Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9XB_4Fw-Z36gkH8RtkBjXXKaVQM.roa
File: 9XB_4Fw-Z36gkH8RtkBjXXKaVQM.roa (raw, json)
Hash identifier: D/aoGKTKdhMOr+dnEDxROCzmdpZwTNHrLxbKs4a96xQ=
Subject key identifier: F5:70:7F:E0:5C:3E:67:7E:A0:90:7F:11:B6:40:63:5D:72:9A:55:03
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01902162B103B531B62F3637E3AE0CF17E1A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9XB_4Fw-Z36gkH8RtkBjXXKaVQM.roa
Signing time: Sun 16 Jun 2024 14:10:34 +0000
ROA not before: Sun 16 Jun 2024 14:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Jun 2024 15:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:21:62:b1:03:b5:31:b6:2f:36:37:e3:ae:0c:f1:7e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 14:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5707fe05c3e677ea0907f11b640635d729a5503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7f:0e:f4:34:91:f6:e8:58:b3:b9:35:73:25:
a7:e8:cd:c7:96:d3:5b:0b:93:8f:9c:3c:8e:8f:c8:
a0:bd:02:b6:e4:73:32:fe:13:77:b2:04:62:55:23:
d1:1f:8a:5e:20:b0:e8:29:de:c2:30:c3:0d:72:95:
cd:7a:d3:06:31:b3:3a:c9:fd:5b:f6:aa:2f:bf:02:
8f:a7:10:86:f7:1c:57:e6:69:42:55:b7:77:8c:56:
e9:09:82:1b:b9:b1:c3:64:56:87:e5:2c:fc:d8:de:
21:8d:90:ec:2a:4c:b4:4d:26:74:1d:dc:d1:42:d9:
4d:f2:8f:e7:96:f6:98:47:f2:5a:6a:03:a5:67:b5:
4c:63:52:7a:18:ce:e9:9a:10:ef:3c:e0:f7:a5:60:
50:8c:a0:12:8f:e4:e1:2b:25:b2:f1:61:ae:2e:45:
19:1c:d4:d2:49:9f:96:43:29:0e:f6:45:21:ba:5a:
f2:25:ca:29:6f:bf:32:1b:ac:7b:be:97:c1:09:15:
f3:19:d2:d6:65:ef:9f:ea:d4:ec:6c:b9:cc:82:cc:
3a:c3:90:0d:72:51:2a:26:02:6f:3e:bf:37:09:6d:
9c:43:c3:d4:9c:70:b7:c5:1e:f8:4e:f7:1d:83:9d:
60:0f:85:2d:4c:bf:ec:86:66:f8:f2:7b:d1:51:59:
5b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:70:7F:E0:5C:3E:67:7E:A0:90:7F:11:B6:40:63:5D:72:9A:55:03
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9XB_4Fw-Z36gkH8RtkBjXXKaVQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:e6:c4:b6:95:a0:10:43:d3:44:fc:af:00:d8:11:db:5c:f1:
50:d1:03:5e:d0:99:b1:aa:4a:56:4a:45:d2:69:43:ae:c1:73:
56:87:4a:8a:24:ee:aa:24:8c:4f:f5:77:fd:08:5b:bf:62:f3:
e0:33:e1:76:c0:9d:f1:96:f9:8d:40:e4:81:66:48:1f:ca:f3:
91:16:2b:e0:d7:f2:92:73:96:90:a2:cd:2e:2f:a2:52:4c:6a:
a5:05:f3:1b:31:59:11:55:6d:ed:97:75:9f:5b:37:e1:79:df:
32:8c:aa:e3:5a:f3:82:4e:7f:a1:fc:6c:ae:a7:f4:45:5d:e6:
ea:cf:47:ba:ed:75:57:e8:de:4d:c2:1d:00:90:2e:07:cf:1d:
f8:ca:5d:72:36:6f:76:0d:36:a5:b2:75:d9:15:2a:81:0c:c8:
65:aa:b8:6c:b8:98:8b:13:0d:c0:9d:5b:9b:9a:24:d4:1c:4b:
42:aa:0d:27:61:fb:87:73:f3:d4:41:58:b4:ea:c5:16:53:57:
71:08:96:0a:e7:f6:a7:a4:52:98:e9:de:4b:2d:e5:d1:16:d1:
32:b7:36:59:60:a4:d0:cf:a2:84:9c:38:d3:85:92:37:07:15:
ca:9c:37:75:66:d8:a9:9d:6d:06:33:16:ff:19:51:db:cd:87:
7b:f5:56:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAhYrEDtTG2LzY3464M8X4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MTQxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTcwN2ZlMDVjM2U2NzdlYTA5MDdmMTFiNjQwNjM1ZDcyOWE1NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzX8O9DSR9uhYs7k1cyWn6M3HltNb
C5OPnDyOj8igvQK25HMy/hN3sgRiVSPRH4peILDoKd7CMMMNcpXNetMGMbM6yf1b
9qovvwKPpxCG9xxX5mlCVbd3jFbpCYIbubHDZFaH5Sz82N4hjZDsKky0TSZ0HdzR
QtlN8o/nlvaYR/JaagOlZ7VMY1J6GM7pmhDvPOD3pWBQjKASj+ThKyWy8WGuLkUZ
HNTSSZ+WQykO9kUhulryJcopb78yG6x7vpfBCRXzGdLWZe+f6tTsbLnMgsw6w5AN
clEqJgJvPr83CW2cQ8PUnHC3xR74Tvcdg51gD4UtTL/shmb48nvRUVlbUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPVwf+BcPmd+oJB/EbZAY11ymlUDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOVhCXzRGdy1aMzZna0g4UnRrQmpYWEthVlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA3mxLaVoBBD00T8rwDY
Edtc8VDRA17QmbGqSlZKRdJpQ67Bc1aHSook7qokjE/1d/0IW79i8+Az4XbAnfGW
+Y1A5IFmSB/K85EWK+DX8pJzlpCizS4volJMaqUF8xsxWRFVbe2XdZ9bN+F53zKM
quNa84JOf6H8bK6n9EVd5urPR7rtdVfo3k3CHQCQLgfPHfjKXXI2b3YNNqWyddkV
KoEMyGWquGy4mIsTDcCdW5uaJNQcS0KqDSdh+4dz89RBWLTqxRZTV3EIlgrn9qek
Upjp3kst5dEW0TK3NllgpNDPooScONOFkjcHFcqcN3Vm2KmdbQYzFv8ZUdvNh3v1
VjI=
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:59:12 2024 by rpki-client on console-fra.rpki-client.org