Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3AR-u_8YWsBmlziyHaeahd53YsA.roa
File: 3AR-u_8YWsBmlziyHaeahd53YsA.roa (raw, json)
Hash identifier: 9Nl0/X3NTuD8CMRdJFHXdRNOe/xCbS7Uf2tfI5Ij9BY=
Subject key identifier: DC:04:7E:BB:FF:18:5A:C0:66:97:38:B2:1D:A7:9A:85:DE:77:62:C0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD41DB4AD798907DFFC82E17F4EC0EBD4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3AR-u_8YWsBmlziyHaeahd53YsA.roa
Signing time: Sat 01 Jun 2024 14:04:27 +0000
ROA not before: Sat 01 Jun 2024 14:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:d41d:7b73/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 01 Jun 2024 14:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:1d:b4:ad:79:89:07:df:fc:82:e1:7f:4e:c0:eb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 1 14:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc047ebbff185ac0669738b21da79a85de7762c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ee:a3:ca:d1:f3:89:09:cc:9c:86:f7:d2:d1:
23:01:7f:16:aa:56:8b:85:08:91:dc:97:fd:59:6e:
18:cb:87:ad:89:e2:93:d4:f4:62:47:61:3b:60:b6:
3c:07:47:36:1c:a0:3e:a9:85:72:09:95:1b:03:93:
ba:47:98:93:e4:53:36:47:58:72:0b:fa:c3:3c:31:
90:eb:23:16:68:62:f7:5f:32:97:67:40:9f:8d:74:
74:9a:7a:c6:80:ee:96:98:5a:d0:fa:2c:a0:15:91:
45:84:62:7c:7c:14:84:a9:44:c6:35:b9:4e:ad:0f:
2b:21:94:bd:b0:93:f1:35:43:e7:66:ff:c7:8c:ec:
45:65:9e:dc:93:4f:6d:9a:bd:75:c0:a7:00:c5:14:
1b:20:d1:81:e9:54:ed:09:8a:fb:7a:e9:f2:0a:97:
34:ff:4e:9b:79:0a:7d:20:cb:bb:c7:90:07:15:8b:
39:f2:90:48:1b:e6:4a:4d:6e:3a:3e:6a:2b:d5:bc:
c4:39:bf:d1:7f:f8:5b:d2:3a:16:4a:15:1d:7b:0a:
e7:46:7d:de:e9:7a:8a:22:27:3f:24:0a:bf:6f:66:
23:ad:41:86:bc:4d:98:56:d3:d8:cd:fd:9b:5f:62:
5d:97:22:3a:b4:df:29:78:27:6a:20:bd:90:ad:34:
a3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:04:7E:BB:FF:18:5A:C0:66:97:38:B2:1D:A7:9A:85:DE:77:62:C0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3AR-u_8YWsBmlziyHaeahd53YsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:40:1c:b1:6b:28:b9:93:16:cd:7d:c1:3a:d4:f1:a0:9d:0d:
91:a0:c5:dd:36:20:60:fd:e0:b3:25:46:92:fe:ec:78:91:7e:
9f:93:69:5c:46:fa:50:6f:d3:2f:ed:f8:de:b3:20:71:32:93:
8c:7a:63:d7:6b:39:8c:44:d2:19:4a:0d:57:ac:38:76:71:93:
05:b1:5b:ae:9a:07:13:21:86:e8:69:e0:bf:3f:c2:f4:d1:0e:
63:ed:89:9c:89:c3:20:61:62:c4:e6:c7:37:dc:f0:25:8d:80:
c4:4b:7f:03:94:83:c8:79:70:b6:cd:a0:fc:cb:ba:74:ac:0d:
49:54:b6:62:49:b2:e8:36:56:3c:b6:00:11:3f:12:3b:15:14:
67:ad:bd:d3:f6:78:a2:d6:0f:67:72:f1:78:ed:9b:ab:42:99:
79:e2:c1:db:d8:45:80:b4:ea:6d:8a:da:ab:9a:bb:b0:3a:dc:
cc:81:6d:70:a9:3c:ed:3d:3a:d4:3d:9b:f9:49:11:12:9a:0d:
02:d3:57:0e:7f:e8:5b:55:3b:dc:0f:d6:9b:1c:27:71:fa:c7:
03:c7:c4:68:14:09:c9:a5:db:a3:5f:15:c0:09:5e:02:a6:d4:
62:9c:99:47:a2:90:36:7e:26:d3:72:b0:9f:68:77:16:0c:0a:
7f:28:10:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/UHbSteYkH3/yC4X9OwOvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAxMTQwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzA0N2ViYmZmMTg1YWMwNjY5NzM4YjIxZGE3OWE4NWRlNzc2MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue6jytHziQnMnIb30tEjAX8WqlaL
hQiR3Jf9WW4Yy4etieKT1PRiR2E7YLY8B0c2HKA+qYVyCZUbA5O6R5iT5FM2R1hy
C/rDPDGQ6yMWaGL3XzKXZ0CfjXR0mnrGgO6WmFrQ+iygFZFFhGJ8fBSEqUTGNblO
rQ8rIZS9sJPxNUPnZv/HjOxFZZ7ck09tmr11wKcAxRQbINGB6VTtCYr7eunyCpc0
/06beQp9IMu7x5AHFYs58pBIG+ZKTW46Pmor1bzEOb/Rf/hb0joWShUdewrnRn3e
6XqKIic/JAq/b2YjrUGGvE2YVtPYzf2bX2JdlyI6tN8peCdqIL2QrTSjuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNwEfrv/GFrAZpc4sh2nmoXed2LAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM0FSLXVfOFlXc0JtbHppeUhhZWFoZDUzWXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJRAHLFrKLmTFs19wTrU
8aCdDZGgxd02IGD94LMlRpL+7HiRfp+TaVxG+lBv0y/t+N6zIHEyk4x6Y9drOYxE
0hlKDVesOHZxkwWxW66aBxMhhuhp4L8/wvTRDmPtiZyJwyBhYsTmxzfc8CWNgMRL
fwOUg8h5cLbNoPzLunSsDUlUtmJJsug2Vjy2ABE/EjsVFGetvdP2eKLWD2dy8Xjt
m6tCmXniwdvYRYC06m2K2quau7A63MyBbXCpPO09OtQ9m/lJERKaDQLTVw5/6FtV
O9wP1pscJ3H6xwPHxGgUCcml26NfFcAJXgKm1GKcmUeikDZ+JtNysJ9odxYMCn8o
EMQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org