Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AswYTFrm6O9YE6xROuUSFNqpuGQ.roa
File: AswYTFrm6O9YE6xROuUSFNqpuGQ.roa (raw, json)
Hash identifier: 3XGBFajHaglaaKJdoVkwfg3qmJOQ2t8fE0MB9FrCcFY=
Subject key identifier: 02:CC:18:4C:5A:E6:E8:EF:58:13:AC:51:3A:E5:12:14:DA:A9:B8:64
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD67E88FF2B6116A8A69CC5BA4576ECF0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AswYTFrm6O9YE6xROuUSFNqpuGQ.roa
Signing time: Sun 02 Jun 2024 01:09:27 +0000
ROA not before: Sun 02 Jun 2024 01:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 02:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d6:7e:88:ff:2b:61:16:a8:a6:9c:c5:ba:45:76:ec:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 01:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02cc184c5ae6e8ef5813ac513ae51214daa9b864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e8:29:bb:34:39:33:0d:3e:c2:2b:e0:9a:54:
76:63:54:e8:56:d6:ef:f6:9e:a8:ae:50:78:b3:58:
49:e4:91:b3:b3:87:36:5b:4d:f7:84:11:cc:ae:63:
4f:d7:bb:47:fa:8b:24:84:89:f3:1d:96:4d:89:c3:
f1:42:16:6e:51:85:fe:72:fd:85:59:f7:f6:cd:69:
69:9c:fd:4c:93:65:41:a6:15:4b:5b:af:60:51:da:
ff:e7:ff:e7:86:c8:8e:69:19:be:d5:b3:72:f3:c8:
bf:e5:32:95:b5:6c:f4:51:06:df:b1:9c:b5:77:23:
92:fa:60:e3:d9:41:30:69:1e:92:1c:fa:65:73:00:
b6:dd:18:b7:da:8f:e4:b2:06:be:4b:dd:db:d9:0b:
e7:ea:a7:74:5e:e9:71:62:15:67:83:b0:4f:aa:26:
57:e7:6b:b0:6b:7b:49:fa:f1:6a:f6:6c:ed:ea:47:
eb:96:40:b1:c3:41:ba:9f:23:e6:12:81:62:65:12:
cb:70:c6:bb:73:39:f2:87:58:09:af:5f:d7:b4:27:
78:c3:63:83:b8:62:b9:b2:df:1a:26:7d:9a:aa:d7:
97:e2:6e:83:36:ec:91:3b:be:e2:12:77:dc:13:e2:
1e:6c:8b:fe:83:2b:a1:6a:96:26:a3:76:80:30:00:
92:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CC:18:4C:5A:E6:E8:EF:58:13:AC:51:3A:E5:12:14:DA:A9:B8:64
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/AswYTFrm6O9YE6xROuUSFNqpuGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:d9:15:97:d6:c2:72:0f:19:7d:df:87:cf:44:19:63:51:17:
1f:dc:1f:35:38:80:cc:73:02:9e:4d:d7:18:2c:39:50:dc:7c:
11:a7:d7:73:3d:89:b4:01:19:9e:44:bd:de:4c:00:16:01:71:
6f:17:31:fc:13:2f:68:fb:fa:2b:fe:fc:14:0e:1f:ab:89:ab:
b0:0c:a0:dd:7c:1f:cf:ec:34:14:f8:42:78:68:58:f3:78:68:
a3:11:20:a4:bc:23:4c:59:f4:d6:32:1b:5f:9a:55:48:82:db:
f5:f6:cc:81:68:5a:e6:af:67:84:ba:30:58:ff:0c:f6:bd:7e:
a1:99:6f:f5:80:e2:ea:99:f7:46:1c:19:78:2e:f9:fe:c9:99:
a7:98:b7:eb:12:84:31:af:84:60:a9:fe:56:0b:f5:24:0c:14:
01:8b:f4:32:5e:c0:86:f8:be:cb:ac:7c:46:d0:9a:91:de:6c:
12:be:79:d7:09:77:99:05:37:9a:99:1e:32:14:19:b6:7f:43:
6f:5a:ad:1c:14:c2:62:de:45:28:ad:1c:08:d3:4d:5d:cb:76:
33:31:da:fd:48:88:07:be:7e:f8:c4:db:55:f9:2b:fa:72:fa:
5a:fd:74:7a:29:02:1f:f6:a8:80:87:52:60:ad:aa:fa:84:54:
a3:79:0e:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/Wfoj/K2EWqKacxbpFduzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMDEwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmNjMTg0YzVhZTZlOGVmNTgxM2FjNTEzYWU1MTIxNGRhYTliODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmugpuzQ5Mw0+wivgmlR2Y1ToVtbv
9p6orlB4s1hJ5JGzs4c2W033hBHMrmNP17tH+oskhInzHZZNicPxQhZuUYX+cv2F
Wff2zWlpnP1Mk2VBphVLW69gUdr/5//nhsiOaRm+1bNy88i/5TKVtWz0UQbfsZy1
dyOS+mDj2UEwaR6SHPplcwC23Ri32o/ksga+S93b2Qvn6qd0XulxYhVng7BPqiZX
52uwa3tJ+vFq9mzt6kfrlkCxw0G6nyPmEoFiZRLLcMa7cznyh1gJr1/XtCd4w2OD
uGK5st8aJn2aqteX4m6DNuyRO77iEnfcE+IebIv+gyuhapYmo3aAMACSewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFALMGExa5ujvWBOsUTrlEhTaqbhkMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQXN3WVRGcm02TzlZRTZ4Uk91VVNGTnFwdUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE/ZFZfWwnIPGX3fh89E
GWNRFx/cHzU4gMxzAp5N1xgsOVDcfBGn13M9ibQBGZ5Evd5MABYBcW8XMfwTL2j7
+iv+/BQOH6uJq7AMoN18H8/sNBT4QnhoWPN4aKMRIKS8I0xZ9NYyG1+aVUiC2/X2
zIFoWuavZ4S6MFj/DPa9fqGZb/WA4uqZ90YcGXgu+f7JmaeYt+sShDGvhGCp/lYL
9SQMFAGL9DJewIb4vsusfEbQmpHebBK+edcJd5kFN5qZHjIUGbZ/Q29arRwUwmLe
RSitHAjTTV3LdjMx2v1IiAe+fvjE21X5K/py+lr9dHopAh/2qICHUmCtqvqEVKN5
Dqw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org