Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8z1I36HWBYTkDvAsSkA6hXYTaIg.roa
File: 8z1I36HWBYTkDvAsSkA6hXYTaIg.roa (raw, json)
Hash identifier: XJ5NH/AgW30SVchbo6u9/UECEYNAjQvAZBCuOgr7eKo=
Subject key identifier: F3:3D:48:DF:A1:D6:05:84:E4:0E:F0:2C:4A:40:3A:85:76:13:68:88
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FBBDEA93E7B42FA12B1A50885113C68E4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8z1I36HWBYTkDvAsSkA6hXYTaIg.roa
Signing time: Mon 27 May 2024 21:04:42 +0000
ROA not before: Mon 27 May 2024 21:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:bbde:3fd9/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 27 May 2024 21:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bb:de:a9:3e:7b:42:fa:12:b1:a5:08:85:11:3c:68:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 27 21:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f33d48dfa1d60584e40ef02c4a403a8576136888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:59:88:8d:e4:b7:bc:6c:ff:b6:b4:54:10:dd:
1d:76:0b:c1:41:77:13:e6:5f:43:76:1a:2b:1f:75:
6d:81:ca:22:bc:7f:bb:c9:11:d4:df:c4:59:91:bc:
e4:26:20:86:70:0c:a7:97:1f:cc:5d:c8:79:ff:e3:
c1:79:31:2e:32:bd:ae:af:3b:62:f3:5a:bb:59:c0:
1b:d7:95:b6:7a:0c:69:80:8e:f3:a0:ed:49:c0:85:
8d:2a:e5:88:6a:11:b9:c6:45:cb:32:a2:01:87:9b:
59:7c:ce:bb:f5:d5:aa:5f:ed:db:ca:1b:46:38:e0:
6b:14:8f:fb:fa:d7:76:0a:fc:6b:70:e0:92:27:c8:
d7:b8:0a:ba:e7:8a:69:ce:f9:70:3c:1d:82:34:eb:
eb:ae:b6:01:97:95:e4:e8:fa:0f:ff:bf:72:da:75:
ea:c6:31:fb:7a:3b:4c:5e:e6:50:de:69:6c:74:42:
25:48:39:09:92:a8:4a:bf:31:cc:61:68:56:01:0f:
c3:54:36:b2:3c:23:63:66:d8:d6:3e:8c:fe:fb:b2:
f7:2c:74:16:ad:29:10:34:56:8c:d5:05:a9:91:38:
ca:e9:4d:42:63:d3:8f:0d:e5:cc:5a:c0:14:33:20:
9c:42:d4:9f:40:8b:1f:bf:c8:26:88:55:9b:ab:e4:
1f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3D:48:DF:A1:D6:05:84:E4:0E:F0:2C:4A:40:3A:85:76:13:68:88
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/8z1I36HWBYTkDvAsSkA6hXYTaIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:c4:19:05:81:a0:07:f6:ee:be:5a:62:17:aa:36:aa:fc:e7:
e4:a5:30:69:46:b2:42:16:63:42:08:c4:a8:82:42:d0:69:c7:
fa:52:b9:c1:57:36:88:72:75:9b:d1:23:32:39:ec:ab:f4:98:
9e:1f:10:b4:67:bb:a3:41:61:25:e6:85:33:55:5a:02:60:d4:
fa:c1:6e:a2:92:dd:03:72:5f:65:d5:ae:4c:c6:e1:26:27:91:
53:da:61:2c:4b:52:d6:37:bc:f5:19:93:ab:61:eb:fb:26:3b:
c9:02:80:55:c4:06:7a:52:f7:34:1b:59:b9:81:a0:ac:5f:c8:
29:a2:2a:5d:7e:f8:a5:10:d5:eb:ea:ed:e0:ee:96:77:c8:92:
cc:3a:98:19:34:7c:84:07:ba:1c:e9:18:b4:6e:c3:57:63:8a:
90:a0:73:51:89:5e:4d:43:d3:f1:ee:e9:67:5a:aa:d7:22:f4:
bd:fa:31:f8:2a:73:62:63:83:23:12:92:3f:3b:06:e8:a8:12:
85:27:9f:cb:8d:b5:45:0d:be:c0:d1:50:17:fd:bc:fa:a4:f3:
2e:36:1d:51:be:24:e2:81:55:29:18:ee:07:6a:1e:c9:07:a2:
69:fa:84:7f:b7:58:03:5e:1e:a7:e4:e3:5a:a3:d7:0c:f5:dd:
37:2b:d5:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+73qk+e0L6ErGlCIURPGjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI3MjEwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNkNDhkZmExZDYwNTg0ZTQwZWYwMmM0YTQwM2E4NTc2MTM2ODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplmIjeS3vGz/trRUEN0ddgvBQXcT
5l9DdhorH3VtgcoivH+7yRHU38RZkbzkJiCGcAynlx/MXch5/+PBeTEuMr2urzti
81q7WcAb15W2egxpgI7zoO1JwIWNKuWIahG5xkXLMqIBh5tZfM679dWqX+3byhtG
OOBrFI/7+td2CvxrcOCSJ8jXuAq654ppzvlwPB2CNOvrrrYBl5Xk6PoP/79y2nXq
xjH7ejtMXuZQ3mlsdEIlSDkJkqhKvzHMYWhWAQ/DVDayPCNjZtjWPoz++7L3LHQW
rSkQNFaM1QWpkTjK6U1CY9OPDeXMWsAUMyCcQtSfQIsfv8gmiFWbq+QfJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPM9SN+h1gWE5A7wLEpAOoV2E2iIMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOHoxSTM2SFdCWVRrRHZBc1NrQTZoWFlUYUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbEGQWBoAf27r5aYheq
Nqr85+SlMGlGskIWY0IIxKiCQtBpx/pSucFXNohydZvRIzI57Kv0mJ4fELRnu6NB
YSXmhTNVWgJg1PrBbqKS3QNyX2XVrkzG4SYnkVPaYSxLUtY3vPUZk6th6/smO8kC
gFXEBnpS9zQbWbmBoKxfyCmiKl1++KUQ1evq7eDulnfIksw6mBk0fIQHuhzpGLRu
w1djipCgc1GJXk1D0/Hu6Wdaqtci9L36Mfgqc2JjgyMSkj87BuioEoUnn8uNtUUN
vsDRUBf9vPqk8y42HVG+JOKBVSkY7gdqHskHomn6hH+3WANeHqfk41qj1wz13Tcr
1bA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org