Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BVh7djWBZWQNHrzFBAN-upocpj0.roa
File: BVh7djWBZWQNHrzFBAN-upocpj0.roa (raw, json)
Hash identifier: IMKX4conBrkmfjwAGsky/aoqWYMTfJfhkBKRDe/+Oc0=
Subject key identifier: 05:58:7B:76:35:81:65:64:0D:1E:BC:C5:04:03:7E:BA:9A:1C:A6:3D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190434BBA2A85571E26C2828685E1D1868E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BVh7djWBZWQNHrzFBAN-upocpj0.roa
Signing time: Sun 23 Jun 2024 04:12:34 +0000
ROA not before: Sun 23 Jun 2024 04:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Jun 2024 05:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:43:4b:ba:2a:85:57:1e:26:c2:82:86:85:e1:d1:86:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 04:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05587b76358165640d1ebcc504037eba9a1ca63d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9f:cd:1c:a2:ae:85:5c:bb:ad:4f:2b:b0:95:
17:88:93:c1:c3:e6:09:51:98:fa:6a:f4:7f:7d:91:
c7:13:bb:42:11:3e:65:30:a8:35:5b:99:37:0f:97:
4b:57:00:83:1f:23:e9:bb:17:d7:9f:ea:17:e5:a4:
11:5e:a8:02:cb:88:26:f1:c7:13:58:1e:08:74:98:
b6:72:40:7c:fb:79:f3:3e:5c:ea:54:45:bc:04:17:
7c:73:bf:b4:29:b1:5c:9d:01:67:4f:58:c9:58:61:
08:f1:53:97:d4:5c:73:c8:be:b9:6a:40:6b:4a:9e:
63:f2:7c:51:a3:86:40:12:16:00:34:3d:c7:51:f4:
25:f9:23:7c:ed:0c:14:d8:65:fb:21:e7:4d:ae:1c:
59:ec:19:46:6a:4d:b7:0d:6b:69:e6:26:ca:15:a5:
86:86:65:ec:b5:68:ee:4c:54:91:1a:22:b9:d3:9a:
9d:8d:e9:1d:38:bb:40:ef:bf:4c:aa:d5:18:1b:5e:
c3:ff:c3:c2:b1:2c:b6:dc:ae:8a:ed:39:1e:ac:78:
ec:ff:ef:e1:72:22:a7:f4:e5:bb:6b:5f:73:bf:51:
f9:a1:bf:ee:73:3e:a0:9d:3b:76:28:78:c5:ab:95:
5b:92:b9:67:f0:c6:b5:60:c2:a4:7e:e6:b8:5c:ac:
c6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:58:7B:76:35:81:65:64:0D:1E:BC:C5:04:03:7E:BA:9A:1C:A6:3D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BVh7djWBZWQNHrzFBAN-upocpj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:23:5c:23:61:59:b2:f9:d3:7e:d0:be:25:36:4b:93:7f:d1:
99:b8:91:70:27:79:29:ca:ab:04:c0:0c:7b:55:f1:33:63:f0:
8e:04:8d:c2:79:40:04:16:e8:3c:d0:69:3f:97:6f:61:03:8c:
d8:57:4d:83:95:75:0f:06:38:f9:c4:87:0a:f4:21:95:ad:aa:
29:f7:9d:21:18:3d:d7:50:8f:aa:71:54:df:41:21:da:69:f3:
71:f0:d1:2f:7c:f7:8f:f8:66:61:eb:76:ff:53:6b:d0:b0:6d:
76:f9:e7:e1:d2:3a:6c:85:80:9b:92:7e:cc:25:27:2a:68:72:
3c:70:86:61:66:0b:37:5c:13:9a:41:cb:56:46:94:ce:19:1a:
76:3a:1b:99:28:a3:8f:0a:0a:56:70:1a:6c:2f:5f:fe:99:68:
6f:4d:de:9e:a1:39:9a:11:ef:1a:61:aa:a2:64:ca:7e:4c:31:
5e:c2:1f:9b:cb:a0:9a:2c:a1:76:ce:2b:aa:d1:bd:35:fb:ba:
d3:c5:d0:ea:d7:c4:04:0d:50:ea:82:8a:a1:a8:2b:98:76:95:
f0:47:08:e2:60:80:70:ba:1e:09:c3:9f:f9:6d:b2:24:81:32:
72:6c:68:7b:0d:96:ef:c3:18:db:7a:25:29:e5:09:9f:85:40:
54:4d:92:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBDS7oqhVceJsKChoXh0YaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMDQxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTU4N2I3NjM1ODE2NTY0MGQxZWJjYzUwNDAzN2ViYTlhMWNhNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55/NHKKuhVy7rU8rsJUXiJPBw+YJ
UZj6avR/fZHHE7tCET5lMKg1W5k3D5dLVwCDHyPpuxfXn+oX5aQRXqgCy4gm8ccT
WB4IdJi2ckB8+3nzPlzqVEW8BBd8c7+0KbFcnQFnT1jJWGEI8VOX1FxzyL65akBr
Sp5j8nxRo4ZAEhYAND3HUfQl+SN87QwU2GX7IedNrhxZ7BlGak23DWtp5ibKFaWG
hmXstWjuTFSRGiK505qdjekdOLtA779MqtUYG17D/8PCsSy23K6K7TkerHjs/+/h
ciKn9OW7a19zv1H5ob/ucz6gnTt2KHjFq5Vbkrln8Ma1YMKkfua4XKzGqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAVYe3Y1gWVkDR68xQQDfrqaHKY9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQlZoN2RqV0JaV1FOSHJ6RkJBTi11cG9jcGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABwjXCNhWbL5037QviU2
S5N/0Zm4kXAneSnKqwTADHtV8TNj8I4EjcJ5QAQW6DzQaT+Xb2EDjNhXTYOVdQ8G
OPnEhwr0IZWtqin3nSEYPddQj6pxVN9BIdpp83Hw0S9894/4ZmHrdv9Ta9CwbXb5
5+HSOmyFgJuSfswlJypocjxwhmFmCzdcE5pBy1ZGlM4ZGnY6G5koo48KClZwGmwv
X/6ZaG9N3p6hOZoR7xphqqJkyn5MMV7CH5vLoJosoXbOK6rRvTX7utPF0OrXxAQN
UOqCiqGoK5h2lfBHCOJggHC6HgnDn/ltsiSBMnJsaHsNlu/DGNt6JSnlCZ+FQFRN
kpQ=
-----END CERTIFICATE-----
Generated at Sun Jun 23 05:39:16 2024 by rpki-client on console-fra.rpki-client.org