5:c3:09:25:06:11:33:92:a6:ed:99:85:9c:7b:e0:a7:
c5:f8:7d:61:da:d9:ae:25:5e:46:68:69:24:b5:41:fd:e7:95:
af:13:a1:52:57:c4:de:53:ce:0f:61:fb:85:d0:05:94:48:93:
7e:f9:97:d3:a2:1f:14:37:f5:ed:25:4d:84:db:02:cc:4f:97:
5d:06:9a:24:d1:97:8a:7b:96:f3:8e:20:b1:4d:90:7a:f0:45:
7b:b2:db:99:42:04:56:f4:8a:39:89:4a:96:99:dd:95:29:03:
3a:5e:07:b7:9d:51:fb:ee:62:cf:f4:9f:c6:6b:57:14:92:ba:
25:1a:29:5f:8b:21:ea:ba:23:54:cb:8d:55:60:33:85:91:ed:
3a:ad:ed:c2:6e:79:4b:b2:31:71:b0:3d:6b:28:e5:2a:d8:1d:
00:8d:c0:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/zrif2eyqSYrSwVAdABoQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA3MTcxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2ZlMDNjYjI3Njg4NDhiNGRkY2FjMmRiMGY4OGJhNjljMWVmMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HYEqmcsdu0dhcfQx6InqnNDQ55K
lf8nkhxd+vz6vQ3r1fnw1j3sUhHrbtZK0Jgm7UBk1tL+xgqIR+x3z/hD2GxyaPsO
aZButs0eb0XceLEiuqhi3ktuPjA6hj2fpj8PdYEQGcLMiKkh+lgOzUoviebLG3Wj
ljMqWR6pH+DsrVeVr2CtkTQoZn7sCVlK7Y2D5vzO53Dk6b60OuQZdPWkEzm+TtLi
Xrh8gn2GWodFeIrJMECYLz93PAaDLJqXCfvPWySRGxbH9u1jz38ZAo4pxrNwNmZB
ggW5JwXISL3oNNFufbG2Dd/zeaGI99/l8kwag4wxbPgd8UUXxSgmRQxdxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNP+A8snaISLTdysLbD4i6acHvJeMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMF80RHl5ZG9oSXROM0t3dHNQaUxwcHdlOGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEjm5taAApCJa+Fy0/Wl
YRJjCsia273qRnni5g467uqrRxyKI0eOS2oJ6YAGXVV7ELtGxlMvQMqf2fnXjPhT
d7Hs96KbCtSfvOLRFZbwhOF4m7jBO1aOuCXDLnV+5cMJJQYRM5Km7ZmFnHvgp8X4
fWHa2a4lXkZoaSS1Qf3nla8ToVJXxN5Tzg9h+4XQBZRIk375l9OiHxQ39e0lTYTb
AsxPl10GmiTRl4p7lvOOILFNkHrwRXuy25lCBFb0ijmJSpaZ3ZUpAzpeB7edUfvu
Ys/0n8ZrVxSSuiUaKV+LIeq6I1TLjVVgM4WR7Tqt7cJueUuyMXGwPWso5SrYHQCN
wPk=
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:01:39 2024 by rpki-client on console-fra.rpki-client.org