Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EH9Zjer8OMPX88hoaw-yuAl46W4.roa
File: EH9Zjer8OMPX88hoaw-yuAl46W4.roa (raw, json)
Hash identifier: Rzq/9AkWjYOLCtTumfWNeGAuuHKCUCqTWWfBjntX+xI=
Subject key identifier: 10:7F:59:8D:EA:FC:38:C3:D7:F3:C8:68:6B:0F:B2:B8:09:78:E9:6E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907813BFAFCF755BCF3F8F18E30EBCCBE9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EH9Zjer8OMPX88hoaw-yuAl46W4.roa
Signing time: Wed 03 Jul 2024 10:11:18 +0000
ROA not before: Wed 03 Jul 2024 10:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jul 2024 11:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:13:bf:af:cf:75:5b:cf:3f:8f:18:e3:0e:bc:cb:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 3 10:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=107f598deafc38c3d7f3c8686b0fb2b80978e96e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:94:e5:71:8c:ab:03:3b:50:e7:dc:b1:83:75:
6b:89:cd:92:1b:8f:94:c4:53:82:90:c3:87:8a:f0:
69:1d:9c:dc:74:e1:e2:b5:77:c0:5c:78:17:4a:ba:
a5:76:85:46:f0:9b:27:d6:c6:ed:10:29:7f:b7:28:
4a:7d:25:61:2a:de:33:b9:8f:94:0d:7d:9e:6a:67:
24:46:26:f8:bd:3d:01:19:c6:57:2b:1a:b6:d5:6e:
f8:94:9b:32:4b:5b:2a:7e:6f:ca:51:17:32:04:84:
39:f6:b1:c2:9e:a4:d5:28:73:30:4b:eb:d7:a3:49:
2d:63:d6:f6:ac:66:47:8d:a3:3d:9a:cb:24:9d:8a:
2e:56:77:78:10:32:a1:a7:f6:89:b5:9b:7c:c5:45:
c6:af:92:4a:fb:1c:3f:74:79:89:27:9c:34:68:e5:
a6:c5:8b:da:e7:ce:86:2f:c4:92:1c:64:42:57:4e:
78:8e:2a:81:3d:8e:27:8d:a7:62:46:f4:a9:d6:a8:
fb:62:20:b3:76:ee:a1:4f:81:ab:fb:f3:89:a8:a3:
6e:7e:d4:0c:d7:66:80:84:b8:55:1a:32:55:0e:62:
92:60:ca:cf:ec:ab:a6:f7:52:f9:9e:ba:64:8a:61:
61:7a:72:18:aa:e0:6f:b2:b7:2e:48:01:e0:33:94:
a9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7F:59:8D:EA:FC:38:C3:D7:F3:C8:68:6B:0F:B2:B8:09:78:E9:6E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/EH9Zjer8OMPX88hoaw-yuAl46W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:46:0b:3f:f2:b3:84:6e:52:21:0e:18:dd:e0:2d:0e:77:dc:
f3:4a:06:47:1a:f7:da:56:a4:66:f0:03:e6:a8:23:17:80:56:
bf:c8:a3:45:4a:88:7d:8e:12:e0:bb:d0:d1:b3:e3:7e:94:39:
c2:2d:1e:4b:22:6a:42:23:ba:da:e6:f9:e1:c5:ae:4f:e6:c3:
f0:ae:30:38:83:15:83:4b:30:0a:8a:3c:48:c5:9e:4b:ff:22:
57:bb:df:af:a2:d3:f6:be:b7:e5:26:95:84:64:22:3f:e3:65:
48:c5:93:39:78:e8:89:f2:28:db:61:b5:92:64:50:df:1e:82:
71:8b:14:1c:99:f3:45:e7:62:65:b0:84:10:a7:e4:6c:f1:9b:
2e:4c:d6:5f:1f:a8:b2:5d:c0:88:51:dc:14:0a:3d:68:c0:ca:
42:8f:0a:3c:df:5b:45:8e:d5:d1:80:10:34:13:fe:df:9c:4f:
ad:d4:d4:da:22:0c:e6:96:80:1b:3a:1d:0d:19:cc:fd:b3:4a:
70:5c:e1:fa:a4:c2:4a:ae:c8:1f:76:8f:da:40:04:dd:b3:f6:
78:69:b4:59:1e:ed:21:32:3c:37:4b:1f:8f:66:d7:25:d3:03:
be:b2:15:1b:e3:33:83:56:7f:bb:a8:09:53:39:99:c7:01:75:
e7:c3:12:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB4E7+vz3Vbzz+PGOMOvMvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAzMTAxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdmNTk4ZGVhZmMzOGMzZDdmM2M4Njg2YjBmYjJiODA5NzhlOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5TlcYyrAztQ59yxg3Vric2SG4+U
xFOCkMOHivBpHZzcdOHitXfAXHgXSrqldoVG8Jsn1sbtECl/tyhKfSVhKt4zuY+U
DX2eamckRib4vT0BGcZXKxq21W74lJsyS1sqfm/KURcyBIQ59rHCnqTVKHMwS+vX
o0ktY9b2rGZHjaM9mssknYouVnd4EDKhp/aJtZt8xUXGr5JK+xw/dHmJJ5w0aOWm
xYva586GL8SSHGRCV054jiqBPY4njadiRvSp1qj7YiCzdu6hT4Gr+/OJqKNuftQM
12aAhLhVGjJVDmKSYMrP7Kum91L5nrpkimFhenIYquBvsrcuSAHgM5SpRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBB/WY3q/DjD1/PIaGsPsrgJeOluMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRUg5WmplcjhPTVBYODhob2F3LXl1QWw0Nlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZGCz/ys4RuUiEOGN3g
LQ533PNKBkca99pWpGbwA+aoIxeAVr/Io0VKiH2OEuC70NGz436UOcItHksiakIj
utrm+eHFrk/mw/CuMDiDFYNLMAqKPEjFnkv/Ile736+i0/a+t+UmlYRkIj/jZUjF
kzl46InyKNthtZJkUN8egnGLFByZ80XnYmWwhBCn5Gzxmy5M1l8fqLJdwIhR3BQK
PWjAykKPCjzfW0WO1dGAEDQT/t+cT63U1NoiDOaWgBs6HQ0ZzP2zSnBc4fqkwkqu
yB92j9pABN2z9nhptFke7SEyPDdLH49m1yXTA76yFRvjM4NWf7uoCVM5mccBdefD
EqY=
-----END CERTIFICATE-----
Generated at Wed Jul 3 12:43:04 2024 by rpki-client on console-ams.rpki-client.org