Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AfIqwHrzylXSIYdME4qDP0KLqvc.roa
File: AfIqwHrzylXSIYdME4qDP0KLqvc.roa (raw, json)
Hash identifier: VxdEtSvKX34mOw2mKZhO5X6n5aFo40+BwJWjKoXJdRo=
Subject key identifier: 01:F2:2A:C0:7A:F3:CA:55:D2:21:87:4C:13:8A:83:3F:42:8B:AA:F7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019023BEF13BAFA62E614BA751D4000C62C7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AfIqwHrzylXSIYdME4qDP0KLqvc.roa
Signing time: Mon 17 Jun 2024 01:10:34 +0000
ROA not before: Mon 17 Jun 2024 01:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Jun 2024 02:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:23:be:f1:3b:af:a6:2e:61:4b:a7:51:d4:00:0c:62:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 17 01:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01f22ac07af3ca55d221874c138a833f428baaf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b8:00:08:ec:51:40:b7:ab:79:5d:92:e6:57:
26:96:a5:ce:b9:82:ba:ed:bb:d8:a7:40:e7:5b:51:
cd:37:9c:ea:b1:e0:e0:69:12:21:d1:f6:10:53:65:
ed:e5:47:35:a7:3a:8f:93:e0:3d:67:9e:d5:f5:49:
89:f3:12:4e:23:80:3d:6d:e0:6d:0b:ad:22:d5:2e:
79:2a:6e:09:4c:a5:91:21:d1:9c:1a:d8:16:68:fd:
7a:d7:33:32:fb:0f:8c:b3:6e:d2:d6:88:b7:49:ff:
34:f6:b7:a4:82:10:3c:c9:5a:9c:79:3a:54:a2:d4:
2f:bc:0d:a4:b4:ed:05:c4:61:f8:e2:c9:8b:7f:0b:
20:ec:da:cc:7e:c2:ed:ce:f1:7d:0b:f8:cd:40:3c:
09:2e:f4:e2:7c:0a:05:09:4d:0a:b4:6f:9e:dd:15:
58:0f:9b:f2:88:7b:da:7a:42:21:64:25:74:bf:7c:
fe:29:c3:2d:1e:f0:6a:8a:0d:91:1b:df:50:5f:32:
4b:0f:a0:e4:83:0d:8c:d5:59:e8:d0:5f:37:21:9e:
4f:38:23:1a:c1:19:fe:2f:03:f7:e7:56:f8:3f:d5:
6c:46:8f:57:3c:97:1d:d9:48:cd:85:f0:c8:fe:50:
46:7f:42:46:5f:4d:24:18:45:8f:2b:c3:a8:55:e1:
e8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F2:2A:C0:7A:F3:CA:55:D2:21:87:4C:13:8A:83:3F:42:8B:AA:F7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AfIqwHrzylXSIYdME4qDP0KLqvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:12:16:5b:48:08:b5:0b:9a:48:20:5f:94:8b:bc:a4:6c:e5:
24:0c:98:d5:b6:e2:a9:bc:e2:e4:12:03:6a:b4:6d:a0:89:c9:
75:a9:93:58:92:da:b7:ab:2b:98:4b:2f:f3:84:23:a5:67:bc:
6c:4a:6e:20:98:76:55:92:6a:99:b0:31:e5:21:28:cf:ab:57:
eb:62:37:f6:f2:68:2c:7a:78:4c:59:98:70:bd:e2:05:ca:3c:
61:dc:22:0a:25:61:10:28:8f:29:c2:db:ad:41:b1:bf:da:63:
b2:a4:89:c9:f7:a6:33:3c:fd:4f:50:e5:cb:d9:20:1c:6b:30:
07:60:83:20:d1:d9:c4:8c:74:4d:cc:97:72:28:12:fe:ef:8e:
a3:f8:77:07:61:4d:ec:1a:87:93:a7:73:c2:a6:62:c9:a5:9c:
96:00:1d:54:07:e9:b9:8f:ce:67:20:c5:99:c8:58:8d:aa:6d:
19:a5:34:29:d2:20:b6:99:a4:37:c1:39:ba:27:36:b1:6f:a9:
9f:f0:a9:0f:e6:2f:b7:80:ee:21:11:09:ed:17:f8:ae:43:95:
8b:49:85:8f:67:42:95:4e:33:c2:7e:89:73:e3:94:e5:a4:d8:
ca:54:14:a3:c5:c6:27:17:11:48:d9:09:fc:60:8a:ca:53:f7:
7b:40:6f:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAjvvE7r6YuYUunUdQADGLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE3MDExMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWYyMmFjMDdhZjNjYTU1ZDIyMTg3NGMxMzhhODMzZjQyOGJhYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLgACOxRQLereV2S5lcmlqXOuYK6
7bvYp0DnW1HNN5zqseDgaRIh0fYQU2Xt5Uc1pzqPk+A9Z57V9UmJ8xJOI4A9beBt
C60i1S55Km4JTKWRIdGcGtgWaP161zMy+w+Ms27S1oi3Sf809rekghA8yVqceTpU
otQvvA2ktO0FxGH44smLfwsg7NrMfsLtzvF9C/jNQDwJLvTifAoFCU0KtG+e3RVY
D5vyiHvaekIhZCV0v3z+KcMtHvBqig2RG99QXzJLD6Dkgw2M1Vno0F83IZ5POCMa
wRn+LwP351b4P9VsRo9XPJcd2UjNhfDI/lBGf0JGX00kGEWPK8OoVeHojwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAHyKsB688pV0iGHTBOKgz9Ci6r3MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQWZJcXdIcnp5bFhTSVlkTUU0cURQMEtMcXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgSFltICLULmkggX5SL
vKRs5SQMmNW24qm84uQSA2q0baCJyXWpk1iS2rerK5hLL/OEI6VnvGxKbiCYdlWS
apmwMeUhKM+rV+tiN/byaCx6eExZmHC94gXKPGHcIgolYRAojynC261Bsb/aY7Kk
icn3pjM8/U9Q5cvZIBxrMAdggyDR2cSMdE3Ml3IoEv7vjqP4dwdhTewah5Onc8Km
YsmlnJYAHVQH6bmPzmcgxZnIWI2qbRmlNCnSILaZpDfBObonNrFvqZ/wqQ/mL7eA
7iERCe0X+K5DlYtJhY9nQpVOM8J+iXPjlOWk2MpUFKPFxicXEUjZCfxgispT93tA
b44=
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:59:03 2024 by rpki-client on console-ams.rpki-client.org