Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-Cy2Fubfndypz4kqIkUkPjQ41ws.roa
File: 1-Cy2Fubfndypz4kqIkUkPjQ41ws.roa (raw, json)
Hash identifier: gS28rYNQkxtRyW/oBx/h2Xwb8owUxgGfABi6Lm3y9Ms=
Subject key identifier: F8:2C:B6:16:E6:DF:9D:DC:A9:CF:89:2A:22:45:24:3E:34:38:D7:0B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907A373BDD920C01E58403EB2A3176D1E2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-Cy2Fubfndypz4kqIkUkPjQ41ws.roa
Signing time: Wed 03 Jul 2024 20:09:18 +0000
ROA not before: Wed 03 Jul 2024 20:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jul 2024 21:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7a:37:3b:dd:92:0c:01:e5:84:03:eb:2a:31:76:d1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 3 20:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f82cb616e6df9ddca9cf892a2245243e3438d70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:61:2a:3d:0a:b1:61:cd:99:4a:02:d4:0a:9c:
3b:2d:2e:cd:fa:82:29:80:76:f7:f7:e8:26:27:47:
e7:16:43:a0:ad:ca:f6:7c:21:54:e6:ff:79:47:5b:
e1:10:30:dd:ec:50:c1:03:d7:c9:fb:da:0a:10:77:
9f:aa:c4:c9:89:d4:fc:15:68:a4:a5:85:fd:4a:af:
04:b1:07:21:65:62:5f:e7:ce:e6:0e:16:8f:ab:83:
12:38:fb:80:66:7b:ca:8e:49:b3:8b:4e:d4:05:ac:
cf:db:0c:a6:6c:35:09:b2:02:08:27:21:3a:f6:36:
a1:56:e1:21:c1:d3:e1:8b:81:cc:d1:b2:fd:d2:e4:
7f:99:fa:1c:09:77:71:90:4d:01:d3:56:8b:11:61:
26:8a:57:16:70:a2:25:89:75:76:9d:8d:21:50:ad:
7e:69:1f:5a:5f:17:a0:87:2e:4e:c3:b9:ed:74:b5:
fa:43:76:cd:6e:69:95:f0:63:3b:58:6a:f7:0f:c8:
1a:c4:10:3d:f1:8e:fa:6a:f1:a5:28:ed:fb:f0:9a:
ad:a6:93:34:ac:33:1c:90:db:66:56:e0:3f:6f:6a:
42:c8:7c:34:41:54:8a:e0:0a:a2:d3:37:2e:57:ed:
39:e4:8e:80:c6:6b:05:53:8d:73:bd:f0:aa:7a:14:
bb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2C:B6:16:E6:DF:9D:DC:A9:CF:89:2A:22:45:24:3E:34:38:D7:0B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/1-Cy2Fubfndypz4kqIkUkPjQ41ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:69:a8:0a:3b:6b:01:3c:b0:f9:4b:8c:98:36:6d:fc:03:38:
25:1b:a5:b5:33:f8:8c:2f:ff:d2:57:7c:0b:fb:d2:3b:74:93:
87:89:05:59:cc:b9:45:14:7a:e7:0a:48:5b:b2:d3:18:a7:c9:
1d:a6:67:45:78:60:00:cc:88:88:6e:e6:80:86:a2:56:e0:8c:
db:96:b2:d1:ec:c1:79:a7:cd:50:e1:56:6f:23:5a:32:0d:6d:
e7:15:42:33:54:48:07:c4:f7:57:6d:e8:d7:6e:9c:e0:45:e9:
3b:0c:c8:ea:94:aa:47:4a:8c:80:d7:83:9d:d1:a7:a6:7f:91:
22:4b:e6:5f:5f:82:f9:3c:95:39:a8:c1:17:5e:93:0d:22:07:
63:04:50:71:cf:9e:79:11:22:c0:02:92:02:bf:99:fd:b7:fd:
56:30:ff:2c:fc:57:0d:ce:01:21:45:e1:5e:e7:14:52:5f:08:
c0:7a:9e:7a:68:86:8a:31:69:b5:8c:68:e7:96:1b:30:37:fa:
8e:e3:d9:df:03:fb:88:58:f8:f4:a6:23:43:c1:7c:a0:6b:bb:
c4:4f:06:43:55:e7:37:3b:87:b8:22:6b:81:e2:e4:4b:09:1a:
f2:47:39:2d:9f:ac:54:8d:97:a6:0d:d1:6d:b6:17:2d:31:c5:
81:2c:85:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB6NzvdkgwB5YQD6yoxdtHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAzMjAwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODJjYjYxNmU2ZGY5ZGRjYTljZjg5MmEyMjQ1MjQzZTM0MzhkNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWEqPQqxYc2ZSgLUCpw7LS7N+oIp
gHb39+gmJ0fnFkOgrcr2fCFU5v95R1vhEDDd7FDBA9fJ+9oKEHefqsTJidT8FWik
pYX9Sq8EsQchZWJf587mDhaPq4MSOPuAZnvKjkmzi07UBazP2wymbDUJsgIIJyE6
9jahVuEhwdPhi4HM0bL90uR/mfocCXdxkE0B01aLEWEmilcWcKIliXV2nY0hUK1+
aR9aXxeghy5Ow7ntdLX6Q3bNbmmV8GM7WGr3D8gaxBA98Y76avGlKO378JqtppM0
rDMckNtmVuA/b2pCyHw0QVSK4Aqi0zcuV+055I6AxmsFU41zvfCqehS7FwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPgsthbm353cqc+JKiJFJD40ONcLMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMS1DeTJGdWJmbmR5cHo0a3FJa1VrUGpRNDF3cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvMDk4MzdjLTk4ZjMtNGM5Zi1hZWJmLTg4MTQ4OGZmZGJi
MC8xL1VtSUVGZEpKQ2w3RDlwSmJuM2tFRG80aTNiOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCVaagKO2sBPLD5S4yY
Nm38AzglG6W1M/iML//SV3wL+9I7dJOHiQVZzLlFFHrnCkhbstMYp8kdpmdFeGAA
zIiIbuaAhqJW4IzblrLR7MF5p81Q4VZvI1oyDW3nFUIzVEgHxPdXbejXbpzgRek7
DMjqlKpHSoyA14Od0aemf5EiS+ZfX4L5PJU5qMEXXpMNIgdjBFBxz555ESLAApIC
v5n9t/1WMP8s/FcNzgEhReFe5xRSXwjAep56aIaKMWm1jGjnlhswN/qO49nfA/uI
WPj0piNDwXyga7vETwZDVec3O4e4ImuB4uRLCRryRzktn6xUjZemDdFtthctMcWB
LIVH
-----END CERTIFICATE-----
Generated at Wed Jul 3 22:04:06 2024 by rpki-client on console-fra.rpki-client.org