Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dKb2GRXYVA6sYG5-uFRT68bEBA.roa
File: 8dKb2GRXYVA6sYG5-uFRT68bEBA.roa (raw, json)
Hash identifier: DmTDpkJDIEvnbBzFzEIj7GAT+RJhqQVoi1NO9hN9xWk=
Subject key identifier: F1:D2:9B:D8:64:57:61:50:3A:B1:81:B9:FA:E1:51:4F:AF:1B:10:10
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190272DD8BA33D42CAC50BC0916E339A35C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dKb2GRXYVA6sYG5-uFRT68bEBA.roa
Signing time: Mon 17 Jun 2024 17:10:34 +0000
ROA not before: Mon 17 Jun 2024 17:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Jun 2024 18:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:27:2d:d8:ba:33:d4:2c:ac:50:bc:09:16:e3:39:a3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 17 17:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1d29bd8645761503ab181b9fae1514faf1b1010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a8:87:68:1c:c0:46:66:ff:50:73:c7:41:98:
53:1e:3f:9b:b8:97:8f:32:34:f9:35:35:8e:a0:4a:
b3:04:79:2c:fc:2a:dd:50:94:97:eb:97:2c:01:9e:
fb:e7:9c:f2:af:4b:09:f8:98:ca:1a:fb:9a:a4:be:
b6:5c:ab:89:aa:b6:15:2e:61:10:9d:98:05:e5:a3:
1c:dc:1d:8f:ff:3b:35:e5:7d:3e:f8:23:36:55:30:
07:dd:7c:5e:39:dd:8f:71:13:2a:be:67:0e:2d:21:
94:94:75:f4:51:c9:8e:a2:62:44:58:33:ad:58:55:
59:31:73:04:7b:ba:13:8f:2a:bc:f1:2b:97:d6:ac:
20:40:51:fc:42:58:aa:9e:32:34:c8:9a:92:f3:a3:
3e:03:97:b8:3c:ee:9c:b9:5d:d9:39:67:e2:94:4f:
dc:61:f3:6a:a1:8c:8f:31:70:07:53:3e:2b:61:18:
0f:63:0a:17:63:dc:2a:ce:47:bf:6b:e7:82:b2:e9:
6a:86:dc:d5:c0:42:1e:70:e8:70:17:6a:e4:f3:5d:
cb:52:0e:8d:2e:b4:76:93:e1:9a:f0:5a:97:02:41:
51:70:42:67:f0:5e:18:a8:ee:18:4a:ff:1c:c5:35:
e5:67:e6:89:9b:68:9a:70:f4:6d:97:36:fa:23:0d:
65:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D2:9B:D8:64:57:61:50:3A:B1:81:B9:FA:E1:51:4F:AF:1B:10:10
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8dKb2GRXYVA6sYG5-uFRT68bEBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:e2:70:aa:dd:2c:a0:46:eb:f5:d9:1b:b5:05:b9:d8:73:2f:
10:05:2a:10:01:3f:dd:8a:b8:fd:49:d1:5c:b2:35:63:3e:e1:
79:0d:dd:ee:c2:61:fe:0e:2d:fd:b0:e4:3e:42:62:b9:12:ef:
88:c0:c9:27:b9:28:9e:72:b3:7f:36:82:63:4d:bf:42:a1:fb:
9e:ec:cf:72:b4:ea:2b:b1:78:fb:4f:cc:3c:f1:16:14:e2:b1:
7f:49:51:02:79:70:31:c8:4c:2d:54:a0:15:a6:70:d6:41:bf:
5f:f7:0b:7b:62:21:da:7a:49:77:10:9e:50:f2:c9:d5:5a:0d:
72:12:b4:31:77:f3:c3:bf:ba:ce:ba:48:2e:44:2e:09:a8:00:
54:63:03:1f:5b:04:14:c6:ab:c0:64:7d:84:1c:4f:4a:11:73:
a6:d1:d6:e5:78:19:a2:0a:8f:f0:87:7d:62:9d:bb:3d:00:dc:
08:10:45:ff:f7:73:10:be:6f:09:21:8d:fb:38:08:8c:47:d7:
2a:2a:54:45:d2:fd:76:45:22:cc:48:0a:76:24:2b:d6:65:e2:
7a:87:da:ae:da:04:e1:85:e0:05:9c:52:01:53:3a:f0:e3:e1:
e5:51:f1:03:ed:33:e6:2e:b6:36:b0:ce:6d:9e:8f:ac:46:1b:
48:3b:37:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAnLdi6M9QsrFC8CRbjOaNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE3MTcxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQyOWJkODY0NTc2MTUwM2FiMTgxYjlmYWUxNTE0ZmFmMWIxMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqiHaBzARmb/UHPHQZhTHj+buJeP
MjT5NTWOoEqzBHks/CrdUJSX65csAZ7755zyr0sJ+JjKGvuapL62XKuJqrYVLmEQ
nZgF5aMc3B2P/zs15X0++CM2VTAH3XxeOd2PcRMqvmcOLSGUlHX0UcmOomJEWDOt
WFVZMXMEe7oTjyq88SuX1qwgQFH8QliqnjI0yJqS86M+A5e4PO6cuV3ZOWfilE/c
YfNqoYyPMXAHUz4rYRgPYwoXY9wqzke/a+eCsulqhtzVwEIecOhwF2rk813LUg6N
LrR2k+Ga8FqXAkFRcEJn8F4YqO4YSv8cxTXlZ+aJm2iacPRtlzb6Iw1lGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPHSm9hkV2FQOrGBufrhUU+vGxAQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOGRLYjJHUlhZVkE2c1lHNS11RlJUNjhiRUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG3icKrdLKBG6/XZG7UF
udhzLxAFKhABP92KuP1J0VyyNWM+4XkN3e7CYf4OLf2w5D5CYrkS74jAySe5KJ5y
s382gmNNv0Kh+57sz3K06iuxePtPzDzxFhTisX9JUQJ5cDHITC1UoBWmcNZBv1/3
C3tiIdp6SXcQnlDyydVaDXIStDF388O/us66SC5ELgmoAFRjAx9bBBTGq8BkfYQc
T0oRc6bR1uV4GaIKj/CHfWKduz0A3AgQRf/3cxC+bwkhjfs4CIxH1yoqVEXS/XZF
IsxICnYkK9Zl4nqH2q7aBOGF4AWcUgFTOvDj4eVR8QPtM+Yutjawzm2ej6xGG0g7
N44=
-----END CERTIFICATE-----
Generated at Mon Jun 17 23:34:44 2024 by rpki-client on console-ams.rpki-client.org