Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IR7-Zza9xtGs_XSWeCoDAbbv-zE.roa
File: IR7-Zza9xtGs_XSWeCoDAbbv-zE.roa (raw, json)
Hash identifier: +SCWf/Nk1gWe57SF+470oPVoKTKzMWlE6CuwEBZHIR4=
Subject key identifier: 21:1E:FE:67:36:BD:C6:D1:AC:FD:74:96:78:2A:03:01:B6:EF:FB:31
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FDB010309F1710EFD86C5B19CBC8BD20B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IR7-Zza9xtGs_XSWeCoDAbbv-zE.roa
Signing time: Sun 02 Jun 2024 22:10:27 +0000
ROA not before: Sun 02 Jun 2024 22:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 23:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:db:01:03:09:f1:71:0e:fd:86:c5:b1:9c:bc:8b:d2:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 22:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=211efe6736bdc6d1acfd7496782a0301b6effb31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:95:12:fb:b1:9b:10:12:a4:dc:d7:cd:0f:a1:
9e:8c:39:33:c0:74:98:ff:2e:88:48:21:a6:a4:df:
bc:aa:5d:b2:43:53:74:9f:9a:e2:8d:6e:a9:f5:d3:
9b:e6:bd:68:df:ac:5c:25:02:30:9a:ac:1c:84:88:
8b:21:40:01:85:02:6a:51:1b:f0:f8:94:35:d4:7c:
c0:ad:4b:50:a4:de:41:f2:27:51:bf:cf:78:f5:6e:
63:59:fe:9c:3b:3d:d7:a7:f5:f3:e1:1b:db:2f:e1:
5f:cc:c6:15:c0:0f:aa:98:27:3b:15:b2:e7:5f:6a:
50:41:da:ec:6f:75:ab:e3:f0:15:c7:ce:0e:2a:aa:
ae:d0:b6:07:0e:26:db:cb:04:c1:9b:c7:7a:64:94:
df:b1:96:5b:00:10:b1:48:ee:eb:29:b0:7f:4a:9d:
91:54:54:06:f8:e4:43:e0:0e:f4:33:85:01:9c:4d:
31:8c:2f:e6:dd:76:81:d6:39:52:a0:07:e8:1a:11:
af:f8:c8:96:21:c5:25:bd:03:93:b9:5b:77:3e:40:
1a:eb:ee:7c:85:21:13:cb:3d:fc:ed:a2:77:6f:e6:
9c:71:b4:e4:59:d7:0b:a9:8e:72:7e:dc:82:89:46:
06:ef:85:64:5a:1d:72:0d:99:04:3c:cf:c5:c5:b3:
76:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:1E:FE:67:36:BD:C6:D1:AC:FD:74:96:78:2A:03:01:B6:EF:FB:31
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/IR7-Zza9xtGs_XSWeCoDAbbv-zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:bf:68:0c:1f:d5:c4:8c:da:e0:d3:64:ee:0f:95:32:ba:bc:
52:e4:2a:e7:82:8f:e6:1a:62:be:4e:d4:b6:08:7c:5a:64:ed:
4a:64:21:05:09:e8:39:03:a3:0d:43:b0:6f:a6:2a:7f:1d:78:
9f:c4:75:51:68:78:cf:12:a4:ab:a8:0f:b0:29:22:d7:13:28:
03:d0:3c:d5:20:8c:04:5c:01:ee:a4:8f:9b:ba:4a:98:2d:47:
43:c0:6b:fb:fc:a0:64:50:8e:f3:a4:37:74:1f:9c:57:05:fb:
d8:5d:0a:58:fd:ea:6f:86:40:fe:a9:c5:2d:13:3a:14:b5:ee:
77:11:f5:eb:0f:d9:74:0a:60:c6:45:ee:53:46:d9:c8:10:8f:
b2:7c:2e:37:c6:62:9b:60:81:b2:b2:d6:4b:31:f4:76:db:7b:
45:b7:1a:4e:7f:f9:f7:0d:09:7f:bd:e0:52:c8:48:26:e9:c2:
79:21:8e:e9:07:5b:13:d7:ba:cd:f2:91:23:f8:21:3b:15:22:
3f:22:5c:9e:d3:62:b4:fc:94:87:ae:0e:bd:8b:93:0b:dc:e8:
91:1f:7c:e2:87:36:0b:15:36:e7:2b:c6:78:71:08:91:22:78:
60:ec:40:48:f6:64:a0:3a:0b:4d:36:c6:ba:43:66:09:dc:38:
03:bb:27:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/bAQMJ8XEO/YbFsZy8i9ILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMjIxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTFlZmU2NzM2YmRjNmQxYWNmZDc0OTY3ODJhMDMwMWI2ZWZmYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pUS+7GbEBKk3NfND6GejDkzwHSY
/y6ISCGmpN+8ql2yQ1N0n5rijW6p9dOb5r1o36xcJQIwmqwchIiLIUABhQJqURvw
+JQ11HzArUtQpN5B8idRv8949W5jWf6cOz3Xp/Xz4RvbL+FfzMYVwA+qmCc7FbLn
X2pQQdrsb3Wr4/AVx84OKqqu0LYHDibbywTBm8d6ZJTfsZZbABCxSO7rKbB/Sp2R
VFQG+ORD4A70M4UBnE0xjC/m3XaB1jlSoAfoGhGv+MiWIcUlvQOTuVt3PkAa6+58
hSETyz387aJ3b+accbTkWdcLqY5yftyCiUYG74VkWh1yDZkEPM/FxbN2MwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCEe/mc2vcbRrP10lngqAwG27/sxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSVI3LVp6YTl4dEdzX1hTV2VDb0RBYmJ2LXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH+/aAwf1cSM2uDTZO4P
lTK6vFLkKueCj+YaYr5O1LYIfFpk7UpkIQUJ6DkDow1DsG+mKn8deJ/EdVFoeM8S
pKuoD7ApItcTKAPQPNUgjARcAe6kj5u6SpgtR0PAa/v8oGRQjvOkN3QfnFcF+9hd
Clj96m+GQP6pxS0TOhS17ncR9esP2XQKYMZF7lNG2cgQj7J8LjfGYptggbKy1ksx
9Hbbe0W3Gk5/+fcNCX+94FLISCbpwnkhjukHWxPXus3ykSP4ITsVIj8iXJ7TYrT8
lIeuDr2Lkwvc6JEffOKHNgsVNucrxnhxCJEieGDsQEj2ZKA6C002xrpDZgncOAO7
Jxg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org