Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CKg_idrRrl9UHVSwI-P4iPNoQhA.roa
File: CKg_idrRrl9UHVSwI-P4iPNoQhA.roa (raw, json)
Hash identifier: 2C9kvpWrWPcrf3BqQWrE+jpOuQXZo4S/uqfzf2oIBhE=
Subject key identifier: 08:A8:3F:89:DA:D1:AE:5F:54:1D:54:B0:23:E3:F8:88:F3:68:42:10
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019022AE1CEBE62BFB3B9053AC79F133071A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CKg_idrRrl9UHVSwI-P4iPNoQhA.roa
Signing time: Sun 16 Jun 2024 20:12:34 +0000
ROA not before: Sun 16 Jun 2024 20:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Jun 2024 21:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:22:ae:1c:eb:e6:2b:fb:3b:90:53:ac:79:f1:33:07:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 16 20:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08a83f89dad1ae5f541d54b023e3f888f3684210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:36:9a:e9:cd:88:44:5c:15:43:7b:ca:4d:38:
b2:2c:98:9a:1a:f1:88:c1:c2:b8:e6:dc:10:55:fe:
d0:45:39:15:a5:a8:93:08:f0:d8:7d:cf:91:6a:2c:
00:0c:2d:94:5c:49:68:bf:88:cd:b4:d3:35:2a:a8:
33:71:30:f5:80:5f:0d:f2:54:f4:b5:54:49:28:c5:
15:b9:13:ad:5c:74:8e:e8:2b:92:54:76:59:f5:a2:
8d:e9:0b:df:55:2b:ce:4e:c3:4b:64:30:71:7d:f7:
b2:cf:51:03:63:22:ab:ca:98:f6:f7:50:5f:b8:08:
0c:d9:25:e4:0e:1e:b3:0d:fa:b3:f6:d7:d8:88:56:
49:59:d2:94:f2:69:1b:40:ba:0e:97:b3:c6:23:65:
c2:0a:a1:c8:07:dd:db:0f:07:2d:32:8d:41:86:da:
15:79:8d:7f:d8:c1:5a:5a:5d:ff:61:ad:ef:dc:59:
39:d9:1e:b7:e4:2d:71:d0:da:ca:75:d7:2e:21:f3:
d5:e4:42:a2:67:4d:13:de:59:57:a7:99:7a:bc:02:
e8:27:13:af:1a:fa:b2:89:b8:81:e5:99:93:80:a0:
45:95:4b:3b:26:fc:5a:65:78:13:f7:e8:2b:2e:9c:
0c:7b:e1:5b:5f:cc:a4:69:c5:4e:ac:2f:fb:24:b2:
fd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A8:3F:89:DA:D1:AE:5F:54:1D:54:B0:23:E3:F8:88:F3:68:42:10
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/CKg_idrRrl9UHVSwI-P4iPNoQhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:c7:c7:e7:64:5e:ec:d2:26:39:63:ba:9f:9e:28:e4:db:3c:
a9:9c:3f:22:e5:fc:66:e3:e5:a5:f2:0b:c5:89:12:cb:c9:23:
0f:30:26:0b:b3:b4:db:54:07:a3:49:1b:1a:1e:01:2f:e2:0b:
e3:1e:e3:15:03:a4:12:cb:84:19:dc:39:eb:06:ec:4c:94:74:
04:e8:11:d4:47:dc:78:d0:cc:80:f6:00:90:7f:58:e5:52:53:
f5:0a:2a:b1:e5:20:9c:40:f5:46:67:ce:65:11:51:54:fb:3a:
2b:06:77:31:32:b1:12:9c:34:51:72:24:79:d7:29:91:6e:fd:
7f:3f:1b:06:80:1b:43:04:7a:e9:be:39:50:85:4b:1a:42:8e:
99:41:c5:f7:82:04:34:7e:9c:4f:6f:fe:07:81:12:6e:e5:8f:
b1:e9:b1:9d:02:03:be:a8:e8:47:79:33:df:00:43:64:1a:06:
09:a7:64:5b:d9:5f:6f:fa:27:1a:7b:0d:98:5c:33:c6:e7:31:
0e:b7:76:0c:94:63:b2:3c:6c:4b:4e:29:57:06:1b:71:27:54:
76:97:f0:f1:f9:7a:30:9a:e4:a8:c1:e1:b5:a9:3b:a0:1a:5a:
38:58:5c:0f:41:c1:4d:ac:ba:4f:b3:a4:35:d7:99:8a:86:b0:
71:0f:5d:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAirhzr5iv7O5BTrHnxMwcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE2MjAxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE4M2Y4OWRhZDFhZTVmNTQxZDU0YjAyM2UzZjg4OGYzNjg0MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzaa6c2IRFwVQ3vKTTiyLJiaGvGI
wcK45twQVf7QRTkVpaiTCPDYfc+RaiwADC2UXElov4jNtNM1KqgzcTD1gF8N8lT0
tVRJKMUVuROtXHSO6CuSVHZZ9aKN6QvfVSvOTsNLZDBxffeyz1EDYyKrypj291Bf
uAgM2SXkDh6zDfqz9tfYiFZJWdKU8mkbQLoOl7PGI2XCCqHIB93bDwctMo1BhtoV
eY1/2MFaWl3/Ya3v3Fk52R635C1x0NrKddcuIfPV5EKiZ00T3llXp5l6vALoJxOv
GvqyibiB5ZmTgKBFlUs7JvxaZXgT9+grLpwMe+FbX8ykacVOrC/7JLL9MwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAioP4na0a5fVB1UsCPj+IjzaEIQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQ0tnX2lkclJybDlVSFZTd0ktUDRpUE5vUWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAnHx+dkXuzSJjljup+e
KOTbPKmcPyLl/Gbj5aXyC8WJEsvJIw8wJguztNtUB6NJGxoeAS/iC+Me4xUDpBLL
hBncOesG7EyUdAToEdRH3HjQzID2AJB/WOVSU/UKKrHlIJxA9UZnzmURUVT7OisG
dzEysRKcNFFyJHnXKZFu/X8/GwaAG0MEeum+OVCFSxpCjplBxfeCBDR+nE9v/geB
Em7lj7HpsZ0CA76o6Ed5M98AQ2QaBgmnZFvZX2/6Jxp7DZhcM8bnMQ63dgyUY7I8
bEtOKVcGG3EnVHaX8PH5ejCa5KjB4bWpO6AaWjhYXA9BwU2suk+zpDXXmYqGsHEP
Xao=
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:42:07 2024 by rpki-client on console-fra.rpki-client.org