Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3-iSvGIDeYdHGl86ZlQEvLePmFY.roa
File: 3-iSvGIDeYdHGl86ZlQEvLePmFY.roa (raw, json)
Hash identifier: sDfMq6QGEBt9jP+EJ82es/mCeFCunk8TtGBTVJTATjU=
Subject key identifier: DF:E8:92:BC:62:03:79:87:47:1A:5F:3A:66:54:04:BC:B7:8F:98:56
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC1794AABD5CBA135914734C6E109DD45
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3-iSvGIDeYdHGl86ZlQEvLePmFY.roa
Signing time: Tue 28 May 2024 23:11:42 +0000
ROA not before: Tue 28 May 2024 23:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 00:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c1:79:4a:ab:d5:cb:a1:35:91:47:34:c6:e1:09:dd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 28 23:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfe892bc62037987471a5f3a665404bcb78f9856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:65:eb:c5:b0:f8:6f:20:ec:e3:7e:38:fe:ad:
6e:da:61:9a:48:27:28:8f:32:65:1d:a9:e4:a1:64:
91:18:06:01:aa:de:55:ae:54:f2:14:e8:cc:3e:a6:
23:fc:1b:71:6e:09:a4:d1:7a:f8:70:bc:9d:82:0e:
27:59:fc:16:8f:63:a1:4b:4f:24:71:57:11:5e:96:
75:30:cd:8a:61:1e:e1:ad:40:4b:04:78:98:0c:51:
c5:7f:18:a1:87:ae:a6:f0:0c:f4:90:e1:c5:0d:79:
4d:0a:83:6b:01:06:6d:5d:a6:2f:22:22:b6:3a:70:
bd:85:0d:6f:39:ac:9b:5f:d7:26:ba:26:c0:c7:c8:
dd:0e:9f:db:ee:78:e0:d6:fb:b2:96:89:90:33:0f:
9f:b8:6f:f7:6e:c4:83:b9:f6:6f:69:b1:d4:66:54:
42:b0:d8:8d:61:34:3a:be:ba:e6:85:39:b0:d8:84:
3f:07:75:d5:af:83:89:36:aa:93:3c:93:05:ca:95:
70:64:6e:29:70:ec:f7:26:ae:52:ca:cf:94:be:40:
c5:95:12:6c:cc:36:30:43:d0:b2:b5:68:6f:c3:4a:
ee:91:1e:ee:3c:46:4c:25:54:ad:95:d8:09:58:5a:
cd:6e:d8:8e:c0:b9:e8:78:81:b0:50:42:4a:52:af:
c7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E8:92:BC:62:03:79:87:47:1A:5F:3A:66:54:04:BC:B7:8F:98:56
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3-iSvGIDeYdHGl86ZlQEvLePmFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:82:42:e1:74:53:2f:b1:04:cb:b0:88:d3:bd:d3:3a:ea:07:
61:70:1f:8c:39:fa:9c:f6:bd:ad:fa:ea:83:f0:c1:54:ae:d5:
69:93:b2:c8:91:0c:47:8b:4c:8e:a9:f1:ac:65:82:fb:0b:f6:
a3:43:98:f5:a0:30:d3:af:df:2b:70:37:3b:fd:1b:66:a8:43:
32:3d:35:5e:36:95:ba:ab:c4:39:85:5c:a9:42:6c:6c:e0:2e:
35:99:c3:e9:2a:49:76:3b:dd:cc:f4:b2:e5:13:30:c8:86:82:
68:e6:6e:80:9e:f4:5d:9c:07:04:b3:ca:cb:90:7b:52:52:f1:
d8:8a:9a:92:ef:04:ab:c1:ed:a8:a7:40:7b:ce:7d:8d:90:bc:
5a:97:89:b5:5e:5d:1c:dd:cd:8f:e6:ee:1a:7f:b6:2b:c0:de:
89:97:b9:db:23:5e:ff:c1:56:17:b7:b8:46:88:95:c5:cc:d0:
be:0b:b5:7d:ca:51:09:5e:88:8f:a8:e7:8c:00:37:1a:4f:5d:
ae:2a:a1:cd:7b:32:96:99:f2:be:69:f3:c6:3f:54:77:a1:68:
16:5f:57:04:bb:e6:d1:66:51:26:dd:46:a8:59:76:d7:91:11:
3a:8c:58:fa:37:c5:7e:7e:51:1d:fd:62:18:23:0c:41:15:41:
2b:06:25:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/BeUqr1cuhNZFHNMbhCd1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI4MjMxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmU4OTJiYzYyMDM3OTg3NDcxYTVmM2E2NjU0MDRiY2I3OGY5ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWXrxbD4byDs4344/q1u2mGaSCco
jzJlHankoWSRGAYBqt5VrlTyFOjMPqYj/Btxbgmk0Xr4cLydgg4nWfwWj2OhS08k
cVcRXpZ1MM2KYR7hrUBLBHiYDFHFfxihh66m8Az0kOHFDXlNCoNrAQZtXaYvIiK2
OnC9hQ1vOaybX9cmuibAx8jdDp/b7njg1vuylomQMw+fuG/3bsSDufZvabHUZlRC
sNiNYTQ6vrrmhTmw2IQ/B3XVr4OJNqqTPJMFypVwZG4pcOz3Jq5Sys+UvkDFlRJs
zDYwQ9CytWhvw0rukR7uPEZMJVStldgJWFrNbtiOwLnoeIGwUEJKUq/HqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN/okrxiA3mHRxpfOmZUBLy3j5hWMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvMy1pU3ZHSURlWWRIR2w4NlpsUUV2TGVQbUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAWCQuF0Uy+xBMuwiNO9
0zrqB2FwH4w5+pz2va366oPwwVSu1WmTssiRDEeLTI6p8axlgvsL9qNDmPWgMNOv
3ytwNzv9G2aoQzI9NV42lbqrxDmFXKlCbGzgLjWZw+kqSXY73cz0suUTMMiGgmjm
boCe9F2cBwSzysuQe1JS8diKmpLvBKvB7ainQHvOfY2QvFqXibVeXRzdzY/m7hp/
tivA3omXudsjXv/BVhe3uEaIlcXM0L4LtX3KUQleiI+o54wANxpPXa4qoc17MpaZ
8r5p88Y/VHehaBZfVwS75tFmUSbdRqhZdteRETqMWPo3xX5+UR39YhgjDEEVQSsG
JRA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org