Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AAE3Id3Mp4HwabRKSkcEg2I43RA.roa
File: AAE3Id3Mp4HwabRKSkcEg2I43RA.roa (raw, json)
Hash identifier: ihZiLVNvxpdUqtQuzy2uKplUhJohvEXOAaNwR+rZfDw=
Subject key identifier: 00:01:37:21:DD:CC:A7:81:F0:69:B4:4A:4A:47:04:83:62:38:DD:10
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FCEFDC1B33BA5EEF777066F3F772699DB
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AAE3Id3Mp4HwabRKSkcEg2I43RA.roa
Signing time: Fri 31 May 2024 14:11:27 +0000
ROA not before: Fri 31 May 2024 14:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 May 2024 15:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:fd:c1:b3:3b:a5:ee:f7:77:06:6f:3f:77:26:99:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 31 14:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00013721ddcca781f069b44a4a4704836238dd10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:28:5a:4b:0e:30:cb:19:dd:75:5d:60:ef:71:
d1:1f:ab:2d:95:d7:2e:33:45:e3:ab:ef:2e:8b:b5:
0e:bd:52:04:7b:8b:48:d8:60:12:66:62:5f:44:e8:
11:6d:d0:4b:35:aa:f1:e2:fa:ad:55:f3:2c:8f:f7:
d7:36:52:39:e6:15:9d:39:b8:41:69:81:df:f2:b8:
01:fc:40:45:6b:0f:3e:d6:af:2c:51:3f:e2:f8:d4:
d5:a8:07:2f:5c:14:60:4b:40:0c:3b:24:e0:2e:cb:
c2:c5:76:2e:5c:38:be:97:62:62:c0:a1:b5:43:c3:
16:52:a5:33:57:97:95:e6:1d:77:0f:e7:11:91:e8:
85:4d:b5:b0:34:fb:d4:c0:be:89:6c:b7:b2:b0:35:
bd:d7:2e:c8:b3:45:41:d2:e5:b3:c1:de:6d:69:ef:
bb:8f:3e:19:27:53:b0:4d:c9:4b:4f:09:e2:05:04:
e2:b8:9d:67:ce:86:c2:32:26:29:08:97:8e:0c:39:
c6:b7:8e:dc:98:21:9e:54:e1:cb:59:62:94:de:79:
c9:81:c5:b5:1a:4a:3b:6e:e6:5b:da:3b:48:83:a3:
46:1c:3e:29:81:1b:f1:ae:2b:7a:87:02:26:6c:21:
07:16:8d:b1:83:93:97:5c:45:ad:9e:77:c9:b2:d4:
6e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:01:37:21:DD:CC:A7:81:F0:69:B4:4A:4A:47:04:83:62:38:DD:10
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AAE3Id3Mp4HwabRKSkcEg2I43RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:cf:f1:2d:ec:9c:d8:ef:bb:4b:96:18:c2:49:d7:2b:81:ca:
ee:b2:d7:ff:0b:5e:e8:85:99:aa:e0:f3:2d:4f:03:1e:97:c4:
90:1f:0e:ea:ed:67:6f:4b:89:e7:51:70:9b:21:7c:67:a4:f4:
3b:89:5b:7c:50:dd:ee:b7:8b:32:3f:18:ac:a8:d8:3b:66:de:
bf:0f:05:3d:bd:f6:e2:8d:31:56:77:9b:b2:76:48:6f:d3:9d:
12:64:86:ca:96:e5:23:88:ad:f4:10:4f:0c:53:10:38:61:21:
c4:54:49:1a:fb:d4:c1:3c:7f:da:9e:b5:da:fa:2e:00:89:d9:
1f:28:98:67:04:5f:5e:ce:31:f1:6f:38:4d:5c:ca:4b:57:93:
b5:d6:75:8b:c0:50:66:07:3a:d8:90:66:c8:ec:a5:3b:c1:53:
6a:5f:0e:87:77:2d:0c:89:a3:a5:3b:19:11:95:48:c7:e5:b0:
f9:31:1b:5e:39:e3:fe:7f:de:fc:3f:14:bf:b0:85:34:37:30:
f2:2a:e8:ac:11:c9:d2:34:f0:00:53:64:f0:4f:05:13:f3:aa:
0f:73:83:5b:c6:a9:d2:93:0f:93:a6:db:ee:63:77:55:5b:2c:
91:53:b6:9e:d5:5c:4a:c6:d7:49:28:84:5c:a7:23:8e:9c:8c:
d0:6b:79:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/O/cGzO6Xu93cGbz93JpnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMxMTQxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDAxMzcyMWRkY2NhNzgxZjA2OWI0NGE0YTQ3MDQ4MzYyMzhkZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqihaSw4wyxnddV1g73HRH6stldcu
M0Xjq+8ui7UOvVIEe4tI2GASZmJfROgRbdBLNarx4vqtVfMsj/fXNlI55hWdObhB
aYHf8rgB/EBFaw8+1q8sUT/i+NTVqAcvXBRgS0AMOyTgLsvCxXYuXDi+l2JiwKG1
Q8MWUqUzV5eV5h13D+cRkeiFTbWwNPvUwL6JbLeysDW91y7Is0VB0uWzwd5tae+7
jz4ZJ1OwTclLTwniBQTiuJ1nzobCMiYpCJeODDnGt47cmCGeVOHLWWKU3nnJgcW1
Gko7buZb2jtIg6NGHD4pgRvxrit6hwImbCEHFo2xg5OXXEWtnnfJstRuSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAABNyHdzKeB8Gm0SkpHBINiON0QMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQUFFM0lkM01wNEh3YWJSS1NrY0VnMkk0M1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFnP8S3snNjvu0uWGMJJ
1yuByu6y1/8LXuiFmarg8y1PAx6XxJAfDurtZ29LiedRcJshfGek9DuJW3xQ3e63
izI/GKyo2Dtm3r8PBT299uKNMVZ3m7J2SG/TnRJkhsqW5SOIrfQQTwxTEDhhIcRU
SRr71ME8f9qetdr6LgCJ2R8omGcEX17OMfFvOE1cyktXk7XWdYvAUGYHOtiQZsjs
pTvBU2pfDod3LQyJo6U7GRGVSMflsPkxG1454/5/3vw/FL+whTQ3MPIq6KwRydI0
8ABTZPBPBRPzqg9zg1vGqdKTD5Om2+5jd1VbLJFTtp7VXErG10kohFynI46cjNBr
ecw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org