Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ofci_3nM84G0kkHtERX9s4wVw30.roa
File: Ofci_3nM84G0kkHtERX9s4wVw30.roa (raw, json)
Hash identifier: 5FMQuxeS+sTp5hdZkcL0oZVfPalZkfF21hpFnzR8Iyo=
Subject key identifier: 39:F7:22:FF:79:CC:F3:81:B4:92:41:ED:11:15:FD:B3:8C:15:C3:7D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019031B43E3F52D51DCE8BE09B859451DEEA
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ofci_3nM84G0kkHtERX9s4wVw30.roa
Signing time: Wed 19 Jun 2024 18:13:34 +0000
ROA not before: Wed 19 Jun 2024 18:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Jun 2024 19:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:31:b4:3e:3f:52:d5:1d:ce:8b:e0:9b:85:94:51:de:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 19 18:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39f722ff79ccf381b49241ed1115fdb38c15c37d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:13:3d:ea:9c:65:32:36:18:7d:03:1c:dd:12:
48:d0:5a:60:e5:40:7d:39:ff:e7:22:3b:12:3b:0d:
e7:29:4a:0d:5e:d7:95:8b:a9:4f:a3:05:75:be:1b:
0f:f1:5c:d1:02:f6:24:af:61:20:11:de:a2:01:18:
ad:c8:24:a5:a9:7f:4d:92:84:fe:24:bb:1f:25:1e:
75:62:d7:f7:b2:36:ac:6a:7b:c2:5c:c7:8f:9a:a2:
7c:e7:d5:a8:c1:4a:99:00:7d:00:88:ff:9e:04:e9:
f6:d0:1e:30:58:90:9a:b7:2a:e6:f8:8b:a7:a8:84:
59:f9:80:79:26:bd:18:f8:cd:2a:83:e6:b3:e5:e6:
22:91:50:26:10:10:72:0c:4e:09:1d:63:50:f7:d2:
6e:19:b2:ef:81:37:7d:60:54:ae:f1:a0:8f:00:d0:
8e:b6:9c:5a:37:45:b2:e2:9b:a5:6e:22:4e:f0:cb:
23:ee:bb:57:e4:d5:49:2a:77:32:3a:e7:01:3a:99:
d0:66:92:bb:d2:fc:22:d6:1b:cc:3f:91:2d:17:24:
8f:5d:bb:d4:ed:93:e0:72:97:54:9c:28:c0:13:9d:
8e:63:79:d3:fd:de:81:f4:e9:ef:95:12:30:c7:d6:
4e:5a:36:82:38:e2:11:37:35:29:23:a0:e6:2d:a9:
d1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F7:22:FF:79:CC:F3:81:B4:92:41:ED:11:15:FD:B3:8C:15:C3:7D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ofci_3nM84G0kkHtERX9s4wVw30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:00:15:28:8c:2a:1f:47:23:47:ce:8a:31:e3:37:7a:4f:1a:
95:2d:a1:e0:a2:3e:76:55:25:27:86:36:02:bb:bd:8c:48:f6:
b0:f0:ac:0b:4c:74:c5:55:3e:4f:10:ff:03:7b:d1:b8:89:57:
50:6f:08:2e:6c:d2:14:10:55:53:ec:90:44:c1:5f:a6:40:64:
bb:b0:99:6e:c6:d7:03:a3:6c:8d:17:16:ce:41:26:e5:40:37:
b4:89:2f:92:d8:ca:b9:1a:04:9a:0a:de:16:00:e0:70:16:3d:
ff:0f:b2:76:2a:a6:83:13:1c:47:0c:4d:46:50:b4:cf:6a:96:
d8:29:88:55:ab:8c:33:94:36:3b:9d:c7:d9:87:58:42:88:ce:
9e:fe:3d:08:f7:4e:c5:d4:6c:3a:f7:7d:54:06:a3:6b:22:e1:
1a:dc:87:9b:16:a2:bf:9f:40:1f:c3:52:a8:73:00:9a:b2:eb:
a7:7b:bb:47:06:27:91:a7:a7:a0:60:a1:77:89:47:a8:07:60:
34:80:dc:4b:fb:53:41:da:73:57:e2:42:0b:52:06:4c:c3:88:
3b:cd:9f:d9:81:76:9f:ee:9f:c3:6f:0b:71:d4:f5:91:b6:76:
71:e3:23:3d:8d:d5:65:d4:da:28:77:6e:04:d9:7e:84:04:92:
f6:f1:47:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAxtD4/UtUdzovgm4WUUd7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE5MTgxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWY3MjJmZjc5Y2NmMzgxYjQ5MjQxZWQxMTE1ZmRiMzhjMTVjMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhM96pxlMjYYfQMc3RJI0Fpg5UB9
Of/nIjsSOw3nKUoNXteVi6lPowV1vhsP8VzRAvYkr2EgEd6iARityCSlqX9NkoT+
JLsfJR51Ytf3sjasanvCXMePmqJ859WowUqZAH0AiP+eBOn20B4wWJCatyrm+Iun
qIRZ+YB5Jr0Y+M0qg+az5eYikVAmEBByDE4JHWNQ99JuGbLvgTd9YFSu8aCPANCO
tpxaN0Wy4pulbiJO8Msj7rtX5NVJKncyOucBOpnQZpK70vwi1hvMP5EtFySPXbvU
7ZPgcpdUnCjAE52OY3nT/d6B9OnvlRIwx9ZOWjaCOOIRNzUpI6DmLanRKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDn3Iv95zPOBtJJB7REV/bOMFcN9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvT2ZjaV8zbk04NEcwa2tIdEVSWDlzNHdWdzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGkAFSiMKh9HI0fOijHj
N3pPGpUtoeCiPnZVJSeGNgK7vYxI9rDwrAtMdMVVPk8Q/wN70biJV1BvCC5s0hQQ
VVPskETBX6ZAZLuwmW7G1wOjbI0XFs5BJuVAN7SJL5LYyrkaBJoK3hYA4HAWPf8P
snYqpoMTHEcMTUZQtM9qltgpiFWrjDOUNjudx9mHWEKIzp7+PQj3TsXUbDr3fVQG
o2si4Rrch5sWor+fQB/DUqhzAJqy66d7u0cGJ5Gnp6BgoXeJR6gHYDSA3Ev7U0Ha
c1fiQgtSBkzDiDvNn9mBdp/un8NvC3HU9ZG2dnHjIz2N1WXU2ih3bgTZfoQEkvbx
R4Q=
-----END CERTIFICATE-----
Generated at Wed Jun 19 22:23:57 2024 by rpki-client on console-fra.rpki-client.org