Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/87BmUS5VLgvDPRnOBzARzR2GytI.roa
File: 87BmUS5VLgvDPRnOBzARzR2GytI.roa (raw, json)
Hash identifier: Ni2TZRqBfVxjzgD9UslkhSg7o94dgfQl0gJU18w0j7M=
Subject key identifier: F3:B0:66:51:2E:55:2E:0B:C3:3D:19:CE:07:30:11:CD:1D:86:CA:D2
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FAD16C83A5EC6B17B04B265D24C85A8BC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/87BmUS5VLgvDPRnOBzARzR2GytI.roa
Signing time: Sat 25 May 2024 00:11:42 +0000
ROA not before: Sat 25 May 2024 00:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 May 2024 01:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ad:16:c8:3a:5e:c6:b1:7b:04:b2:65:d2:4c:85:a8:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 00:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3b066512e552e0bc33d19ce073011cd1d86cad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:90:4a:22:d9:5b:5c:d2:cc:6c:51:27:9b:81:
83:6f:83:67:10:84:21:10:29:3d:d5:01:65:b6:75:
06:c0:6c:1d:7f:76:dd:21:a5:8e:77:17:7b:c7:76:
d1:8e:8a:26:7b:f4:0c:2a:28:fd:66:63:38:54:2b:
1c:64:40:59:df:c0:74:19:06:71:ca:fd:ff:cb:c8:
b2:cf:a3:09:bc:3f:2f:2f:d0:07:87:bc:ba:c7:e4:
63:0a:03:71:49:e7:4a:f0:9f:2a:12:e1:2c:0d:ab:
8e:63:b5:1c:36:f4:57:b0:61:1a:42:06:1c:4c:70:
49:1c:69:6f:4e:91:12:30:92:07:2c:26:83:6f:83:
17:87:76:f1:76:1b:11:77:96:dc:31:a8:34:98:5b:
b9:6b:f6:14:94:2f:d6:8a:52:e4:90:05:1d:ef:5b:
b7:02:a5:b2:8d:e5:19:93:a7:18:b9:f2:ba:64:30:
ae:f5:68:f1:ea:a9:35:ac:3b:ea:7c:b7:63:5f:0c:
6d:82:53:b2:2c:d2:0b:ca:68:a1:4e:8c:45:de:24:
fc:4a:31:48:f9:25:4b:f4:84:dd:2b:e2:20:66:a3:
00:5d:9b:76:b8:27:32:73:f9:99:01:8c:10:36:93:
cb:cc:bd:ce:1c:a8:fb:e8:ba:33:22:39:3d:bf:87:
6b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B0:66:51:2E:55:2E:0B:C3:3D:19:CE:07:30:11:CD:1D:86:CA:D2
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/87BmUS5VLgvDPRnOBzARzR2GytI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:3a:ed:2f:ab:8f:c0:e4:fa:da:74:d1:3e:29:e4:2d:15:a4:
c2:89:ac:75:ab:2a:5a:02:fd:2e:f7:34:b1:b1:51:71:1b:ab:
b6:6c:46:5e:2a:a8:10:e3:07:d4:40:73:5f:f6:2c:70:cf:fd:
f6:5a:6e:f4:c0:a0:b7:08:b9:88:91:33:a2:78:b6:59:69:cf:
eb:22:43:ee:38:f2:01:51:65:f8:22:f9:17:f7:93:07:1d:48:
d0:ed:47:1b:6b:e3:ce:e8:69:c6:c8:fc:c8:f9:3a:68:02:a9:
2b:e8:0f:61:f3:54:95:ee:79:99:9c:26:a0:39:bf:e2:09:b1:
95:35:32:27:a6:10:a3:7d:d9:fe:80:9f:a3:8b:6d:fd:7c:6f:
5e:82:42:79:00:b1:08:e4:c2:ed:b1:fc:fb:37:c0:c3:c6:23:
4e:74:6b:46:77:e1:0e:ad:e8:4d:d4:6b:81:01:4e:ab:ae:7b:
14:3a:f7:87:94:e7:91:c7:c2:ac:d2:32:a2:90:1f:9e:6b:05:
8d:47:25:44:ec:86:b9:37:85:90:c4:6d:83:f9:71:da:d9:f7:
3f:12:0f:7c:09:51:78:c6:f7:12:30:dd:eb:0c:89:58:4d:ce:
af:15:e0:09:6a:94:e9:a7:8e:87:4f:10:45:5a:b3:6c:65:b4:
9a:bd:54:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+tFsg6XsaxewSyZdJMhai8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MDAxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2IwNjY1MTJlNTUyZTBiYzMzZDE5Y2UwNzMwMTFjZDFkODZjYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpBKItlbXNLMbFEnm4GDb4NnEIQh
ECk91QFltnUGwGwdf3bdIaWOdxd7x3bRjoome/QMKij9ZmM4VCscZEBZ38B0GQZx
yv3/y8iyz6MJvD8vL9AHh7y6x+RjCgNxSedK8J8qEuEsDauOY7UcNvRXsGEaQgYc
THBJHGlvTpESMJIHLCaDb4MXh3bxdhsRd5bcMag0mFu5a/YUlC/WilLkkAUd71u3
AqWyjeUZk6cYufK6ZDCu9Wjx6qk1rDvqfLdjXwxtglOyLNILymihToxF3iT8SjFI
+SVL9ITdK+IgZqMAXZt2uCcyc/mZAYwQNpPLzL3OHKj76LozIjk9v4drvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPOwZlEuVS4Lwz0ZzgcwEc0dhsrSMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvODdCbVVTNVZMZ3ZEUFJuT0J6QVJ6UjJHeXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHg67S+rj8Dk+tp00T4p
5C0VpMKJrHWrKloC/S73NLGxUXEbq7ZsRl4qqBDjB9RAc1/2LHDP/fZabvTAoLcI
uYiRM6J4tllpz+siQ+448gFRZfgi+Rf3kwcdSNDtRxtr487oacbI/Mj5OmgCqSvo
D2HzVJXueZmcJqA5v+IJsZU1MiemEKN92f6An6OLbf18b16CQnkAsQjkwu2x/Ps3
wMPGI050a0Z34Q6t6E3Ua4EBTquuexQ694eU55HHwqzSMqKQH55rBY1HJUTshrk3
hZDEbYP5cdrZ9z8SD3wJUXjG9xIw3esMiVhNzq8V4AlqlOmnjodPEEVas2xltJq9
VFw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org