Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QXYmPvrMwz6SbOV7ssCbffH_rTw.roa
File: QXYmPvrMwz6SbOV7ssCbffH_rTw.roa (raw, json)
Hash identifier: NBSoJ1zvE2ed8TpOrKx5HoTa2WF099hemFEN4rZ7pac=
Subject key identifier: 41:76:26:3E:FA:CC:C3:3E:92:6C:E5:7B:B2:C0:9B:7D:F1:FF:AD:3C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01904ACD6A1CD00D6D45DEFC32714A00C13A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QXYmPvrMwz6SbOV7ssCbffH_rTw.roa
Signing time: Mon 24 Jun 2024 15:11:34 +0000
ROA not before: Mon 24 Jun 2024 15:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 16:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:cd:6a:1c:d0:0d:6d:45:de:fc:32:71:4a:00:c1:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 24 15:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4176263efaccc33e926ce57bb2c09b7df1ffad3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6e:64:e3:86:bc:e4:43:d7:34:72:3e:6a:46:
61:e9:66:26:01:93:ce:20:6f:37:e3:2f:b3:04:e4:
29:24:24:53:43:2c:b8:93:19:c0:86:f2:d3:5a:b5:
6b:4b:1d:22:03:5d:b1:55:2a:96:ab:3d:68:66:4c:
94:92:a3:a4:e1:6d:8e:36:a2:bc:2c:76:28:19:2a:
90:b4:71:11:01:64:76:56:2c:c9:67:8f:79:b6:2f:
01:4f:74:90:d0:dd:6e:ae:e3:d0:1e:06:df:85:2a:
a2:24:a2:3a:d9:e8:89:2a:f6:76:50:b6:ba:de:43:
20:c0:af:19:33:fb:2a:02:8c:21:a3:11:c6:95:12:
cf:38:42:1a:07:29:45:9c:84:59:ff:84:63:77:17:
a9:0a:76:16:60:e3:1f:6e:34:15:63:dc:7b:55:fb:
6f:52:4d:75:dc:68:ef:c4:15:d0:9e:51:c5:a3:9b:
59:16:29:9f:28:94:dc:a5:8d:eb:5a:0a:cb:7d:6e:
52:28:3e:fb:2a:77:2d:71:f5:5d:6a:a5:d3:24:89:
58:11:c5:c9:5a:c6:dc:cb:17:e2:19:db:a7:f9:be:
c1:98:b5:34:27:41:a9:e0:33:a4:4c:f1:f0:00:78:
81:de:1d:8e:7a:6d:50:fa:0f:5c:65:bd:9f:5d:e5:
50:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:76:26:3E:FA:CC:C3:3E:92:6C:E5:7B:B2:C0:9B:7D:F1:FF:AD:3C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QXYmPvrMwz6SbOV7ssCbffH_rTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:e9:dd:b5:e5:9f:88:e5:5c:bf:62:3c:3b:7d:9c:38:e4:1b:
69:de:95:b3:30:25:47:d3:f7:5e:95:3a:5a:46:0a:51:6c:16:
80:36:a7:0f:6a:b9:4a:09:67:09:d1:5c:a6:3d:7d:1a:ba:8f:
64:d7:df:75:c3:47:3c:23:15:ca:30:1b:79:9b:73:08:63:b7:
6c:dc:7b:e9:1c:66:96:e9:82:49:92:2d:c1:91:d2:e6:23:f2:
2b:21:47:19:2e:5e:d6:ba:17:1a:3b:39:9f:ce:1a:00:78:02:
65:d6:26:c9:09:d0:5c:6d:3c:96:e4:7d:a9:4d:eb:a1:5e:42:
b0:e1:75:59:91:6c:97:16:7c:af:a0:a5:31:60:b0:20:0e:74:
51:8d:c3:84:b3:d7:86:3e:c7:da:bf:b7:4b:0e:5b:14:89:ab:
ec:5f:39:c5:eb:6a:4e:4e:6a:c7:7a:68:40:39:3b:91:cc:e4:
d3:1e:85:92:07:ed:58:e9:73:6f:5c:f6:b0:66:76:22:44:37:
a3:19:7e:82:bd:7a:d1:cc:48:90:1a:1b:fb:ce:60:10:49:2a:
8d:88:d7:18:9f:dc:6b:1c:f7:df:9b:35:e6:7a:13:2e:f8:a1:
ce:a5:58:0b:f9:e1:e2:08:23:e5:28:e5:fc:f2:16:16:aa:5b:
a9:d0:72:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBKzWoc0A1tRd78MnFKAME6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI0MTUxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc2MjYzZWZhY2NjMzNlOTI2Y2U1N2JiMmMwOWI3ZGYxZmZhZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW5k44a85EPXNHI+akZh6WYmAZPO
IG834y+zBOQpJCRTQyy4kxnAhvLTWrVrSx0iA12xVSqWqz1oZkyUkqOk4W2ONqK8
LHYoGSqQtHERAWR2VizJZ495ti8BT3SQ0N1uruPQHgbfhSqiJKI62eiJKvZ2ULa6
3kMgwK8ZM/sqAowhoxHGlRLPOEIaBylFnIRZ/4RjdxepCnYWYOMfbjQVY9x7Vftv
Uk113GjvxBXQnlHFo5tZFimfKJTcpY3rWgrLfW5SKD77KnctcfVdaqXTJIlYEcXJ
WsbcyxfiGdun+b7BmLU0J0Gp4DOkTPHwAHiB3h2Oem1Q+g9cZb2fXeVQrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEF2Jj76zMM+kmzle7LAm33x/608MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUVhZbVB2ck13ejZTYk9WN3NzQ2JmZkhfclR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGfp3bXln4jlXL9iPDt9
nDjkG2nelbMwJUfT916VOlpGClFsFoA2pw9quUoJZwnRXKY9fRq6j2TX33XDRzwj
FcowG3mbcwhjt2zce+kcZpbpgkmSLcGR0uYj8ishRxkuXta6Fxo7OZ/OGgB4AmXW
JskJ0FxtPJbkfalN66FeQrDhdVmRbJcWfK+gpTFgsCAOdFGNw4Sz14Y+x9q/t0sO
WxSJq+xfOcXrak5Oasd6aEA5O5HM5NMehZIH7Vjpc29c9rBmdiJEN6MZfoK9etHM
SJAaG/vOYBBJKo2I1xif3Gsc99+bNeZ6Ey74oc6lWAv54eIII+Uo5fzyFhaqW6nQ
cs0=
-----END CERTIFICATE-----
Generated at Mon Jun 24 18:51:12 2024 by rpki-client on console-fra.rpki-client.org