Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PBdZYEZjJ56wvT0H4c4PrBHNMt0.roa
File: PBdZYEZjJ56wvT0H4c4PrBHNMt0.roa (raw, json)
Hash identifier: oSG0F+MWNrUKS6vnCDbFNfPepFIWiv8mr1krlfw6pTY=
Subject key identifier: 3C:17:59:60:46:63:27:9E:B0:BD:3D:07:E1:CE:0F:AC:11:CD:32:DD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD8A5AE0B907131424C41DEDFBB22B5E8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PBdZYEZjJ56wvT0H4c4PrBHNMt0.roa
Signing time: Sun 02 Jun 2024 11:11:27 +0000
ROA not before: Sun 02 Jun 2024 11:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Jun 2024 12:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d8:a5:ae:0b:90:71:31:42:4c:41:de:df:bb:22:b5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 2 11:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c1759604663279eb0bd3d07e1ce0fac11cd32dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2d:a0:0f:07:65:d5:ce:3f:0d:c6:87:ee:fa:
23:23:84:57:78:b8:4a:a5:56:29:e9:a1:40:2e:21:
68:a5:8a:a8:c6:24:91:97:93:aa:5e:a7:e3:24:14:
a7:4d:58:86:61:83:3b:05:6f:86:72:12:d9:1b:99:
d2:20:29:3c:ff:89:60:04:68:2b:d6:c2:f8:0d:b8:
ac:c4:30:de:e6:88:e8:25:8d:9b:bf:9b:f6:59:90:
d4:ae:cf:99:46:c9:ea:e4:cc:99:4e:e4:cc:70:a5:
ee:81:10:f6:b6:ce:5b:3e:3a:81:4f:6d:19:3d:7b:
ac:ab:b4:0d:f2:ba:f7:93:92:d4:37:1e:46:23:e9:
1e:d0:b0:50:59:b6:9b:ed:cd:ac:98:fd:77:af:1d:
1e:0b:92:2c:0a:8b:51:35:3e:33:5e:7c:1a:97:3a:
de:24:ee:20:af:8d:de:85:6f:35:c1:7f:10:19:1c:
de:ac:e1:2c:f9:5b:25:51:bc:1d:5d:5d:ba:b1:58:
92:0c:e8:6e:62:c1:5c:69:58:38:d7:42:95:2c:e4:
5d:9b:6c:d6:9f:77:f4:db:c8:00:7b:b7:b0:8e:95:
3c:6e:3f:a8:ec:0a:66:4b:a1:2a:d1:29:bd:71:73:
fa:bf:72:fd:5a:eb:92:fd:c1:78:b0:83:e5:6d:8e:
53:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:17:59:60:46:63:27:9E:B0:BD:3D:07:E1:CE:0F:AC:11:CD:32:DD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/PBdZYEZjJ56wvT0H4c4PrBHNMt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:4b:2c:d2:24:36:db:52:7e:4e:b1:7f:5d:9c:62:3b:cb:44:
a1:c4:f5:dc:c6:35:1e:89:41:6c:38:4a:31:ea:55:fd:06:c6:
9e:15:ce:33:33:de:c9:25:9f:ef:a7:33:46:90:0b:15:3a:a4:
5b:19:ca:db:32:ba:0a:17:6a:2f:1c:42:ad:5a:b0:3d:54:5d:
e2:ec:50:9e:3b:21:3c:3c:46:7e:0d:7e:16:ed:b1:21:c1:15:
a9:8e:f6:7f:a6:c0:9b:f6:39:ae:73:db:53:bd:7b:cf:a5:e8:
64:d6:75:6d:84:85:c9:96:cd:21:f1:47:df:3d:c7:d6:1f:dd:
ed:76:b4:29:04:49:ce:59:e1:a7:3c:33:48:e3:a9:8d:b8:b4:
1e:e9:0a:a7:8b:80:79:88:e6:31:85:d8:1b:93:66:74:88:95:
a9:38:2b:13:52:44:be:8a:27:ed:8f:f8:1a:c0:71:75:8b:03:
c5:01:da:7c:d1:de:15:5e:d2:db:1a:4d:75:6c:1a:cb:06:0c:
73:ed:17:9c:55:d4:0f:e4:4c:33:90:fe:09:74:68:bb:15:42:
5a:bd:59:d5:f2:7e:36:ae:97:43:44:0f:75:09:98:82:cf:ba:
8f:82:85:d2:e8:47:f8:37:c9:1f:b1:8c:89:48:b6:cf:a8:07:
f4:64:4a:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/Ypa4LkHExQkxB3t+7IrXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAyMTExMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzE3NTk2MDQ2NjMyNzllYjBiZDNkMDdlMWNlMGZhYzExY2QzMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS2gDwdl1c4/DcaH7vojI4RXeLhK
pVYp6aFALiFopYqoxiSRl5OqXqfjJBSnTViGYYM7BW+GchLZG5nSICk8/4lgBGgr
1sL4DbisxDDe5ojoJY2bv5v2WZDUrs+ZRsnq5MyZTuTMcKXugRD2ts5bPjqBT20Z
PXusq7QN8rr3k5LUNx5GI+ke0LBQWbab7c2smP13rx0eC5IsCotRNT4zXnwalzre
JO4gr43ehW81wX8QGRzerOEs+VslUbwdXV26sViSDOhuYsFcaVg410KVLORdm2zW
n3f028gAe7ewjpU8bj+o7ApmS6Eq0Sm9cXP6v3L9WuuS/cF4sIPlbY5TzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDwXWWBGYyeesL09B+HOD6wRzTLdMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUEJkWllFWmpKNTZ3dlQwSDRjNFByQkhOTXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAVLLNIkNttSfk6xf12c
YjvLRKHE9dzGNR6JQWw4SjHqVf0Gxp4VzjMz3skln++nM0aQCxU6pFsZytsyugoX
ai8cQq1asD1UXeLsUJ47ITw8Rn4NfhbtsSHBFamO9n+mwJv2Oa5z21O9e8+l6GTW
dW2EhcmWzSHxR989x9Yf3e12tCkESc5Z4ac8M0jjqY24tB7pCqeLgHmI5jGF2BuT
ZnSIlak4KxNSRL6KJ+2P+BrAcXWLA8UB2nzR3hVe0tsaTXVsGssGDHPtF5xV1A/k
TDOQ/gl0aLsVQlq9WdXyfjaul0NED3UJmILPuo+ChdLoR/g3yR+xjIlIts+oB/Rk
Sko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org