Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HzunkFCBgeAD1ViT6OGL2xTlDhM.roa
File: HzunkFCBgeAD1ViT6OGL2xTlDhM.roa (raw, json)
Hash identifier: JeQ2h7A+vwwJ+g7hFejqQMgdsYaR8Gc2akVZMyzfMl0=
Subject key identifier: 1F:3B:A7:90:50:81:81:E0:03:D5:58:93:E8:E1:8B:DB:14:E5:0E:13
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907738068F2CA532C4E92A1F35998F993F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HzunkFCBgeAD1ViT6OGL2xTlDhM.roa
Signing time: Wed 03 Jul 2024 06:11:18 +0000
ROA not before: Wed 03 Jul 2024 06:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jul 2024 07:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:38:06:8f:2c:a5:32:c4:e9:2a:1f:35:99:8f:99:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 3 06:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f3ba790508181e003d55893e8e18bdb14e50e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:30:8a:17:d8:42:6f:d5:38:0e:c0:3c:8f:d9:
ae:89:4c:a5:c7:11:e3:8a:8c:4f:a7:e1:71:0f:dc:
33:b8:bc:d1:41:70:8f:5d:f2:92:d0:49:3c:08:cc:
06:47:db:3e:62:84:0c:81:2d:3a:7d:02:b9:8c:80:
08:3d:e3:00:13:a3:2f:73:8e:f7:33:07:e9:87:cf:
2f:1e:61:53:41:a6:d5:61:1a:47:b0:1e:82:63:ed:
40:7c:74:83:5b:54:c2:86:f6:bb:7c:a5:54:70:d3:
16:05:bf:0d:30:eb:8a:2d:26:3f:8d:74:77:a6:60:
89:1d:0b:1a:35:b5:f8:f5:95:5f:34:e7:46:6f:9c:
50:66:48:35:f9:4d:38:b7:7d:29:c0:c8:7a:69:6d:
e5:a5:c7:77:9d:a5:e9:52:75:08:02:74:2c:cb:35:
0a:3f:7b:c4:3e:f0:95:7d:05:e8:be:8e:8e:ec:c4:
f6:94:fb:90:52:a6:37:92:95:1d:5e:fa:c2:b9:84:
68:99:38:72:3d:e4:bf:21:a8:4c:5d:6c:d0:04:b9:
bf:31:87:88:93:7d:dd:32:2a:4f:0b:da:9d:77:a6:
74:97:39:e3:b8:53:6a:63:5b:98:e1:9b:22:48:ae:
8e:91:8e:0d:7a:dc:70:2c:b8:06:58:d1:67:c9:aa:
fa:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3B:A7:90:50:81:81:E0:03:D5:58:93:E8:E1:8B:DB:14:E5:0E:13
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HzunkFCBgeAD1ViT6OGL2xTlDhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:ef:f7:57:05:52:37:5d:6b:dd:44:20:9a:38:2b:91:c8:73:
24:2e:39:bf:be:0e:7d:b5:93:03:92:df:13:38:e3:c6:c5:ad:
88:f5:cf:67:be:87:65:4a:46:f4:f7:88:1b:60:de:53:7a:24:
fd:72:6d:02:41:b4:98:0a:be:80:8d:da:4e:86:13:2b:d6:85:
a8:a9:06:31:ae:5d:34:0a:63:c2:9c:2b:c5:df:cb:13:66:82:
ef:83:b8:8f:5d:20:af:c2:8b:ae:32:3b:78:97:5d:77:ae:9e:
47:5c:b3:eb:b0:fa:9d:ba:97:9b:30:27:c2:94:4e:f3:7a:d0:
a6:14:b3:8a:f6:61:93:25:7a:62:6b:0c:03:a8:e8:02:6a:2f:
93:45:72:a4:bc:ed:cd:e9:dd:6a:68:0b:7e:3f:6f:d3:a0:0e:
86:f3:ef:da:17:de:35:96:3a:44:46:6f:a1:93:5b:ad:26:19:
df:e3:62:76:6d:d9:e9:e2:cb:26:fd:8c:50:4f:ec:a0:7d:34:
4a:d3:5e:1b:61:f5:e6:12:df:60:36:3b:1c:61:99:5b:04:91:
9f:e8:4b:f8:08:ad:73:b8:ea:4d:35:95:06:f6:d9:89:bd:b2:
45:c7:de:77:ac:47:8c:92:20:a9:bf:60:c3:6a:fa:64:8d:0d:
8a:9e:28:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB3OAaPLKUyxOkqHzWZj5k/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAzMDYxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNiYTc5MDUwODE4MWUwMDNkNTU4OTNlOGUxOGJkYjE0ZTUwZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDCKF9hCb9U4DsA8j9muiUylxxHj
ioxPp+FxD9wzuLzRQXCPXfKS0Ek8CMwGR9s+YoQMgS06fQK5jIAIPeMAE6Mvc473
Mwfph88vHmFTQabVYRpHsB6CY+1AfHSDW1TChva7fKVUcNMWBb8NMOuKLSY/jXR3
pmCJHQsaNbX49ZVfNOdGb5xQZkg1+U04t30pwMh6aW3lpcd3naXpUnUIAnQsyzUK
P3vEPvCVfQXovo6O7MT2lPuQUqY3kpUdXvrCuYRomThyPeS/IahMXWzQBLm/MYeI
k33dMipPC9qdd6Z0lznjuFNqY1uY4ZsiSK6OkY4NetxwLLgGWNFnyar60wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB87p5BQgYHgA9VYk+jhi9sU5Q4TMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSHp1bmtGQ0JnZUFEMVZpVDZPR0wyeFRsRGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEnv91cFUjdda91EIJo4
K5HIcyQuOb++Dn21kwOS3xM448bFrYj1z2e+h2VKRvT3iBtg3lN6JP1ybQJBtJgK
voCN2k6GEyvWhaipBjGuXTQKY8KcK8XfyxNmgu+DuI9dIK/Ci64yO3iXXXeunkdc
s+uw+p26l5swJ8KUTvN60KYUs4r2YZMlemJrDAOo6AJqL5NFcqS87c3p3WpoC34/
b9OgDobz79oX3jWWOkRGb6GTW60mGd/jYnZt2eniyyb9jFBP7KB9NErTXhth9eYS
32A2OxxhmVsEkZ/oS/gIrXO46k01lQb22Ym9skXH3nesR4ySIKm/YMNq+mSNDYqe
KJo=
-----END CERTIFICATE-----
Generated at Wed Jul 3 08:36:45 2024 by rpki-client on console-fra.rpki-client.org