Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4u8HFv8oa2sQngRbER8P0wWq7SI.roa
File: 4u8HFv8oa2sQngRbER8P0wWq7SI.roa (raw, json)
Hash identifier: 9CKs9tvhEJFJFrOWZd1bhxRIlhvY5G0GopHjln/536g=
Subject key identifier: E2:EF:07:16:FF:28:6B:6B:10:9E:04:5B:11:1F:0F:D3:05:AA:ED:22
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903A7E9D43810E66E99C8AFA853C5BF372
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4u8HFv8oa2sQngRbER8P0wWq7SI.roa
Signing time: Fri 21 Jun 2024 11:11:34 +0000
ROA not before: Fri 21 Jun 2024 11:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 12:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:7e:9d:43:81:0e:66:e9:9c:8a:fa:85:3c:5b:f3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 21 11:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2ef0716ff286b6b109e045b111f0fd305aaed22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:36:d4:41:71:e7:4f:50:9c:aa:67:4a:60:ae:
43:40:b6:bd:f8:ee:1e:5e:dd:25:d7:b3:86:1a:37:
0b:ad:14:73:d8:d9:27:58:67:79:c3:2f:e2:85:24:
3d:04:9d:5b:1d:ae:01:f6:6f:d1:96:37:33:4e:54:
24:74:2a:36:45:ba:39:a1:75:c1:a5:34:ec:eb:76:
cc:5b:6a:89:d3:56:c1:a8:18:ae:c7:7d:5d:13:a8:
06:12:fa:2c:6f:9b:fa:06:42:c3:db:ac:6a:c3:61:
ec:14:aa:de:79:26:d3:31:9a:53:7f:2d:d9:e3:2b:
84:9f:5d:6e:ea:cc:4b:85:05:a4:96:8e:99:2e:35:
98:b7:ee:98:1b:f5:f5:c1:38:9b:5e:b3:72:09:23:
a4:3b:bd:51:52:4c:a8:64:78:cb:bd:c8:7c:bb:49:
f7:97:1b:1f:fe:15:57:8a:3d:8a:bc:ca:ef:2a:30:
d1:7b:93:20:d9:12:26:f1:f4:e2:59:8b:ab:0a:f3:
1d:d3:8c:87:cd:66:f8:e5:4f:b1:cb:19:6d:1a:a6:
e3:5a:40:ae:fe:e9:9e:fc:39:e8:dc:b9:e7:b5:08:
a0:39:e6:c1:82:60:5d:f2:c6:09:f6:41:9c:66:66:
d5:66:8e:d5:e0:ea:74:c8:11:15:4a:f7:75:36:4d:
e3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EF:07:16:FF:28:6B:6B:10:9E:04:5B:11:1F:0F:D3:05:AA:ED:22
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/4u8HFv8oa2sQngRbER8P0wWq7SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:16:f3:bc:0a:59:20:d4:b8:84:5e:c6:9c:17:22:26:4a:16:
b6:01:cc:0f:d8:c7:d8:cd:c2:f5:30:60:90:89:f5:4d:51:5f:
e1:22:e8:cc:6a:52:72:ca:79:87:1b:c7:26:f1:6d:4b:ea:3a:
22:19:51:31:06:20:4a:20:18:ef:14:97:2b:54:3a:e5:11:fc:
00:05:90:07:33:9d:99:ab:a7:c5:0c:73:a2:00:48:c3:ca:9b:
96:db:b8:14:8c:7e:58:3d:85:77:34:b6:84:f5:f1:1c:09:f4:
d0:2f:09:8d:e5:38:ff:05:9e:9d:31:ba:3b:cf:8b:94:d1:08:
9f:af:08:45:59:ce:2c:97:4c:2e:29:1a:75:f4:40:24:11:b9:
0f:b0:a9:74:86:af:1f:95:40:29:98:f3:b3:2e:c2:11:6a:04:
bd:68:74:c1:53:ff:47:d1:66:5b:b1:40:20:82:ec:0f:ce:0d:
15:f2:a5:a9:74:04:6f:30:31:5d:dd:19:fb:19:3b:c2:5c:31:
21:14:95:36:dc:50:3c:93:14:5a:f7:03:4f:e3:1b:2d:32:fd:
88:25:34:e6:e9:38:80:2b:25:6b:e9:b8:bf:d6:7d:f2:4d:d3:
ed:e9:e5:6d:f1:3c:f7:9e:26:ed:80:65:ac:71:16:81:59:ef:
fc:0e:80:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA6fp1DgQ5m6ZyK+oU8W/NyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIxMTExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVmMDcxNmZmMjg2YjZiMTA5ZTA0NWIxMTFmMGZkMzA1YWFlZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzbUQXHnT1CcqmdKYK5DQLa9+O4e
Xt0l17OGGjcLrRRz2NknWGd5wy/ihSQ9BJ1bHa4B9m/RljczTlQkdCo2Rbo5oXXB
pTTs63bMW2qJ01bBqBiux31dE6gGEvosb5v6BkLD26xqw2HsFKreeSbTMZpTfy3Z
4yuEn11u6sxLhQWklo6ZLjWYt+6YG/X1wTibXrNyCSOkO71RUkyoZHjLvch8u0n3
lxsf/hVXij2KvMrvKjDRe5Mg2RIm8fTiWYurCvMd04yHzWb45U+xyxltGqbjWkCu
/ume/Dno3LnntQigOebBgmBd8sYJ9kGcZmbVZo7V4Op0yBEVSvd1Nk3j6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOLvBxb/KGtrEJ4EWxEfD9MFqu0iMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNHU4SEZ2OG9hMnNRbmdSYkVSOFAwd1dxN1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFoW87wKWSDUuIRexpwX
IiZKFrYBzA/Yx9jNwvUwYJCJ9U1RX+Ei6MxqUnLKeYcbxybxbUvqOiIZUTEGIEog
GO8UlytUOuUR/AAFkAcznZmrp8UMc6IASMPKm5bbuBSMflg9hXc0toT18RwJ9NAv
CY3lOP8Fnp0xujvPi5TRCJ+vCEVZziyXTC4pGnX0QCQRuQ+wqXSGrx+VQCmY87Mu
whFqBL1odMFT/0fRZluxQCCC7A/ODRXypal0BG8wMV3dGfsZO8JcMSEUlTbcUDyT
FFr3A0/jGy0y/YglNObpOIArJWvpuL/WffJN0+3p5W3xPPeeJu2AZaxxFoFZ7/wO
gPA=
-----END CERTIFICATE-----
Generated at Fri Jun 21 15:28:51 2024 by rpki-client on console-fra.rpki-client.org