Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2emkLPg5f8zisz6m_GrKJ-sUWAA.roa
File: 2emkLPg5f8zisz6m_GrKJ-sUWAA.roa (raw, json)
Hash identifier: VVQqK1B3ruYrS/82gTtNX1/EODS6chcOV3kIV9VeRZk=
Subject key identifier: D9:E9:A4:2C:F8:39:7F:CC:E2:B3:3E:A6:FC:6A:CA:27:EB:14:58:00
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019005EB713F196DD000818EB2EF3B9FF422
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2emkLPg5f8zisz6m_GrKJ-sUWAA.roa
Signing time: Tue 11 Jun 2024 06:10:34 +0000
ROA not before: Tue 11 Jun 2024 06:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:05:eb:71:3f:19:6d:d0:00:81:8e:b2:ef:3b:9f:f4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 11 06:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9e9a42cf8397fcce2b33ea6fc6aca27eb145800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:86:86:7f:39:d5:ec:5b:83:0f:c5:44:ad:
84:f2:8e:df:d7:86:8e:bc:3d:1c:31:38:ce:37:01:
1b:c3:08:32:7d:fc:bb:5d:87:9e:b8:b5:93:e7:76:
d7:ad:58:e1:f4:d0:5b:d4:f3:6e:12:0f:ba:a8:fd:
41:2f:77:50:b5:2c:e0:b8:c2:e6:27:17:b3:51:53:
1a:0f:e6:8e:d2:b3:56:db:48:b1:06:46:dc:aa:d5:
5b:08:cf:2d:1b:37:72:4b:1a:16:85:4b:dc:3e:a8:
18:b4:e9:ea:24:aa:9e:08:eb:0f:d2:74:fe:f7:95:
ce:14:6d:a6:3c:14:c9:cf:1e:2f:0a:ac:ee:0b:58:
b7:c4:d6:85:9f:c5:29:97:28:de:d2:f9:20:72:09:
07:53:0d:bf:ad:7e:b4:45:66:06:35:0e:ed:be:f3:
56:04:2f:ea:e3:e3:fd:6a:39:6d:ff:4d:f3:5c:60:
4f:72:ed:df:4a:90:3d:cb:8c:2e:fd:c3:d3:d0:18:
91:39:ee:83:12:8f:10:b9:c7:3f:ff:ae:42:99:f1:
e6:4c:6f:a1:3e:97:ca:4f:94:fa:64:c8:b9:a7:61:
6a:db:37:09:18:ae:99:8b:55:96:c5:60:78:7a:5b:
58:c6:e5:8e:29:1a:85:1b:3a:82:fc:5e:84:21:98:
6e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E9:A4:2C:F8:39:7F:CC:E2:B3:3E:A6:FC:6A:CA:27:EB:14:58:00
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/2emkLPg5f8zisz6m_GrKJ-sUWAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:45:a5:cf:0c:57:98:5d:0e:54:9f:25:61:20:96:ab:76:9e:
7e:09:a1:29:12:b6:b7:28:56:9d:5b:14:42:e7:43:85:1f:43:
83:e2:7f:2f:0c:89:64:d8:92:3c:a8:8a:fe:3e:4c:21:67:eb:
be:ba:16:c0:74:50:d8:da:a4:a3:07:e8:4e:6f:df:b5:eb:1a:
59:04:5b:08:0c:c2:23:36:46:ea:b4:bb:02:85:a1:f5:e1:32:
a3:55:3b:bc:d3:84:7f:55:c8:5c:13:6b:f1:3f:60:57:0a:ad:
46:6f:cb:cb:59:4c:90:dd:1f:de:25:ee:28:e1:b0:9a:0c:27:
1d:70:30:33:96:89:9e:27:67:1b:e8:d4:6e:5e:ba:f9:66:5d:
19:36:dd:9c:85:cf:d8:d9:3f:ec:2a:05:2b:88:12:49:f0:32:
fd:e5:dd:00:4e:d0:31:0f:1d:28:d5:16:21:2f:58:07:16:9e:
c5:4b:f0:8e:68:de:fe:9f:8d:be:61:ff:c0:67:f7:00:1c:71:
23:33:eb:55:c7:9a:86:8a:ea:ea:df:c8:8e:e6:67:64:27:27:
79:27:8f:a9:61:d9:7e:50:09:04:2f:51:fb:af:3e:41:92:af:
90:c4:50:0f:cf:66:39:d8:0a:52:c5:58:73:86:0c:c5:4f:ff:
a8:2d:4f:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAF63E/GW3QAIGOsu87n/QiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjExMDYxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU5YTQyY2Y4Mzk3ZmNjZTJiMzNlYTZmYzZhY2EyN2ViMTQ1ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur2Ghn851exbgw/FRK2E8o7f14aO
vD0cMTjONwEbwwgyffy7XYeeuLWT53bXrVjh9NBb1PNuEg+6qP1BL3dQtSzguMLm
JxezUVMaD+aO0rNW20ixBkbcqtVbCM8tGzdySxoWhUvcPqgYtOnqJKqeCOsP0nT+
95XOFG2mPBTJzx4vCqzuC1i3xNaFn8Uplyje0vkgcgkHUw2/rX60RWYGNQ7tvvNW
BC/q4+P9ajlt/03zXGBPcu3fSpA9y4wu/cPT0BiROe6DEo8Qucc//65CmfHmTG+h
PpfKT5T6ZMi5p2Fq2zcJGK6Zi1WWxWB4eltYxuWOKRqFGzqC/F6EIZhu2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNnppCz4OX/M4rM+pvxqyifrFFgAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMmVta0xQZzVmOHppc3o2bV9HcktKLXNVV0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAClFpc8MV5hdDlSfJWEg
lqt2nn4JoSkStrcoVp1bFELnQ4UfQ4Pify8MiWTYkjyoiv4+TCFn6766FsB0UNja
pKMH6E5v37XrGlkEWwgMwiM2Ruq0uwKFofXhMqNVO7zThH9VyFwTa/E/YFcKrUZv
y8tZTJDdH94l7ijhsJoMJx1wMDOWiZ4nZxvo1G5euvlmXRk23ZyFz9jZP+wqBSuI
EknwMv3l3QBO0DEPHSjVFiEvWAcWnsVL8I5o3v6fjb5h/8Bn9wAccSMz61XHmoaK
6urfyI7mZ2QnJ3knj6lh2X5QCQQvUfuvPkGSr5DEUA/PZjnYClLFWHOGDMVP/6gt
T+s=
-----END CERTIFICATE-----
Generated at Tue Jun 11 12:41:28 2024 by rpki-client on console-ams.rpki-client.org