Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IGiqFP0FLnQTBZUptr8qmPniZKg.roa
File: IGiqFP0FLnQTBZUptr8qmPniZKg.roa (raw, json)
Hash identifier: l8045BVVFeM25z7ZNjobHmVpiPDpDsEPMmBIG7LA08g=
Subject key identifier: 20:68:AA:14:FD:05:2E:74:13:05:95:29:B6:BF:2A:98:F9:E2:64:A8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01905698953A02F7D3FF7659E6B94F626871
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IGiqFP0FLnQTBZUptr8qmPniZKg.roa
Signing time: Wed 26 Jun 2024 22:09:18 +0000
ROA not before: Wed 26 Jun 2024 22:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jun 2024 23:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:56:98:95:3a:02:f7:d3:ff:76:59:e6:b9:4f:62:68:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 26 22:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2068aa14fd052e7413059529b6bf2a98f9e264a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3f:10:d0:ce:12:99:23:75:75:1c:df:20:8f:
78:62:88:0d:55:2c:eb:17:ad:47:8d:5f:a3:6c:4b:
ed:47:bd:c8:27:7d:d7:de:84:e9:27:0e:8c:e6:fd:
c7:12:6c:59:ce:cb:1f:07:b6:01:f2:ec:26:69:22:
4a:c0:2c:0c:1d:a0:3b:f2:02:2d:d8:6c:d3:e2:15:
97:c7:8b:54:60:8d:d3:5c:71:51:45:34:9b:17:9e:
c5:3d:72:53:1d:d4:54:5f:85:74:c3:7d:54:ab:c6:
53:25:94:9d:10:dd:eb:98:fd:0c:21:3b:a3:9b:3a:
ed:69:89:05:36:ef:6f:0d:31:06:75:bb:a3:c2:49:
64:18:0a:8e:13:67:a1:fb:6c:6a:9b:29:26:3d:2e:
5c:f1:fc:df:54:b7:48:cd:e8:7a:2b:b6:1a:01:31:
32:76:9d:15:0e:3a:12:9c:3f:c6:c4:7e:43:34:a7:
8d:5b:b0:78:ac:b5:27:63:d4:d7:b8:db:2e:1e:b5:
2e:85:7d:b2:b7:70:b5:59:9d:a8:38:50:e0:8a:63:
43:1c:9b:4a:3e:74:be:1d:01:b6:01:30:37:4f:cb:
70:1b:ee:f6:2e:22:66:52:45:9b:33:6c:e2:e3:0f:
86:bf:b6:93:b7:9b:59:e7:13:8c:fd:d9:d4:69:f9:
89:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:68:AA:14:FD:05:2E:74:13:05:95:29:B6:BF:2A:98:F9:E2:64:A8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IGiqFP0FLnQTBZUptr8qmPniZKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:d3:8f:fe:34:f8:d9:ab:74:5b:66:e3:09:f2:ad:4c:78:90:
76:af:b6:ea:f4:f7:a3:81:09:d2:29:e4:f4:11:c3:9b:e1:ba:
1a:95:6a:81:ad:9c:7e:b1:56:b2:03:a8:0f:a1:31:f5:95:0c:
52:87:c1:71:eb:ba:59:c9:db:7c:b1:21:74:bb:24:9b:9d:38:
08:35:e5:00:60:46:27:2e:28:5b:4a:92:2d:e6:26:c4:43:b3:
2c:f3:ef:04:cc:35:97:ae:78:9c:93:a4:53:64:bf:b7:6a:37:
52:1a:4e:02:52:a9:3e:6d:0c:14:43:bc:e4:19:fb:22:90:d4:
d5:e6:52:b4:c0:c2:07:ad:18:65:15:64:35:73:2f:b1:0a:d4:
15:b9:58:8a:3a:e1:32:1a:50:32:c5:66:c1:f9:6a:41:f6:53:
30:d7:48:11:f6:d2:cd:bb:46:ad:05:bf:cf:ab:57:e3:51:cb:
38:55:cb:ab:1d:40:45:c3:2b:3c:9e:d8:4e:02:a4:0f:a8:8a:
24:d3:ce:df:16:02:02:a9:90:0c:88:33:35:de:65:02:60:19:
3a:86:d6:de:87:6b:a1:c5:ad:ac:65:5b:ef:b9:cb:83:12:d6:
bd:1b:ac:17:73:e8:13:a2:44:ff:fe:f7:ee:2e:d2:c2:e2:0c:
98:27:50:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBWmJU6AvfT/3ZZ5rlPYmhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI2MjIwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY4YWExNGZkMDUyZTc0MTMwNTk1MjliNmJmMmE5OGY5ZTI2NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz8Q0M4SmSN1dRzfII94YogNVSzr
F61HjV+jbEvtR73IJ33X3oTpJw6M5v3HEmxZzssfB7YB8uwmaSJKwCwMHaA78gIt
2GzT4hWXx4tUYI3TXHFRRTSbF57FPXJTHdRUX4V0w31Uq8ZTJZSdEN3rmP0MITuj
mzrtaYkFNu9vDTEGdbujwklkGAqOE2eh+2xqmykmPS5c8fzfVLdIzeh6K7YaATEy
dp0VDjoSnD/GxH5DNKeNW7B4rLUnY9TXuNsuHrUuhX2yt3C1WZ2oOFDgimNDHJtK
PnS+HQG2ATA3T8twG+72LiJmUkWbM2zi4w+Gv7aTt5tZ5xOM/dnUafmJJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCBoqhT9BS50EwWVKba/Kpj54mSoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSUdpcUZQMEZMblFUQlpVcHRyOHFtUG5pWktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADvTj/40+NmrdFtm4wny
rUx4kHavtur096OBCdIp5PQRw5vhuhqVaoGtnH6xVrIDqA+hMfWVDFKHwXHrulnJ
23yxIXS7JJudOAg15QBgRicuKFtKki3mJsRDsyzz7wTMNZeueJyTpFNkv7dqN1Ia
TgJSqT5tDBRDvOQZ+yKQ1NXmUrTAwgetGGUVZDVzL7EK1BW5WIo64TIaUDLFZsH5
akH2UzDXSBH20s27Rq0Fv8+rV+NRyzhVy6sdQEXDKzye2E4CpA+oiiTTzt8WAgKp
kAyIMzXeZQJgGTqG1t6Ha6HFraxlW++5y4MS1r0brBdz6BOiRP/+9+4u0sLiDJgn
UI0=
-----END CERTIFICATE-----
Generated at Thu Jun 27 01:55:04 2024 by rpki-client on console-fra.rpki-client.org