Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Lt0316rPk4HW2cvQy5NFevL4gzo.roa
File: Lt0316rPk4HW2cvQy5NFevL4gzo.roa (raw, json)
Hash identifier: x/6EcZVe3G2noAdOgwQFBI2Vfeu8LHyrxglpBnlkVcE=
Subject key identifier: 2E:DD:37:D7:AA:CF:93:81:D6:D9:CB:D0:CB:93:45:7A:F2:F8:83:3A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB2AB019E5E0108E6F15776E9D574DC00
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Lt0316rPk4HW2cvQy5NFevL4gzo.roa
Signing time: Sun 26 May 2024 02:11:42 +0000
ROA not before: Sun 26 May 2024 02:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 26 May 2024 03:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b2:ab:01:9e:5e:01:08:e6:f1:57:76:e9:d5:74:dc:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 26 02:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2edd37d7aacf9381d6d9cbd0cb93457af2f8833a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:38:b2:50:a4:86:3d:02:5d:5f:ed:4c:79:
2b:dc:62:31:c4:6a:f7:6f:0d:6d:bb:38:60:5c:77:
fd:a3:7d:99:88:b8:b8:dc:b3:8a:3d:3a:1d:f6:a9:
4e:30:e6:b3:33:d0:33:1e:1c:4e:17:53:00:2b:64:
8b:e3:00:fc:6b:8e:22:e3:0e:ce:ac:cc:ec:1d:a5:
f1:b8:43:c4:e0:56:26:b5:5a:0f:2c:c3:b6:7c:46:
78:01:27:e1:06:df:a3:2c:28:52:ca:72:63:3d:16:
93:c6:9c:9c:53:e1:30:26:c8:6e:ad:c4:5d:7c:62:
e6:8e:20:e6:5c:dc:da:8b:6e:8c:52:e9:8b:92:88:
16:7c:d6:54:30:10:d9:da:6f:87:fa:60:c1:cd:b4:
d1:42:cc:f5:54:b8:90:76:52:04:27:c9:36:90:82:
ca:b5:97:d1:7b:cd:4c:20:8a:46:5c:d7:02:93:ea:
f6:6c:10:27:3b:77:78:99:5f:43:9c:04:7c:b3:7c:
a6:a5:08:12:65:4c:a6:2e:f3:5a:ab:28:ad:77:5f:
41:e4:f6:2c:8e:f0:f6:33:99:58:18:a5:5a:4f:a7:
14:31:70:92:6f:b5:20:29:a9:3a:3a:2a:8b:51:43:
c4:f8:db:1c:98:46:39:5c:05:be:38:ea:03:b7:01:
7d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DD:37:D7:AA:CF:93:81:D6:D9:CB:D0:CB:93:45:7A:F2:F8:83:3A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Lt0316rPk4HW2cvQy5NFevL4gzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:28:e0:97:62:45:3a:09:b9:92:71:17:e3:1f:9e:7e:40:7f:
d7:c7:5c:b0:a7:fc:f2:17:74:3b:ff:33:d4:33:1e:f8:c1:8c:
0e:51:57:84:0f:70:3b:64:25:c7:a3:9b:1c:f4:f1:1a:57:11:
65:47:91:84:9a:5e:dc:c8:bc:29:97:3b:7b:8a:69:0e:9f:f3:
9a:1a:bc:d8:f9:82:90:27:c2:f3:9a:96:c3:8b:e6:aa:55:39:
ef:2f:ed:ea:a4:e5:90:6c:22:1a:6b:99:e2:5d:5e:35:06:59:
21:03:40:19:d1:6b:99:c8:ec:5e:86:c9:de:22:88:bb:54:f4:
ea:5b:fc:cf:64:35:a2:5a:55:42:09:76:db:76:d0:e6:fb:33:
8d:d9:92:a4:ad:1e:5a:83:98:20:e1:4b:7c:95:c9:b1:45:08:
42:9e:de:ba:13:5b:8e:34:80:06:e0:5c:3c:b4:a2:24:ff:ac:
09:c5:8e:8f:07:c8:74:22:b4:54:4b:f1:12:59:c7:14:1d:6d:
e4:4b:f7:dc:4f:b6:96:67:5e:e7:8b:6d:b9:e2:03:ee:73:91:
de:0d:d1:c7:ec:e4:af:06:a4:57:66:5a:f5:1f:47:3a:b4:79:
c3:8d:e6:ec:54:e2:60:06:82:d7:f2:c6:88:8a:5d:7b:c8:90:
2d:9e:a0:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+yqwGeXgEI5vFXdunVdNwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI2MDIxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWRkMzdkN2FhY2Y5MzgxZDZkOWNiZDBjYjkzNDU3YWYyZjg4MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtak4slCkhj0CXV/tTHkr3GIxxGr3
bw1tuzhgXHf9o32ZiLi43LOKPTod9qlOMOazM9AzHhxOF1MAK2SL4wD8a44i4w7O
rMzsHaXxuEPE4FYmtVoPLMO2fEZ4ASfhBt+jLChSynJjPRaTxpycU+EwJshurcRd
fGLmjiDmXNzai26MUumLkogWfNZUMBDZ2m+H+mDBzbTRQsz1VLiQdlIEJ8k2kILK
tZfRe81MIIpGXNcCk+r2bBAnO3d4mV9DnAR8s3ympQgSZUymLvNaqyitd19B5PYs
jvD2M5lYGKVaT6cUMXCSb7UgKak6OiqLUUPE+NscmEY5XAW+OOoDtwF97QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC7dN9eqz5OB1tnL0MuTRXry+IM6MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTHQwMzE2clBrNEhXMmN2UXk1TkZldkw0Z3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJIo4JdiRToJuZJxF+Mf
nn5Af9fHXLCn/PIXdDv/M9QzHvjBjA5RV4QPcDtkJcejmxz08RpXEWVHkYSaXtzI
vCmXO3uKaQ6f85oavNj5gpAnwvOalsOL5qpVOe8v7eqk5ZBsIhprmeJdXjUGWSED
QBnRa5nI7F6Gyd4iiLtU9Opb/M9kNaJaVUIJdtt20Ob7M43ZkqStHlqDmCDhS3yV
ybFFCEKe3roTW440gAbgXDy0oiT/rAnFjo8HyHQitFRL8RJZxxQdbeRL99xPtpZn
XueLbbniA+5zkd4N0cfs5K8GpFdmWvUfRzq0ecON5uxU4mAGgtfyxoiKXXvIkC2e
oAw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org