Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L-mNs6rEEh7CkhbpAelbsqOAS0A.roa
File: L-mNs6rEEh7CkhbpAelbsqOAS0A.roa (raw, json)
Hash identifier: XtvSpTvPEYVentJsowNSHHQ+Xa/otlbwqG+Y3FyJeyo=
Subject key identifier: 2F:E9:8D:B3:AA:C4:12:1E:C2:92:16:E9:01:E9:5B:B2:A3:80:4B:40
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190629BD65B5E325184CE8B88AD77267E1A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L-mNs6rEEh7CkhbpAelbsqOAS0A.roa
Signing time: Sat 29 Jun 2024 06:08:18 +0000
ROA not before: Sat 29 Jun 2024 06:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 29 Jun 2024 07:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:62:9b:d6:5b:5e:32:51:84:ce:8b:88:ad:77:26:7e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 29 06:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fe98db3aac4121ec29216e901e95bb2a3804b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f1:46:e0:c7:ce:94:ea:63:fb:8b:59:44:66:
2b:6a:bf:fa:b7:60:1a:11:54:f2:d7:7a:c4:5c:f6:
a7:36:df:37:2b:fc:3d:54:86:3c:b6:27:fa:ad:41:
26:f5:77:3d:91:b9:0c:b9:91:f2:96:ab:62:00:2e:
d2:3d:4e:83:f4:88:2b:77:07:11:0f:66:36:d5:49:
61:e6:0e:26:79:62:f6:9c:98:a8:93:71:d0:f7:dc:
11:9f:cf:cd:6e:45:9e:8a:fe:88:2d:a1:7a:b9:c1:
e9:c5:87:08:e9:0b:b2:e2:ca:c8:f7:fe:0c:41:6b:
a8:96:77:ba:1a:79:57:e6:d5:bb:d6:5b:82:9a:12:
b9:1b:da:d1:25:96:74:83:2f:18:b2:a2:8e:26:70:
71:2f:36:6a:f7:8d:0b:4f:92:c6:8d:1e:54:8f:69:
84:d3:69:41:ea:4b:c9:23:2c:58:00:ca:f6:8a:aa:
14:ed:8b:04:66:ab:37:59:65:31:8c:94:77:25:8a:
57:bf:d4:56:04:62:f7:14:11:1c:43:6d:8a:b5:1c:
48:c5:07:c4:dd:ff:ec:d4:91:76:87:28:62:5f:ff:
4e:ad:7c:2e:4a:36:2f:c5:37:29:a7:9a:97:9c:09:
6d:56:ff:a9:3a:ab:57:5c:e1:a2:12:cc:dd:6b:1e:
c7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E9:8D:B3:AA:C4:12:1E:C2:92:16:E9:01:E9:5B:B2:A3:80:4B:40
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/L-mNs6rEEh7CkhbpAelbsqOAS0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:a0:10:89:77:bc:e3:4e:1f:79:be:3d:5d:78:c3:91:d4:5b:
57:f0:69:89:d8:22:7c:e0:5b:6b:9d:9d:fc:bd:2f:a0:8f:81:
da:61:48:20:f4:34:e4:f4:c0:d2:f0:d8:68:30:e4:57:f6:5b:
f7:96:9f:42:6b:d9:d7:d9:ce:63:2a:ae:2f:6b:f0:9e:80:a9:
36:0f:d7:95:1c:f3:80:75:81:3f:55:39:33:ec:86:94:05:1f:
c0:4b:96:96:74:d1:e0:e9:c8:cb:80:77:57:7f:26:86:df:84:
10:e5:48:01:1d:43:d2:bf:87:15:30:2f:e6:ce:f9:df:1f:76:
e8:22:16:7b:6b:24:a1:79:5f:2a:47:5e:0c:80:5e:7f:26:5d:
bd:24:78:76:05:d0:51:99:0b:fd:ae:e3:69:e4:7d:5b:b3:2d:
e3:8f:3a:25:ec:4b:84:e8:c1:a1:95:b3:a6:1e:e1:bb:0c:38:
07:ff:ec:11:b8:a8:ea:12:a5:55:b6:e9:7b:30:7b:de:2d:7a:
d3:ef:9c:36:a6:a8:a5:08:4b:61:68:fb:dd:11:bc:4e:45:5d:
71:89:3f:7c:12:1e:8c:f2:ed:19:25:91:97:0c:17:81:ad:27:
1f:38:1a:77:89:f6:80:02:b4:b0:9d:9b:0f:03:9c:bb:91:17:
80:04:dc:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBim9ZbXjJRhM6LiK13Jn4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI5MDYwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmU5OGRiM2FhYzQxMjFlYzI5MjE2ZTkwMWU5NWJiMmEzODA0YjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvFG4MfOlOpj+4tZRGYrar/6t2Aa
EVTy13rEXPanNt83K/w9VIY8tif6rUEm9Xc9kbkMuZHylqtiAC7SPU6D9IgrdwcR
D2Y21Ulh5g4meWL2nJiok3HQ99wRn8/NbkWeiv6ILaF6ucHpxYcI6Quy4srI9/4M
QWuolne6GnlX5tW71luCmhK5G9rRJZZ0gy8YsqKOJnBxLzZq940LT5LGjR5Uj2mE
02lB6kvJIyxYAMr2iqoU7YsEZqs3WWUxjJR3JYpXv9RWBGL3FBEcQ22KtRxIxQfE
3f/s1JF2hyhiX/9OrXwuSjYvxTcpp5qXnAltVv+pOqtXXOGiEszdax7H8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC/pjbOqxBIewpIW6QHpW7KjgEtAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTC1tTnM2ckVFaDdDa2hicEFlbGJzcU9BUzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACqgEIl3vONOH3m+PV14
w5HUW1fwaYnYInzgW2udnfy9L6CPgdphSCD0NOT0wNLw2Ggw5Ff2W/eWn0Jr2dfZ
zmMqri9r8J6AqTYP15Uc84B1gT9VOTPshpQFH8BLlpZ00eDpyMuAd1d/JobfhBDl
SAEdQ9K/hxUwL+bO+d8fdugiFntrJKF5XypHXgyAXn8mXb0keHYF0FGZC/2u42nk
fVuzLeOPOiXsS4TowaGVs6Ye4bsMOAf/7BG4qOoSpVW26Xswe94tetPvnDamqKUI
S2Fo+90RvE5FXXGJP3wSHozy7RklkZcMF4GtJx84GneJ9oACtLCdmw8DnLuRF4AE
3Hk=
-----END CERTIFICATE-----
Generated at Sat Jun 29 10:59:25 2024 by rpki-client on console-ams.rpki-client.org