Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qj6L_BuRwYUDFSqWZol9ter0v14.roa
File: Qj6L_BuRwYUDFSqWZol9ter0v14.roa (raw, json)
Hash identifier: jYj+zUSQ4Hwg0ndc6jGz90nPrU36hpa49QwkqqR8O0U=
Subject key identifier: 42:3E:8B:FC:1B:91:C1:85:03:15:2A:96:66:89:7D:B5:EA:F4:BF:5E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01902D9CE17CE6A0D15D590BD725A0E37E4E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qj6L_BuRwYUDFSqWZol9ter0v14.roa
Signing time: Tue 18 Jun 2024 23:09:34 +0000
ROA not before: Tue 18 Jun 2024 23:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Jun 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2d:9c:e1:7c:e6:a0:d1:5d:59:0b:d7:25:a0:e3:7e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 18 23:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=423e8bfc1b91c18503152a9666897db5eaf4bf5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ee:8d:21:bd:19:b1:7c:e0:3b:03:bd:5d:2b:
70:56:2e:68:bd:3d:ef:0b:84:c2:11:80:62:a4:04:
c2:9b:c1:45:01:e1:d4:7c:dd:91:96:05:cf:d6:ff:
4d:f3:d8:ad:5a:13:f2:48:95:84:12:82:e8:28:cf:
46:c7:7d:c8:e4:35:9d:4a:20:3a:48:6f:68:14:96:
66:48:c7:d0:47:8e:71:a0:53:01:81:fb:a8:b4:61:
5e:26:85:3e:8d:df:64:06:62:7d:e6:50:ba:71:71:
98:55:22:ea:7f:5f:d0:60:35:9f:23:78:e4:90:d9:
6e:3b:d5:11:d2:d8:54:30:bc:4d:13:db:2b:dc:4a:
1a:1e:97:76:47:51:e5:fe:57:76:78:72:c1:08:03:
02:f5:0c:ae:16:12:57:5d:2e:e5:e7:8c:b1:a8:5f:
30:dd:ed:05:f7:52:4b:b4:eb:84:8d:32:4e:e0:57:
66:b6:cb:0d:0d:9f:c6:37:ff:01:4e:9e:66:45:ba:
35:53:ce:12:24:3d:1f:28:76:2f:69:8c:87:5d:ff:
71:18:89:6d:e4:e4:f5:ef:2b:81:15:c4:97:fa:c1:
d9:f5:24:78:84:35:9c:56:76:e7:23:29:38:e2:36:
03:b7:90:76:a9:55:bd:a1:96:c1:cb:4e:bf:34:ad:
b6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3E:8B:FC:1B:91:C1:85:03:15:2A:96:66:89:7D:B5:EA:F4:BF:5E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Qj6L_BuRwYUDFSqWZol9ter0v14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:19:a5:22:f3:f8:af:7c:bb:e8:49:d1:12:ca:b4:4a:c5:fe:
72:70:47:51:73:00:6e:4f:5d:35:0b:22:5b:cd:c5:ba:12:bd:
aa:2d:b9:ad:e6:ee:f5:a9:63:81:8c:62:91:63:5e:43:93:d3:
11:3c:f3:20:b5:af:45:3f:4a:36:29:8a:32:1b:8c:d9:24:b9:
ae:d6:49:55:64:e8:c8:84:e5:a3:bd:18:43:99:24:3c:b4:5f:
b3:b4:da:b3:0f:39:a9:fd:da:30:33:19:5b:a4:34:63:d4:08:
94:68:22:b1:7e:41:d8:8f:25:de:16:7f:04:83:88:b0:ac:e3:
a6:ed:16:17:d1:7f:11:13:6d:4c:2b:38:98:6e:ce:49:c9:0e:
e8:66:c5:7f:d9:a9:34:c9:36:7e:3b:fb:14:22:2a:8b:22:2a:
64:92:33:84:30:fb:8d:50:ef:91:59:bb:69:e8:d9:45:05:cb:
f8:85:46:cc:a3:23:8d:85:c5:4a:f8:bc:9c:fb:21:fd:ce:c5:
fa:e1:4c:58:b1:36:c2:17:09:b0:a6:42:3b:7d:93:8e:4e:25:
e7:1f:eb:ec:2a:1c:b3:27:93:f4:96:19:23:c8:73:98:1a:a7:
32:46:9f:cd:82:db:bc:76:69:a2:2f:21:79:88:1a:f0:cb:8e:
8e:d8:a6:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAtnOF85qDRXVkL1yWg435OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE4MjMwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNlOGJmYzFiOTFjMTg1MDMxNTJhOTY2Njg5N2RiNWVhZjRiZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u6NIb0ZsXzgOwO9XStwVi5ovT3v
C4TCEYBipATCm8FFAeHUfN2RlgXP1v9N89itWhPySJWEEoLoKM9Gx33I5DWdSiA6
SG9oFJZmSMfQR45xoFMBgfuotGFeJoU+jd9kBmJ95lC6cXGYVSLqf1/QYDWfI3jk
kNluO9UR0thUMLxNE9sr3EoaHpd2R1Hl/ld2eHLBCAMC9QyuFhJXXS7l54yxqF8w
3e0F91JLtOuEjTJO4FdmtssNDZ/GN/8BTp5mRbo1U84SJD0fKHYvaYyHXf9xGIlt
5OT17yuBFcSX+sHZ9SR4hDWcVnbnIyk44jYDt5B2qVW9oZbBy06/NK22iwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEI+i/wbkcGFAxUqlmaJfbXq9L9eMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUWo2TF9CdVJ3WVVERlNxV1pvbDl0ZXIwdjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADkZpSLz+K98u+hJ0RLK
tErF/nJwR1FzAG5PXTULIlvNxboSvaotua3m7vWpY4GMYpFjXkOT0xE88yC1r0U/
SjYpijIbjNkkua7WSVVk6MiE5aO9GEOZJDy0X7O02rMPOan92jAzGVukNGPUCJRo
IrF+QdiPJd4WfwSDiLCs46btFhfRfxETbUwrOJhuzknJDuhmxX/ZqTTJNn47+xQi
KosiKmSSM4Qw+41Q75FZu2no2UUFy/iFRsyjI42FxUr4vJz7If3OxfrhTFixNsIX
CbCmQjt9k45OJecf6+wqHLMnk/SWGSPIc5gapzJGn82C27x2aaIvIXmIGvDLjo7Y
ppU=
-----END CERTIFICATE-----
Generated at Wed Jun 19 01:41:40 2024 by rpki-client on console-fra.rpki-client.org