Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MAGjsItO2j4K6HuU8W-YfNgq5Cs.roa
File: MAGjsItO2j4K6HuU8W-YfNgq5Cs.roa (raw, json)
Hash identifier: tn5vNHNvwvPM9tFeqB8MjrStW3/R2fASQpDimMZrRj4=
Subject key identifier: 30:01:A3:B0:8B:4E:DA:3E:0A:E8:7B:94:F1:6F:98:7C:D8:2A:E4:2B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019007D9D3B413077C21D9C2F3F04027C999
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MAGjsItO2j4K6HuU8W-YfNgq5Cs.roa
Signing time: Tue 11 Jun 2024 15:10:34 +0000
ROA not before: Tue 11 Jun 2024 15:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 16:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:07:d9:d3:b4:13:07:7c:21:d9:c2:f3:f0:40:27:c9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 11 15:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3001a3b08b4eda3e0ae87b94f16f987cd82ae42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:bb:45:80:f7:78:cb:bd:09:b1:b1:77:3e:
04:99:51:7e:ba:46:52:3d:26:e9:25:02:28:2c:fb:
da:2c:34:01:17:19:a1:95:22:d0:eb:04:2c:12:41:
29:90:98:de:b5:9b:c7:5a:0b:42:f9:d4:dd:3e:10:
82:09:b0:25:a9:32:a8:1c:f4:55:33:c6:d3:7f:22:
ea:6d:0a:1c:42:52:4b:07:30:d8:48:99:18:31:2e:
b0:9c:e4:b9:be:76:13:d6:b8:0b:35:a8:af:6a:5b:
25:1b:16:04:48:e2:32:82:b8:2e:2f:be:8e:75:1b:
33:a0:4f:ff:d5:01:44:14:1a:c3:56:79:c0:58:c4:
99:08:3e:62:75:dc:00:8f:d4:55:c5:73:92:81:b6:
bb:8f:58:12:99:9a:17:43:f7:be:b3:3f:d9:7d:e0:
72:f5:e7:b3:b7:86:12:2e:8f:5a:36:06:87:f4:3a:
02:b6:e8:97:d8:da:88:d3:3a:47:33:12:df:6e:32:
2c:e8:c3:d2:1b:36:f0:c3:17:26:0c:d0:02:ec:b8:
69:05:f3:d4:db:ee:37:61:18:de:ab:6d:39:84:e8:
c6:e5:25:45:de:28:3b:3f:b5:53:35:6f:04:32:2b:
20:b7:4d:42:aa:1a:c0:06:d2:48:b1:a1:c0:ef:87:
c1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:01:A3:B0:8B:4E:DA:3E:0A:E8:7B:94:F1:6F:98:7C:D8:2A:E4:2B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MAGjsItO2j4K6HuU8W-YfNgq5Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:87:50:6d:56:b2:3a:d9:e9:ff:9b:6d:56:a3:db:cb:f7:3e:
62:21:36:53:e0:c7:15:88:f8:ce:c6:4e:91:96:c0:87:dc:eb:
bd:4b:9e:93:75:90:0e:28:93:09:3d:9a:20:f6:d3:64:4d:c6:
9d:c9:72:15:90:b0:08:7a:e7:ec:fd:69:f1:e0:7a:50:f5:87:
10:8e:f5:5f:e2:db:ce:d8:80:03:e4:62:b6:fc:cb:7d:33:f1:
29:26:d9:e2:4a:8f:b2:b7:85:e9:7b:a6:23:ca:b9:87:b8:df:
46:0c:45:bb:1a:5a:46:00:36:b0:fd:d0:a6:50:ec:ee:9e:84:
69:46:a1:d3:45:44:72:9d:aa:ec:0f:a6:e5:b0:70:b0:a5:b6:
08:26:55:3c:fa:a1:d6:68:43:5c:ba:ee:ad:13:6b:49:fd:fc:
90:eb:d4:28:5c:1f:22:94:8b:5f:52:95:d4:6a:7c:05:df:57:
d8:f1:c8:2c:76:dc:d6:e2:9b:b0:af:10:a2:89:a6:01:c1:65:
8a:32:57:92:7b:8e:8f:70:5c:88:f0:a4:3f:00:c3:b0:bf:21:
d2:20:a4:5e:e1:54:4e:e8:20:c2:6e:49:b2:6a:65:43:a7:2f:
4c:48:ba:6d:d9:5c:a5:68:db:97:4b:b6:ce:e5:72:d3:9f:e5:
97:c4:77:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAH2dO0Ewd8IdnC8/BAJ8mZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjExMTUxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDAxYTNiMDhiNGVkYTNlMGFlODdiOTRmMTZmOTg3Y2Q4MmFlNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMm7RYD3eMu9CbGxdz4EmVF+ukZS
PSbpJQIoLPvaLDQBFxmhlSLQ6wQsEkEpkJjetZvHWgtC+dTdPhCCCbAlqTKoHPRV
M8bTfyLqbQocQlJLBzDYSJkYMS6wnOS5vnYT1rgLNaivalslGxYESOIygrguL76O
dRszoE//1QFEFBrDVnnAWMSZCD5iddwAj9RVxXOSgba7j1gSmZoXQ/e+sz/ZfeBy
9eezt4YSLo9aNgaH9DoCtuiX2NqI0zpHMxLfbjIs6MPSGzbwwxcmDNAC7LhpBfPU
2+43YRjeq205hOjG5SVF3ig7P7VTNW8EMisgt01CqhrABtJIsaHA74fBgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDABo7CLTto+Cuh7lPFvmHzYKuQrMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTUFHanNJdE8yajRLNkh1VThXLVlmTmdxNUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFuHUG1WsjrZ6f+bbVaj
28v3PmIhNlPgxxWI+M7GTpGWwIfc671LnpN1kA4okwk9miD202RNxp3JchWQsAh6
5+z9afHgelD1hxCO9V/i287YgAPkYrb8y30z8Skm2eJKj7K3hel7piPKuYe430YM
RbsaWkYANrD90KZQ7O6ehGlGodNFRHKdquwPpuWwcLCltggmVTz6odZoQ1y67q0T
a0n9/JDr1ChcHyKUi19SldRqfAXfV9jxyCx23Nbim7CvEKKJpgHBZYoyV5J7jo9w
XIjwpD8Aw7C/IdIgpF7hVE7oIMJuSbJqZUOnL0xIum3ZXKVo25dLts7lctOf5ZfE
dxk=
-----END CERTIFICATE-----
Generated at Tue Jun 11 19:46:37 2024 by rpki-client on console-fra.rpki-client.org