Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/86WLxQV6Rr0mH9KE4u88Ho7KGz0.roa
File: 86WLxQV6Rr0mH9KE4u88Ho7KGz0.roa (raw, json)
Hash identifier: NnjRkFHF1jBc44P/sjyqW/2I/byDs54kuFh7TPJVHi4=
Subject key identifier: F3:A5:8B:C5:05:7A:46:BD:26:1F:D2:84:E2:EF:3C:1E:8E:CA:1B:3D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FE885B5BBBAF8CBBCFD68BC1B6DD4122D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/86WLxQV6Rr0mH9KE4u88Ho7KGz0.roa
Signing time: Wed 05 Jun 2024 13:10:27 +0000
ROA not before: Wed 05 Jun 2024 13:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Jun 2024 14:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:85:b5:bb:ba:f8:cb:bc:fd:68:bc:1b:6d:d4:12:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 5 13:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3a58bc5057a46bd261fd284e2ef3c1e8eca1b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7d:66:f9:5d:2c:1d:22:a3:3e:9a:32:9d:38:
42:61:20:7d:6e:d7:7f:33:d9:48:19:c1:62:e3:3f:
24:1c:a0:0a:be:14:c4:fc:d6:b8:d9:d1:c9:a3:e8:
8b:23:63:6b:c6:46:05:a1:aa:ad:cd:77:da:7f:0e:
56:74:51:b9:77:89:91:9c:f2:79:6b:e6:94:c6:13:
23:12:cf:86:71:14:d0:5e:f2:95:7a:26:61:a0:aa:
79:ca:82:2e:fc:f1:8f:f4:50:2a:bc:b1:92:00:90:
7d:43:00:f5:3a:7e:cc:a4:ab:8a:ba:4c:f0:08:2b:
36:57:41:c1:37:66:28:58:71:37:81:13:94:a9:7a:
21:9e:38:a9:e8:43:5f:d2:c9:fb:c1:a5:66:39:11:
ce:c1:af:d1:a1:c4:f2:e0:25:61:37:78:f8:b5:8f:
80:21:03:ae:1f:34:cb:a8:64:e6:06:ad:57:53:64:
d1:3f:2b:00:fb:70:26:ac:bf:00:14:f1:66:2a:ff:
2d:a3:6e:c7:0c:f7:5b:6e:d1:b6:15:e0:84:d0:7d:
3a:40:12:e4:79:4e:04:32:6a:2a:23:b1:4d:55:9a:
4f:4c:4e:1c:ff:35:79:11:ca:b2:ad:22:4d:cc:53:
6e:58:43:ca:6a:0b:a2:9b:a9:85:ba:2a:ea:11:69:
57:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A5:8B:C5:05:7A:46:BD:26:1F:D2:84:E2:EF:3C:1E:8E:CA:1B:3D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/86WLxQV6Rr0mH9KE4u88Ho7KGz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:15:eb:20:7e:6b:1a:d9:57:0d:31:cd:3b:b3:30:90:4c:bc:
8e:2a:08:8f:7e:28:5a:ae:96:ca:ee:6f:79:10:56:b1:4b:68:
21:bd:3a:ea:23:a0:b7:ae:02:b1:02:a0:4d:a5:78:10:16:1a:
1c:72:7f:3f:e6:a9:db:68:73:8f:7a:ff:09:82:99:4f:bd:61:
1c:52:ad:0e:9c:f9:c1:b5:ba:22:b3:5b:53:29:83:84:5b:c7:
f3:52:2b:d3:69:77:fe:9d:e8:a3:9d:f0:1f:a8:dc:81:4b:c7:
87:7b:3d:16:c0:a9:85:cb:0c:4f:8c:c4:ee:aa:9b:7b:2b:9a:
a1:9e:01:cb:ba:c5:6a:40:5f:72:76:a4:77:63:97:a5:f9:6e:
10:d5:a5:c9:ae:63:29:15:b2:ea:52:1f:2f:90:f4:66:dc:39:
48:a6:6e:46:73:c7:e2:80:ad:c1:36:26:84:ad:50:04:90:34:
8b:7b:44:5b:10:79:a5:5c:59:9d:6d:33:dc:fb:78:42:c6:f3:
a1:37:ff:44:5b:28:a6:35:22:89:85:cc:c3:6e:12:71:8b:24:
4c:be:8c:43:7e:35:fa:75:b8:93:55:65:ad:41:89:74:34:9b:
c1:8a:b3:e8:53:0d:ec:e3:d8:67:a5:6a:1a:55:79:dc:26:a7:
55:29:cd:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/ohbW7uvjLvP1ovBtt1BItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA1MTMxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2E1OGJjNTA1N2E0NmJkMjYxZmQyODRlMmVmM2MxZThlY2ExYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA231m+V0sHSKjPpoynThCYSB9btd/
M9lIGcFi4z8kHKAKvhTE/Na42dHJo+iLI2NrxkYFoaqtzXfafw5WdFG5d4mRnPJ5
a+aUxhMjEs+GcRTQXvKVeiZhoKp5yoIu/PGP9FAqvLGSAJB9QwD1On7MpKuKukzw
CCs2V0HBN2YoWHE3gROUqXohnjip6ENf0sn7waVmORHOwa/RocTy4CVhN3j4tY+A
IQOuHzTLqGTmBq1XU2TRPysA+3AmrL8AFPFmKv8to27HDPdbbtG2FeCE0H06QBLk
eU4EMmoqI7FNVZpPTE4c/zV5EcqyrSJNzFNuWEPKaguim6mFuirqEWlXswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPOli8UFeka9Jh/ShOLvPB6Oyhs9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvODZXTHhRVjZScjBtSDlLRTR1ODhIbzdLR3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIYV6yB+axrZVw0xzTuz
MJBMvI4qCI9+KFqulsrub3kQVrFLaCG9OuojoLeuArECoE2leBAWGhxyfz/mqdto
c496/wmCmU+9YRxSrQ6c+cG1uiKzW1Mpg4Rbx/NSK9Npd/6d6KOd8B+o3IFLx4d7
PRbAqYXLDE+MxO6qm3srmqGeAcu6xWpAX3J2pHdjl6X5bhDVpcmuYykVsupSHy+Q
9GbcOUimbkZzx+KArcE2JoStUASQNIt7RFsQeaVcWZ1tM9z7eELG86E3/0RbKKY1
IomFzMNuEnGLJEy+jEN+Nfp1uJNVZa1BiXQ0m8GKs+hTDezj2GelahpVedwmp1Up
zYg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org