Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LdkGFnl0Vs4Iejx7M3h7zmNrouY.roa
File: LdkGFnl0Vs4Iejx7M3h7zmNrouY.roa (raw, json)
Hash identifier: uFHDWUwNVpn0f9tnGmweKg8XUwG5elqB495J5mjpwNM=
Subject key identifier: 2D:D9:06:16:79:74:56:CE:08:7A:3C:7B:33:78:7B:CE:63:6B:A2:E6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019078B7A0C7C45006784B936A06B2B09F69
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LdkGFnl0Vs4Iejx7M3h7zmNrouY.roa
Signing time: Wed 03 Jul 2024 13:10:18 +0000
ROA not before: Wed 03 Jul 2024 13:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jul 2024 14:05:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:b7:a0:c7:c4:50:06:78:4b:93:6a:06:b2:b0:9f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 3 13:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dd90616797456ce087a3c7b33787bce636ba2e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:97:1e:cc:b5:18:ad:e9:9f:fc:8e:65:07:16:
50:0c:76:26:a1:b7:e9:bb:8d:25:7e:e5:99:91:e6:
fa:71:5e:0a:ca:73:1e:25:fe:f8:2a:f0:00:11:64:
e0:18:4d:46:77:3e:20:4e:71:de:27:43:4c:e7:cb:
da:b3:47:e7:0a:e3:5d:23:21:b6:3d:ef:fb:0d:87:
fa:28:3b:52:9d:ac:80:d7:e9:31:77:56:0e:8d:e7:
24:a2:89:52:d4:6f:92:a5:0d:5c:2e:b2:b1:84:35:
cc:c6:cf:b1:24:ed:8e:8e:bb:34:a5:31:52:9b:87:
51:bd:44:d7:83:e5:89:2f:7e:e6:97:dd:4e:13:47:
59:cc:26:a5:bf:e2:bd:d8:f4:b5:ab:5f:12:a3:3c:
af:b9:43:ad:fa:0b:10:f0:b4:04:da:d9:91:1b:90:
aa:ce:7b:41:4c:2a:99:2d:19:29:57:48:8d:20:e5:
dd:4f:0c:26:de:b4:e7:f8:d5:d6:be:e1:93:21:bc:
84:88:a8:d5:87:6f:52:30:d3:fd:61:38:6c:55:44:
7c:a5:d7:e6:98:ed:2c:c4:88:b3:45:1e:bb:84:c9:
c6:c2:04:36:d5:fa:48:5f:31:7c:0c:36:9d:a2:1a:
08:49:18:ee:4c:c2:c5:70:50:64:55:57:88:d9:d3:
22:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D9:06:16:79:74:56:CE:08:7A:3C:7B:33:78:7B:CE:63:6B:A2:E6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/LdkGFnl0Vs4Iejx7M3h7zmNrouY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:59:52:4c:e7:ab:a1:34:70:ed:55:d8:2f:91:d0:4d:1b:40:
aa:e0:35:b3:39:b8:ea:0a:04:30:b6:26:60:83:76:4d:2c:9b:
ef:c1:ea:ef:4f:05:ee:77:17:69:74:76:68:3a:a7:46:b2:80:
8e:2c:ac:28:6b:cb:51:83:f7:08:33:35:f8:b1:6f:c7:e7:8c:
ed:23:95:b7:13:80:ed:90:e9:7c:e0:87:41:c8:85:17:05:74:
96:2f:54:df:83:81:b6:7e:bc:fd:18:36:ab:f1:71:85:a7:31:
cd:17:d7:e4:aa:3a:f8:01:97:da:cc:13:d0:06:21:6e:cf:91:
77:e8:88:64:83:e6:54:6c:26:3c:2b:af:98:bf:fe:c7:1b:8a:
a9:7e:0f:6e:71:ba:70:2e:b5:98:e6:13:de:27:84:60:f5:cf:
e5:5c:bb:cf:ce:65:a1:36:bd:43:5b:2a:4b:eb:dd:66:a8:ba:
2e:c6:b5:af:ea:1e:df:2f:60:69:6b:41:74:c7:7f:b1:1f:4a:
20:07:68:5e:18:b7:14:e7:dd:f4:de:c7:f7:0a:2d:78:36:d3:
c0:b5:7f:43:92:29:ae:a3:a0:4f:aa:95:54:74:0a:80:12:28:
62:a1:cf:9f:49:f9:fc:47:e0:e6:ae:f1:24:66:4a:ec:58:fb:
df:6c:da:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB4t6DHxFAGeEuTagaysJ9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAzMTMxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ5MDYxNjc5NzQ1NmNlMDg3YTNjN2IzMzc4N2JjZTYzNmJhMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZcezLUYremf/I5lBxZQDHYmobfp
u40lfuWZkeb6cV4KynMeJf74KvAAEWTgGE1Gdz4gTnHeJ0NM58vas0fnCuNdIyG2
Pe/7DYf6KDtSnayA1+kxd1YOjeckoolS1G+SpQ1cLrKxhDXMxs+xJO2Ojrs0pTFS
m4dRvUTXg+WJL37ml91OE0dZzCalv+K92PS1q18SozyvuUOt+gsQ8LQE2tmRG5Cq
zntBTCqZLRkpV0iNIOXdTwwm3rTn+NXWvuGTIbyEiKjVh29SMNP9YThsVUR8pdfm
mO0sxIizRR67hMnGwgQ21fpIXzF8DDadohoISRjuTMLFcFBkVVeI2dMiwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC3ZBhZ5dFbOCHo8ezN4e85ja6LmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTGRrR0ZubDBWczRJZWp4N00zaDd6bU5yb3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB1ZUkznq6E0cO1V2C+R
0E0bQKrgNbM5uOoKBDC2JmCDdk0sm+/B6u9PBe53F2l0dmg6p0aygI4srChry1GD
9wgzNfixb8fnjO0jlbcTgO2Q6Xzgh0HIhRcFdJYvVN+DgbZ+vP0YNqvxcYWnMc0X
1+SqOvgBl9rME9AGIW7PkXfoiGSD5lRsJjwrr5i//scbiql+D25xunAutZjmE94n
hGD1z+Vcu8/OZaE2vUNbKkvr3Waoui7Gta/qHt8vYGlrQXTHf7EfSiAHaF4YtxTn
3fTex/cKLXg208C1f0OSKa6joE+qlVR0CoASKGKhz59J+fxH4Oau8SRmSuxY+99s
2tQ=
-----END CERTIFICATE-----
Generated at Wed Jul 3 16:56:07 2024 by rpki-client on console-fra.rpki-client.org