Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Mf-iRM0xNI-aMwvRTfv02o-ok4o.roa
File: Mf-iRM0xNI-aMwvRTfv02o-ok4o.roa (raw, json)
Hash identifier: Kd/CQZPeRQIfJmezRS7M0dHweN+/D/Sf6pX0TDUgbPs=
Subject key identifier: 31:FF:A2:44:CD:31:34:8F:9A:33:0B:D1:4D:FB:F4:DA:8F:A8:93:8A
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01902D67C7AF7AD5E81ABD0D3018C750B4D4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Mf-iRM0xNI-aMwvRTfv02o-ok4o.roa
Signing time: Tue 18 Jun 2024 22:11:34 +0000
ROA not before: Tue 18 Jun 2024 22:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Jun 2024 23:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2d:67:c7:af:7a:d5:e8:1a:bd:0d:30:18:c7:50:b4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 18 22:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31ffa244cd31348f9a330bd14dfbf4da8fa8938a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8a:06:fa:f7:f9:27:25:5c:80:05:1f:bb:a7:
d9:b5:e7:5d:d7:c4:89:ee:4f:d4:10:b7:66:a2:4a:
a5:b7:d6:51:21:5e:f7:8f:15:de:c1:c2:17:00:91:
11:3b:63:30:20:7b:b4:0c:0f:00:c9:08:d4:a1:97:
fe:14:67:11:5f:e9:80:4b:01:1a:e9:be:75:1e:32:
75:4c:45:90:ec:31:85:47:a3:ba:50:3e:49:db:7d:
61:f4:73:b9:6c:e9:8c:09:47:6d:b1:54:40:7c:25:
9f:d3:25:44:37:81:5b:ed:6f:eb:80:63:0d:11:1f:
01:48:42:f0:e5:3d:fa:6a:78:3e:c9:95:96:6f:c4:
1e:16:b5:30:7b:d8:df:6e:b7:d0:ba:a1:59:14:9d:
3f:b2:a4:d0:f7:b4:c1:05:28:17:4c:57:85:91:d0:
f4:8c:d5:36:49:ca:8d:08:81:be:1b:ca:36:51:2a:
70:dc:26:ac:f7:d3:5e:82:1d:fb:cd:d3:92:b7:91:
43:44:a1:41:61:b6:9a:08:88:7a:ae:b5:e6:b0:39:
fa:86:c2:ad:d3:48:77:ff:6e:f4:bf:c6:ff:1f:4f:
f8:04:ae:a6:d4:57:2a:f6:95:ec:f4:73:5d:9a:9f:
ed:a5:78:f0:3c:da:ac:f0:05:15:47:58:00:2e:af:
5a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FF:A2:44:CD:31:34:8F:9A:33:0B:D1:4D:FB:F4:DA:8F:A8:93:8A
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Mf-iRM0xNI-aMwvRTfv02o-ok4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:f9:b0:ce:24:02:c9:dd:e8:af:26:db:e5:1f:46:5a:ba:54:
ca:b1:d3:8d:c3:de:b4:f7:03:11:77:8e:59:b7:e5:72:b0:c6:
97:5b:f8:d9:28:49:29:8a:5b:9a:2a:7d:7b:55:c3:8f:d6:df:
03:e2:d1:de:1b:d5:ee:80:d4:7a:e8:e4:bb:46:70:27:14:b7:
df:65:17:be:b3:86:5d:2a:6c:30:9d:85:51:2f:4b:84:39:29:
00:f1:a8:5b:12:db:b8:50:45:23:b3:18:0e:aa:a2:06:24:97:
c0:cf:f3:6b:3c:35:af:2d:5f:fe:d6:95:36:2b:d9:74:7a:3f:
ce:33:44:5f:75:a4:2c:31:de:dc:74:bd:f3:c2:6f:60:6c:c9:
d9:e2:a0:88:14:b0:59:f9:32:7b:0e:41:88:67:20:ff:3e:21:
84:bd:ff:70:8a:7e:24:a4:8d:b7:aa:62:6a:7b:a6:f4:69:cc:
b4:66:c7:a7:5d:4e:b3:1b:64:3e:a6:30:05:16:30:d8:12:52:
64:7a:a5:fb:0a:7b:65:60:40:a0:5d:a4:80:17:ac:54:d9:74:
a1:1d:21:90:b9:67:d4:17:7e:ad:c3:88:7f:25:89:fa:ee:8f:
f5:33:3d:94:81:fe:d5:c4:83:df:18:d2:78:d6:df:a2:1f:31:
55:11:7c:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAtZ8evetXoGr0NMBjHULTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE4MjIxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWZmYTI0NGNkMzEzNDhmOWEzMzBiZDE0ZGZiZjRkYThmYTg5MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4oG+vf5JyVcgAUfu6fZtedd18SJ
7k/UELdmokqlt9ZRIV73jxXewcIXAJERO2MwIHu0DA8AyQjUoZf+FGcRX+mASwEa
6b51HjJ1TEWQ7DGFR6O6UD5J231h9HO5bOmMCUdtsVRAfCWf0yVEN4Fb7W/rgGMN
ER8BSELw5T36ang+yZWWb8QeFrUwe9jfbrfQuqFZFJ0/sqTQ97TBBSgXTFeFkdD0
jNU2ScqNCIG+G8o2USpw3Cas99Negh37zdOSt5FDRKFBYbaaCIh6rrXmsDn6hsKt
00h3/270v8b/H0/4BK6m1Fcq9pXs9HNdmp/tpXjwPNqs8AUVR1gALq9alwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDH/okTNMTSPmjML0U379NqPqJOKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTWYtaVJNMHhOSS1hTXd2UlRmdjAyby1vazRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADr5sM4kAsnd6K8m2+Uf
Rlq6VMqx043D3rT3AxF3jlm35XKwxpdb+NkoSSmKW5oqfXtVw4/W3wPi0d4b1e6A
1Hro5LtGcCcUt99lF76zhl0qbDCdhVEvS4Q5KQDxqFsS27hQRSOzGA6qogYkl8DP
82s8Na8tX/7WlTYr2XR6P84zRF91pCwx3tx0vfPCb2BsydnioIgUsFn5MnsOQYhn
IP8+IYS9/3CKfiSkjbeqYmp7pvRpzLRmx6ddTrMbZD6mMAUWMNgSUmR6pfsKe2Vg
QKBdpIAXrFTZdKEdIZC5Z9QXfq3DiH8lifruj/UzPZSB/tXEg98Y0njW36IfMVUR
fEw=
-----END CERTIFICATE-----
Generated at Tue Jun 18 23:53:30 2024 by rpki-client on console-fra.rpki-client.org