Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QlOOFFdf5rCmnw1vVjare2_AxQ0.roa
File: QlOOFFdf5rCmnw1vVjare2_AxQ0.roa (raw, json)
Hash identifier: dBb8pMSBfyqr9/+L8YmEORsmDsQdapUDC6B9Y0vpY64=
Subject key identifier: 42:53:8E:14:57:5F:E6:B0:A6:9F:0D:6F:56:36:AB:7B:6F:C0:C5:0D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FAC3B0EF2F0616AEF52DDE3FAAAE39E1B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QlOOFFdf5rCmnw1vVjare2_AxQ0.roa
Signing time: Fri 24 May 2024 20:11:42 +0000
ROA not before: Fri 24 May 2024 20:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 May 2024 21:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ac:3b:0e:f2:f0:61:6a:ef:52:dd:e3:fa:aa:e3:9e:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 24 20:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42538e14575fe6b0a69f0d6f5636ab7b6fc0c50d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b1:1f:6c:21:71:ab:be:d7:b8:42:41:0b:b3:
8e:be:bf:98:3a:37:10:bb:c6:2f:12:aa:23:6c:df:
78:71:60:fb:e2:0f:d9:2e:c5:71:71:cf:1e:cd:d9:
07:4a:98:15:02:32:ff:f1:7c:3b:fd:bc:a4:ab:e7:
08:f2:5c:01:9a:a0:e4:95:8f:d8:38:8c:ba:8a:e0:
68:0c:8d:8c:a1:3c:cc:40:b7:9d:4c:cf:fe:85:3c:
94:8a:a9:1d:c1:a7:3e:e4:fb:c4:65:05:35:6d:62:
87:24:92:f9:05:b7:04:fb:54:5a:54:c5:87:83:4b:
1a:6b:78:70:ea:b9:04:22:38:06:1a:64:1e:35:4e:
52:f9:fe:af:f4:70:1e:0f:bb:ab:06:b3:cc:06:09:
6c:1c:bd:05:8d:b1:3d:cd:77:6f:a6:f3:d9:4f:fb:
6e:01:7a:3a:0a:c6:e6:65:89:ea:e4:9b:0b:27:ba:
87:be:dc:3e:6d:60:10:1f:51:66:fd:1a:ad:06:c8:
09:aa:69:1a:6b:ee:f3:9b:eb:0e:b0:56:3f:ab:1e:
ce:69:5e:26:b1:e5:93:51:15:c4:b9:5a:cf:9d:b4:
14:a1:12:a5:6e:66:1d:06:64:77:2e:0e:7b:73:82:
0e:8c:06:18:f1:6e:8d:fd:0b:2f:ac:71:29:82:6a:
73:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:53:8E:14:57:5F:E6:B0:A6:9F:0D:6F:56:36:AB:7B:6F:C0:C5:0D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QlOOFFdf5rCmnw1vVjare2_AxQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:5f:e6:55:2c:ae:62:b1:4b:aa:6b:d5:4d:0d:5f:bf:5e:51:
b6:d6:8e:c3:a5:a9:18:15:1f:50:91:a2:9f:4b:74:82:bd:a8:
37:9f:08:33:63:91:22:e5:6f:92:ad:f5:9a:66:e9:29:24:77:
67:d3:ee:2c:68:51:2e:38:e7:66:23:f6:62:9c:4a:54:d6:cd:
d2:5b:7f:db:b9:3f:bb:60:74:5e:9a:2b:bf:73:13:85:63:c7:
4f:af:77:a4:a4:c2:3f:3b:c9:8e:a3:53:b2:45:e2:d6:d5:2f:
d2:0a:b9:53:c3:6d:ac:6b:1a:b0:47:cb:96:ca:42:ce:be:ad:
70:20:1f:f2:43:fd:18:cf:4b:70:b0:21:6b:2c:2d:65:44:be:
0f:c5:7a:2f:02:10:41:29:f9:15:64:55:d3:3d:aa:8d:1f:f3:
62:66:b8:f4:50:30:fd:08:d7:7b:72:38:53:e6:02:0f:ff:1b:
20:52:3b:f7:fb:bf:f6:0b:c6:c9:f2:57:47:ba:3d:56:c9:71:
1a:77:fe:b9:99:4c:de:43:5b:f4:fb:cb:78:86:67:18:29:8c:
4b:51:6e:e5:4f:07:d9:8a:04:88:86:14:1c:36:24:8b:30:65:
b6:ce:19:fa:e0:31:e8:c2:2a:7b:19:26:08:44:64:8b:cc:95:
b7:3e:0d:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+sOw7y8GFq71Ld4/qq454bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI0MjAxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjUzOGUxNDU3NWZlNmIwYTY5ZjBkNmY1NjM2YWI3YjZmYzBjNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7EfbCFxq77XuEJBC7OOvr+YOjcQ
u8YvEqojbN94cWD74g/ZLsVxcc8ezdkHSpgVAjL/8Xw7/bykq+cI8lwBmqDklY/Y
OIy6iuBoDI2MoTzMQLedTM/+hTyUiqkdwac+5PvEZQU1bWKHJJL5BbcE+1RaVMWH
g0saa3hw6rkEIjgGGmQeNU5S+f6v9HAeD7urBrPMBglsHL0FjbE9zXdvpvPZT/tu
AXo6CsbmZYnq5JsLJ7qHvtw+bWAQH1Fm/RqtBsgJqmkaa+7zm+sOsFY/qx7OaV4m
seWTURXEuVrPnbQUoRKlbmYdBmR3Lg57c4IOjAYY8W6N/QsvrHEpgmpzPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJTjhRXX+awpp8Nb1Y2q3tvwMUNMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUWxPT0ZGZGY1ckNtbncxdlZqYXJlMl9BeFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1f5lUsrmKxS6pr1U0N
X79eUbbWjsOlqRgVH1CRop9LdIK9qDefCDNjkSLlb5Kt9Zpm6Skkd2fT7ixoUS44
52Yj9mKcSlTWzdJbf9u5P7tgdF6aK79zE4Vjx0+vd6Skwj87yY6jU7JF4tbVL9IK
uVPDbaxrGrBHy5bKQs6+rXAgH/JD/RjPS3CwIWssLWVEvg/Fei8CEEEp+RVkVdM9
qo0f82JmuPRQMP0I13tyOFPmAg//GyBSO/f7v/YLxsnyV0e6PVbJcRp3/rmZTN5D
W/T7y3iGZxgpjEtRbuVPB9mKBIiGFBw2JIswZbbOGfrgMejCKnsZJghEZIvMlbc+
DUo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org