Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DXdsK7GuzVn8Z1AxGhLDEAIMjhw.roa
File: DXdsK7GuzVn8Z1AxGhLDEAIMjhw.roa (raw, json)
Hash identifier: qxKF37GGNbj3nNqBt4vPnfNu9jg9/LBk52NIgdNgdsg=
Subject key identifier: 0D:77:6C:2B:B1:AE:CD:59:FC:67:50:31:1A:12:C3:10:02:0C:8E:1C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903AEE4DEA574E47ACD5A5637B121DAE2D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DXdsK7GuzVn8Z1AxGhLDEAIMjhw.roa
Signing time: Fri 21 Jun 2024 13:13:34 +0000
ROA not before: Fri 21 Jun 2024 13:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 14:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:ee:4d:ea:57:4e:47:ac:d5:a5:63:7b:12:1d:ae:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 21 13:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d776c2bb1aecd59fc6750311a12c310020c8e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d5:f8:44:a4:0a:6a:1c:9b:bf:46:37:8c:da:
c8:73:9c:34:c5:44:8c:92:39:d1:2d:ae:e8:03:d3:
22:9f:4f:fd:43:15:e2:2c:2a:c8:34:8d:25:47:89:
8d:c6:92:6f:ae:3c:11:d6:a6:73:da:68:07:65:e1:
08:e1:27:aa:f8:b3:78:e1:a8:ad:3d:a2:e4:91:fe:
01:10:de:70:28:a5:bd:ab:32:40:da:7a:89:a3:d6:
89:5b:af:ec:e4:1e:87:9a:91:fd:ab:8c:22:94:b2:
52:5d:ae:97:e8:0d:51:b1:59:78:e7:0e:bb:99:cb:
1f:2d:c0:5c:9e:d2:52:c2:1b:42:98:90:fb:84:ee:
83:7a:9f:9a:44:a6:7b:fb:41:e2:32:e6:f6:e6:8c:
64:a1:dc:7f:8f:6e:a0:3c:35:e2:16:52:bc:2f:fc:
7d:6d:fd:27:de:79:19:0e:03:8d:d7:4f:af:42:53:
ab:3a:24:cf:74:fa:3e:78:cf:fc:5b:4d:3f:1e:05:
1b:3a:98:bc:52:af:bf:09:75:2d:a2:c5:86:36:d8:
9b:ee:32:55:4d:2a:98:40:33:b3:e9:18:ff:86:f6:
9b:35:85:e0:0f:b6:b9:77:bf:a0:8f:fe:ed:52:ab:
56:64:cb:7e:ce:66:4f:e0:5d:bd:b4:54:a7:91:19:
18:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:77:6C:2B:B1:AE:CD:59:FC:67:50:31:1A:12:C3:10:02:0C:8E:1C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/DXdsK7GuzVn8Z1AxGhLDEAIMjhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:4c:79:04:f8:0e:28:cd:c6:a9:b2:8d:c2:a1:16:2a:ec:52:
6b:93:d7:3e:07:22:ce:9a:50:fc:56:ff:b1:39:26:6c:ef:6d:
3a:33:a4:8a:d0:5a:39:ea:79:34:05:84:e7:03:94:44:df:68:
b7:8a:e2:3e:d4:fd:e7:b2:66:e8:2a:8c:f2:83:95:35:58:1e:
6a:24:d1:3a:5e:9e:d9:ca:6e:15:66:a4:30:3e:c6:dd:5a:4d:
d3:8e:88:85:ef:fa:00:4c:dc:ab:57:f2:1a:1e:78:8d:cc:44:
e6:56:62:fa:ed:00:81:fd:ce:90:b5:b1:3f:92:56:fd:79:ed:
c3:c9:fe:73:8f:89:11:9e:15:b7:f2:64:db:ab:02:c9:c7:60:
0e:ab:6d:cc:fa:a4:37:41:24:f4:09:93:c5:fe:b3:b1:2d:45:
32:f8:bd:db:71:37:ff:38:5a:bd:14:16:64:58:18:49:05:3f:
80:a0:ed:3c:b8:4f:4f:51:7a:81:b5:1a:74:83:61:6e:f2:b9:
de:89:81:c4:c8:53:06:bc:2a:74:95:c7:12:55:23:50:32:15:
b7:e9:a7:cb:96:aa:6d:1e:48:06:44:e7:4b:50:69:96:af:eb:
70:e5:cc:2b:84:aa:97:eb:0c:f6:7f:bc:41:5a:a8:72:f8:3a:
2b:68:52:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA67k3qV05HrNWlY3sSHa4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIxMTMxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc3NmMyYmIxYWVjZDU5ZmM2NzUwMzExYTEyYzMxMDAyMGM4ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdX4RKQKahybv0Y3jNrIc5w0xUSM
kjnRLa7oA9Min0/9QxXiLCrINI0lR4mNxpJvrjwR1qZz2mgHZeEI4Seq+LN44ait
PaLkkf4BEN5wKKW9qzJA2nqJo9aJW6/s5B6HmpH9q4wilLJSXa6X6A1RsVl45w67
mcsfLcBcntJSwhtCmJD7hO6Dep+aRKZ7+0HiMub25oxkodx/j26gPDXiFlK8L/x9
bf0n3nkZDgON10+vQlOrOiTPdPo+eM/8W00/HgUbOpi8Uq+/CXUtosWGNtib7jJV
TSqYQDOz6Rj/hvabNYXgD7a5d7+gj/7tUqtWZMt+zmZP4F29tFSnkRkYAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA13bCuxrs1Z/GdQMRoSwxACDI4cMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRFhkc0s3R3V6Vm44WjFBeEdoTERFQUlNamh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAElMeQT4DijNxqmyjcKh
FirsUmuT1z4HIs6aUPxW/7E5JmzvbTozpIrQWjnqeTQFhOcDlETfaLeK4j7U/eey
ZugqjPKDlTVYHmok0TpentnKbhVmpDA+xt1aTdOOiIXv+gBM3KtX8hoeeI3MROZW
YvrtAIH9zpC1sT+SVv157cPJ/nOPiRGeFbfyZNurAsnHYA6rbcz6pDdBJPQJk8X+
s7EtRTL4vdtxN/84Wr0UFmRYGEkFP4Cg7Ty4T09ReoG1GnSDYW7yud6JgcTIUwa8
KnSVxxJVI1AyFbfpp8uWqm0eSAZE50tQaZav63DlzCuEqpfrDPZ/vEFaqHL4Oito
Ug0=
-----END CERTIFICATE-----
Generated at Fri Jun 21 18:06:50 2024 by rpki-client on console-fra.rpki-client.org