Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3aQfjxhPOMffEAPli1ny36_fLzE.roa
File: 3aQfjxhPOMffEAPli1ny36_fLzE.roa (raw, json)
Hash identifier: 44Sk20Vvd4w/Y0pyu/3jKmLbSHrc/+qUmh2qbfADzWE=
Subject key identifier: DD:A4:1F:8F:18:4F:38:C7:DF:10:03:E5:8B:59:F2:DF:AF:DF:2F:31
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD6B74BF38AB43C640084049B4E69F086
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3aQfjxhPOMffEAPli1ny36_fLzE.roa
Signing time: Sun 02 Jun 2024 02:11:27 +0000
ROA not before: Sun 02 Jun 2024 02:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 05:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d6:b7:4b:f3:8a:b4:3c:64:00:84:04:9b:4e:69:f0:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 02:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dda41f8f184f38c7df1003e58b59f2dfafdf2f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7a:93:25:c2:19:cd:32:27:da:d8:a4:b4:3a:
27:31:05:f9:e5:d9:23:42:77:a6:dd:53:89:b6:c7:
2d:48:4f:00:d3:bd:7d:ed:62:87:5f:cd:06:7e:1c:
00:6e:1b:a2:55:04:3c:6e:64:a6:e4:ca:1c:7c:89:
64:fd:08:d9:37:af:53:38:bc:97:94:fa:a3:e3:5c:
8a:00:bc:18:96:ca:33:21:d5:ab:5d:18:2e:6d:ad:
d1:09:9d:4c:39:81:3e:30:64:ea:e7:34:5b:a2:5a:
be:7a:aa:4a:3f:9b:6d:f0:15:bb:25:b0:4c:a8:e3:
03:cb:60:c7:cf:af:6f:b5:12:da:9b:3a:1d:4e:9e:
1b:95:de:91:ea:4f:f5:9b:29:09:49:d7:3c:8c:cf:
8f:4c:26:1a:34:e4:35:37:81:9b:5e:77:3c:a7:e0:
a1:12:f8:08:76:fa:25:a1:ee:fc:a8:03:50:89:7c:
a1:92:0f:a5:ed:18:e6:8d:eb:44:fa:16:0a:10:23:
4d:fd:d3:c2:31:ae:6f:2e:3f:8b:b7:c0:b7:33:dd:
6f:29:6f:6c:4a:22:43:85:0a:ed:53:7d:0a:c4:54:
1d:55:82:d1:d8:86:a0:3e:4e:e3:ed:79:b6:00:7d:
5c:2f:ed:85:d7:00:02:55:f0:f5:ad:f0:b4:a1:99:
35:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A4:1F:8F:18:4F:38:C7:DF:10:03:E5:8B:59:F2:DF:AF:DF:2F:31
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/3aQfjxhPOMffEAPli1ny36_fLzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:50:3e:67:bc:ab:27:cb:83:88:ac:b9:1b:a2:87:d9:c8:11:
66:1e:22:dc:1e:5e:0b:ff:5e:e6:d1:23:5b:cb:20:13:7b:ce:
7f:24:f9:0c:77:b4:a4:34:b3:58:13:33:7e:a4:79:3d:01:bd:
4b:cb:83:c9:37:49:03:1f:97:57:65:b9:43:31:a5:51:61:17:
13:2d:2a:bd:36:bb:94:ee:9d:b0:0c:e3:18:69:5d:5e:3a:68:
25:0c:ab:f5:e2:82:fe:78:e6:7c:0c:94:55:58:de:40:cd:fa:
a8:17:13:a5:55:72:a6:df:93:d0:1a:6f:d1:a4:23:ae:83:9b:
56:fd:36:00:9d:c2:1e:14:69:ab:0a:09:73:df:4a:41:4e:66:
ca:d5:14:2a:ee:91:ae:20:87:92:a2:52:dc:af:e0:6d:db:f5:
76:81:15:6f:26:e2:04:04:aa:2f:2d:74:e8:22:e3:9a:b3:18:
5b:1e:73:f2:8f:c0:bd:db:a2:f9:b1:38:b0:54:5f:2c:e7:b4:
4a:50:1b:7c:6a:40:8c:3c:20:1f:52:74:fd:5d:99:99:87:af:
6b:d7:3a:9e:93:98:00:6a:fd:eb:c4:72:c1:da:e3:28:42:f6:
c8:57:1b:a6:92:00:34:e3:64:00:df:eb:4c:4d:ec:f5:ce:58:
43:34:42:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/Wt0vzirQ8ZACEBJtOafCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMDIxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGE0MWY4ZjE4NGYzOGM3ZGYxMDAzZTU4YjU5ZjJkZmFmZGYyZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXqTJcIZzTIn2tiktDonMQX55dkj
Qnem3VOJtsctSE8A07197WKHX80GfhwAbhuiVQQ8bmSm5MocfIlk/QjZN69TOLyX
lPqj41yKALwYlsozIdWrXRguba3RCZ1MOYE+MGTq5zRbolq+eqpKP5tt8BW7JbBM
qOMDy2DHz69vtRLamzodTp4bld6R6k/1mykJSdc8jM+PTCYaNOQ1N4GbXnc8p+Ch
EvgIdvoloe78qANQiXyhkg+l7RjmjetE+hYKECNN/dPCMa5vLj+Lt8C3M91vKW9s
SiJDhQrtU30KxFQdVYLR2IagPk7j7Xm2AH1cL+2F1wACVfD1rfC0oZk1vQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2kH48YTzjH3xAD5YtZ8t+v3y8xMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvM2FRZmp4aFBPTWZmRUFQbGkxbnkzNl9mTHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADtQPme8qyfLg4isuRui
h9nIEWYeItweXgv/XubRI1vLIBN7zn8k+Qx3tKQ0s1gTM36keT0BvUvLg8k3SQMf
l1dluUMxpVFhFxMtKr02u5TunbAM4xhpXV46aCUMq/Xigv545nwMlFVY3kDN+qgX
E6VVcqbfk9Aab9GkI66Dm1b9NgCdwh4UaasKCXPfSkFOZsrVFCruka4gh5KiUtyv
4G3b9XaBFW8m4gQEqi8tdOgi45qzGFsec/KPwL3bovmxOLBUXyzntEpQG3xqQIw8
IB9SdP1dmZmHr2vXOp6TmABq/evEcsHa4yhC9shXG6aSADTjZADf60xN7PXOWEM0
Qtw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org