Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IOydn4cPbELvPg3_TH8272y_2Gw.roa
File: IOydn4cPbELvPg3_TH8272y_2Gw.roa (raw, json)
Hash identifier: Q4oPXoS5vXe9wEuyvR2zPek/3RLBOAR9uvWtKurti50=
Subject key identifier: 20:EC:9D:9F:87:0F:6C:42:EF:3E:0D:FF:4C:7F:36:EF:6C:BF:D8:6C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF7F7DEE74D7BC4888A4C1321E338BF1F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IOydn4cPbELvPg3_TH8272y_2Gw.roa
Signing time: Sat 08 Jun 2024 13:09:27 +0000
ROA not before: Sat 08 Jun 2024 13:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 08 Jun 2024 14:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f7:f7:de:e7:4d:7b:c4:88:8a:4c:13:21:e3:38:bf:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 8 13:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20ec9d9f870f6c42ef3e0dff4c7f36ef6cbfd86c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1e:f2:16:62:ce:c1:a5:49:21:c6:e0:2c:09:
13:b9:89:08:29:82:b5:74:16:1d:10:26:89:ca:13:
e7:80:c5:e6:bc:43:a3:85:68:e3:78:0d:b2:55:41:
94:be:e6:c1:da:78:c3:f3:5b:4d:9f:de:d2:fa:d8:
f9:30:bb:4c:08:0b:ec:38:1c:41:a0:1b:d7:4c:c6:
f4:5c:34:4b:14:24:7d:55:7d:c3:3d:07:b6:d9:9b:
08:5b:39:d3:7d:ff:ae:15:8a:03:3b:ea:53:6b:f1:
1d:53:6b:01:6e:43:9f:d3:54:4e:e0:51:24:53:99:
c2:03:d9:2c:67:10:26:43:27:46:c4:a0:49:38:a6:
64:7a:05:1d:9b:3d:04:7e:57:aa:65:f2:53:40:79:
a7:9c:bf:26:50:94:a7:58:4c:f5:73:d2:90:a2:47:
f9:d7:47:3c:9b:c3:f1:36:e5:b0:d6:9a:13:f8:40:
76:13:95:4f:6d:b3:be:c9:03:bc:a0:c0:7e:84:b8:
71:bf:6e:bc:b5:3c:fb:95:25:18:5f:77:63:41:e8:
b8:e3:e9:22:2a:9e:c5:58:ae:b4:47:2e:f7:45:8b:
9c:6e:51:90:06:8d:68:9c:00:de:fc:ad:3b:e5:88:
7d:48:5b:5a:a7:56:98:d8:1f:77:27:e8:a3:1c:54:
cf:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:EC:9D:9F:87:0F:6C:42:EF:3E:0D:FF:4C:7F:36:EF:6C:BF:D8:6C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IOydn4cPbELvPg3_TH8272y_2Gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:9b:c5:2b:88:07:1a:31:89:ee:a9:a9:e5:ae:70:12:85:e8:
0a:53:b4:33:48:72:31:6e:cb:42:e7:4e:b1:79:1f:da:9e:63:
ee:e9:fa:b3:ee:9c:5e:f4:2b:76:3e:d9:0c:36:01:a2:b3:41:
bd:b3:65:8c:91:e6:22:19:83:f1:5a:9e:ad:ba:cb:35:49:8e:
04:3f:90:63:1f:3f:2b:63:6b:c4:8f:eb:fb:87:d8:69:34:17:
65:0b:e9:48:f8:7a:65:52:d6:a8:bd:36:61:7f:62:26:7c:c9:
7e:c6:9b:ae:19:f7:13:25:b2:94:c5:b9:b5:46:e6:cf:e3:c1:
e4:36:d8:41:02:93:28:c2:db:a0:0e:04:b5:64:bb:55:a7:b6:
53:49:98:3e:93:b4:81:04:7d:39:fd:a1:e4:aa:41:dc:a5:45:
c7:eb:5b:15:42:a8:12:4d:4c:61:20:25:cc:d9:ed:b8:86:d7:
64:cf:da:d0:40:5b:a2:51:b3:9c:84:4d:84:8f:4c:e9:c6:9f:
7a:75:4c:8d:3b:c7:78:ad:23:cf:4b:9e:f4:c3:38:b0:57:e1:
18:98:a7:c7:51:11:e9:97:71:d7:af:8e:7b:0f:e5:f1:f2:5b:
c8:d3:7c:66:3e:74:6e:c9:da:b5:f2:80:79:ac:74:1c:f3:e5:
1d:7a:db:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/3997nTXvEiIpMEyHjOL8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA4MTMwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGVjOWQ5Zjg3MGY2YzQyZWYzZTBkZmY0YzdmMzZlZjZjYmZkODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR7yFmLOwaVJIcbgLAkTuYkIKYK1
dBYdECaJyhPngMXmvEOjhWjjeA2yVUGUvubB2njD81tNn97S+tj5MLtMCAvsOBxB
oBvXTMb0XDRLFCR9VX3DPQe22ZsIWznTff+uFYoDO+pTa/EdU2sBbkOf01RO4FEk
U5nCA9ksZxAmQydGxKBJOKZkegUdmz0EfleqZfJTQHmnnL8mUJSnWEz1c9KQokf5
10c8m8PxNuWw1poT+EB2E5VPbbO+yQO8oMB+hLhxv268tTz7lSUYX3djQei44+ki
Kp7FWK60Ry73RYucblGQBo1onADe/K075Yh9SFtap1aY2B93J+ijHFTPWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCDsnZ+HD2xC7z4N/0x/Nu9sv9hsMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSU95ZG40Y1BiRUx2UGczX1RIODI3MnlfMkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAECbxSuIBxoxie6pqeWu
cBKF6ApTtDNIcjFuy0LnTrF5H9qeY+7p+rPunF70K3Y+2Qw2AaKzQb2zZYyR5iIZ
g/Fanq26yzVJjgQ/kGMfPytja8SP6/uH2Gk0F2UL6Uj4emVS1qi9NmF/YiZ8yX7G
m64Z9xMlspTFubVG5s/jweQ22EECkyjC26AOBLVku1WntlNJmD6TtIEEfTn9oeSq
QdylRcfrWxVCqBJNTGEgJczZ7biG12TP2tBAW6JRs5yETYSPTOnGn3p1TI07x3it
I89LnvTDOLBX4RiYp8dREemXcdevjnsP5fHyW8jTfGY+dG7J2rXygHmsdBzz5R16
22U=
-----END CERTIFICATE-----
Generated at Sat Jun 8 16:45:58 2024 by rpki-client on console-fra.rpki-client.org