Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/89lmfAuSZxLru9Kh4tkQxpYek68.roa
File: 89lmfAuSZxLru9Kh4tkQxpYek68.roa (raw, json)
Hash identifier: 8AbfvnxTWywMfoYNpBayLiF5vMHI7wBEgOd99nGyKJ0=
Subject key identifier: F3:D9:66:7C:0B:92:67:12:EB:BB:D2:A1:E2:D9:10:C6:96:1E:93:AF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906C7D70F4FDE57FCD53F7C1B60E962548
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/89lmfAuSZxLru9Kh4tkQxpYek68.roa
Signing time: Mon 01 Jul 2024 04:11:18 +0000
ROA not before: Mon 01 Jul 2024 04:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 05:04:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6c:7d:70:f4:fd:e5:7f:cd:53:f7:c1:b6:0e:96:25:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 04:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3d9667c0b926712ebbbd2a1e2d910c6961e93af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e6:2c:9e:e9:54:37:37:7d:fe:fd:23:11:98:
eb:ec:4e:36:af:0e:0d:0b:61:9c:84:1f:79:fe:94:
63:d7:90:d1:cf:28:5a:8c:15:8b:1b:44:6a:b4:c9:
7c:d7:71:b1:82:29:b1:d4:94:d1:fc:00:5b:c5:88:
41:0d:76:c3:13:d7:f7:c2:17:58:fe:7a:21:d9:ca:
6c:59:85:39:79:6d:a2:d7:7c:6b:d3:6b:d2:8d:57:
de:1a:02:71:de:89:b3:b1:09:27:66:32:ae:f7:5a:
68:ec:a9:cd:23:bc:b0:e1:ee:f0:8a:fa:4c:6c:6b:
de:9d:3f:23:7b:a2:e7:1b:cd:d3:cd:39:a4:ef:36:
23:e0:51:f5:cf:ac:98:65:68:59:56:f3:fa:ba:e7:
7e:a8:e1:7e:31:90:6b:ae:28:9b:8e:77:88:ed:cf:
22:65:d1:d3:80:70:01:89:7e:64:ed:3c:ca:fa:17:
84:3d:2f:50:d5:c1:a2:94:8f:79:b2:2e:5b:17:41:
45:75:39:84:e3:51:10:54:77:06:a0:98:59:c5:8e:
a5:88:27:e4:e9:e5:5c:4a:4b:d1:02:03:00:f1:cc:
43:5a:fb:45:e2:dc:47:77:91:dd:02:5a:ce:0c:ac:
35:74:19:a8:eb:89:47:c8:e7:fb:b6:c7:de:64:f5:
eb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D9:66:7C:0B:92:67:12:EB:BB:D2:A1:E2:D9:10:C6:96:1E:93:AF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/89lmfAuSZxLru9Kh4tkQxpYek68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:44:e2:c4:8f:a9:8d:eb:11:0c:64:a6:d3:25:1d:7a:7e:15:
ec:f2:06:55:c3:e4:28:ba:75:9e:71:84:83:86:23:5e:72:cb:
2e:7a:67:a3:14:6c:8f:f1:44:a1:03:6e:1a:64:9b:7e:4c:3e:
99:95:49:c2:70:ce:5b:16:ae:ab:0d:1e:c3:d0:b2:8a:e8:b3:
12:6e:75:b3:86:0b:e6:2b:6d:f6:52:95:2f:28:98:ef:ad:9a:
12:20:33:b8:d0:19:3a:1d:f1:1c:b3:5d:4c:16:8c:07:4c:d8:
00:f1:5f:05:37:78:6c:52:00:5f:63:03:53:8a:32:b2:c4:d6:
4b:c4:af:a0:0e:f5:16:17:e6:a4:8b:14:a0:31:24:f4:72:ef:
6c:dc:33:ae:69:54:8a:56:ce:a8:3e:2f:33:b9:58:27:af:01:
a1:ee:87:ea:9e:15:86:a1:0f:ef:fe:ff:90:52:9d:8c:e5:a9:
c2:54:6d:eb:d1:cb:e9:c7:1e:bf:fe:fc:74:b8:78:21:27:2e:
01:66:79:08:86:00:5e:91:e8:41:29:d9:e2:0b:e9:e0:20:87:
eb:fa:cb:38:1f:9b:72:b5:4b:0c:e8:9d:35:2f:d5:e0:59:0e:
7a:30:c3:be:48:18:8e:9f:08:e8:41:75:3e:6d:3c:7b:4f:f9:
1f:c3:ca:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBsfXD0/eV/zVP3wbYOliVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMDQxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2Q5NjY3YzBiOTI2NzEyZWJiYmQyYTFlMmQ5MTBjNjk2MWU5M2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOYsnulUNzd9/v0jEZjr7E42rw4N
C2GchB95/pRj15DRzyhajBWLG0RqtMl813Gxgimx1JTR/ABbxYhBDXbDE9f3whdY
/noh2cpsWYU5eW2i13xr02vSjVfeGgJx3omzsQknZjKu91po7KnNI7yw4e7wivpM
bGvenT8je6LnG83TzTmk7zYj4FH1z6yYZWhZVvP6uud+qOF+MZBrriibjneI7c8i
ZdHTgHABiX5k7TzK+heEPS9Q1cGilI95si5bF0FFdTmE41EQVHcGoJhZxY6liCfk
6eVcSkvRAgMA8cxDWvtF4txHd5HdAlrODKw1dBmo64lHyOf7tsfeZPXrrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPPZZnwLkmcS67vSoeLZEMaWHpOvMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvODlsbWZBdVNaeExydTlLaDR0a1F4cFllazY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADZE4sSPqY3rEQxkptMl
HXp+FezyBlXD5Ci6dZ5xhIOGI15yyy56Z6MUbI/xRKEDbhpkm35MPpmVScJwzlsW
rqsNHsPQsorosxJudbOGC+YrbfZSlS8omO+tmhIgM7jQGTod8RyzXUwWjAdM2ADx
XwU3eGxSAF9jA1OKMrLE1kvEr6AO9RYX5qSLFKAxJPRy72zcM65pVIpWzqg+LzO5
WCevAaHuh+qeFYahD+/+/5BSnYzlqcJUbevRy+nHHr/+/HS4eCEnLgFmeQiGAF6R
6EEp2eIL6eAgh+v6yzgfm3K1SwzonTUv1eBZDnoww75IGI6fCOhBdT5tPHtP+R/D
ynk=
-----END CERTIFICATE-----
Generated at Mon Jul 1 06:11:58 2024 by rpki-client on console-ams.rpki-client.org