Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K8Hl_Vyw_30_917v7lfiYtrJUn0.roa
File: K8Hl_Vyw_30_917v7lfiYtrJUn0.roa (raw, json)
Hash identifier: TVgr+S3wXVOUbRlr44VAvl4/bPdTQlbz7tmTUbwS7sc=
Subject key identifier: 2B:C1:E5:FD:5C:B0:FF:7D:3F:F7:5E:EF:EE:57:E2:62:DA:C9:52:7D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FAF044090781F32F18FFAC6E051E665A4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K8Hl_Vyw_30_917v7lfiYtrJUn0.roa
Signing time: Sat 25 May 2024 09:10:42 +0000
ROA not before: Sat 25 May 2024 09:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 May 2024 10:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:af:04:40:90:78:1f:32:f1:8f:fa:c6:e0:51:e6:65:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 09:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bc1e5fd5cb0ff7d3ff75eefee57e262dac9527d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:56:bd:97:08:f0:91:87:eb:d3:60:d0:8c:8f:
8d:6e:0d:07:f4:25:57:93:6a:89:a1:bc:1e:f6:c3:
24:e9:2b:9e:17:a6:54:5e:37:17:37:33:a5:23:4c:
9d:22:a8:43:6f:ce:f7:c8:53:92:f7:73:2e:b9:21:
63:f4:1e:4a:0f:ed:74:c0:fc:23:9a:9f:6a:7d:a1:
df:59:64:5b:47:c5:3b:d7:54:0a:4b:f7:fb:50:ff:
c6:34:79:81:51:b8:96:af:dc:4b:5f:fa:95:ad:0a:
10:e6:0c:c3:bd:c8:ef:84:49:aa:92:b7:70:f4:22:
c6:d4:3a:67:b4:44:6f:6d:44:31:a6:63:e9:38:73:
6d:77:ae:2e:76:81:96:a4:c2:51:d6:09:6b:ab:92:
e0:b1:60:f9:0e:a8:8b:1b:56:33:ae:c1:ca:da:74:
fb:a4:65:75:9e:9f:82:8c:6b:b6:86:3b:a7:e2:d7:
3c:e1:89:02:1c:21:9a:c0:de:3a:76:ad:8e:01:e7:
6e:3b:b8:7b:fa:13:11:40:b3:65:44:2d:c0:a6:fe:
ba:1e:03:be:e1:82:d7:d7:ed:d0:63:57:14:7f:e8:
92:38:58:57:f4:f3:15:7e:94:b2:d4:e2:94:6b:af:
40:dc:4b:17:67:27:e8:f9:f0:56:60:52:dd:2f:8e:
17:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C1:E5:FD:5C:B0:FF:7D:3F:F7:5E:EF:EE:57:E2:62:DA:C9:52:7D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/K8Hl_Vyw_30_917v7lfiYtrJUn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:61:9f:95:54:9c:a8:b6:52:6b:80:31:79:c6:6e:9a:04:87:
79:3b:6d:93:80:15:7d:f7:1c:2c:ac:79:40:62:67:e2:c3:ae:
6e:a2:e8:af:49:0d:da:4d:9e:78:81:bb:d3:7a:78:79:84:35:
4d:5d:84:e6:66:df:d4:9f:45:02:49:12:d6:51:cc:32:34:01:
1f:4f:22:46:0d:a6:ee:25:f1:bc:93:f2:ba:73:96:3e:6c:85:
6d:90:b0:ec:ef:67:4c:af:ab:37:d4:e6:87:93:2b:00:73:56:
fd:b1:c6:fd:52:61:ab:13:d1:43:30:ab:f7:b1:59:ae:21:23:
69:0c:eb:6b:b2:a0:8e:75:6d:b3:e1:fe:16:f6:28:86:e1:3f:
d6:eb:98:70:41:08:33:74:b8:45:f5:07:48:6e:99:ef:8f:06:
ee:20:64:85:06:3d:eb:34:08:97:1d:10:f5:fe:be:93:54:e0:
78:d1:b5:2f:28:ff:fc:71:c6:01:c5:99:01:b4:ed:c2:da:e2:
da:60:c8:ee:55:3e:91:70:9d:95:30:52:dd:9d:48:27:76:67:
94:ec:49:b8:7d:5a:b4:57:49:2d:86:c2:36:d4:70:12:d1:4b:
ed:fe:df:6e:41:b8:23:8d:e5:51:9e:f1:7d:01:df:96:e3:23:
77:fa:90:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+vBECQeB8y8Y/6xuBR5mWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MDkxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmMxZTVmZDVjYjBmZjdkM2ZmNzVlZWZlZTU3ZTI2MmRhYzk1MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhla9lwjwkYfr02DQjI+Nbg0H9CVX
k2qJobwe9sMk6SueF6ZUXjcXNzOlI0ydIqhDb873yFOS93MuuSFj9B5KD+10wPwj
mp9qfaHfWWRbR8U711QKS/f7UP/GNHmBUbiWr9xLX/qVrQoQ5gzDvcjvhEmqkrdw
9CLG1DpntERvbUQxpmPpOHNtd64udoGWpMJR1glrq5LgsWD5DqiLG1YzrsHK2nT7
pGV1np+CjGu2hjun4tc84YkCHCGawN46dq2OAeduO7h7+hMRQLNlRC3Apv66HgO+
4YLX1+3QY1cUf+iSOFhX9PMVfpSy1OKUa69A3EsXZyfo+fBWYFLdL44XZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCvB5f1csP99P/de7+5X4mLayVJ9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSzhIbF9WeXdfMzBfOTE3djdsZmlZdHJKVW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADNhn5VUnKi2UmuAMXnG
bpoEh3k7bZOAFX33HCyseUBiZ+LDrm6i6K9JDdpNnniBu9N6eHmENU1dhOZm39Sf
RQJJEtZRzDI0AR9PIkYNpu4l8byT8rpzlj5shW2QsOzvZ0yvqzfU5oeTKwBzVv2x
xv1SYasT0UMwq/exWa4hI2kM62uyoI51bbPh/hb2KIbhP9brmHBBCDN0uEX1B0hu
me+PBu4gZIUGPes0CJcdEPX+vpNU4HjRtS8o//xxxgHFmQG07cLa4tpgyO5VPpFw
nZUwUt2dSCd2Z5TsSbh9WrRXSS2GwjbUcBLRS+3+325BuCON5VGe8X0B35bjI3f6
kE4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org