Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S8tX3qnxE8s29bFfPxDWwcOLFRM.roa
File: S8tX3qnxE8s29bFfPxDWwcOLFRM.roa (raw, json)
Hash identifier: /XFKXNQC+PCqMSkB0Rmn2raw/+s576XwbkDzdpzW7sM=
Subject key identifier: 4B:CB:57:DE:A9:F1:13:CB:36:F5:B1:5F:3F:10:D6:C1:C3:8B:15:13
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906757145F9BE820856F0DB2D8E6C1EA44
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S8tX3qnxE8s29bFfPxDWwcOLFRM.roa
Signing time: Sun 30 Jun 2024 04:11:18 +0000
ROA not before: Sun 30 Jun 2024 04:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 30 Jun 2024 05:04:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:67:57:14:5f:9b:e8:20:85:6f:0d:b2:d8:e6:c1:ea:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 30 04:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bcb57dea9f113cb36f5b15f3f10d6c1c38b1513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:63:9e:07:4c:28:73:da:07:10:17:74:2f:5e:
a0:d7:ed:22:37:f1:52:c0:fc:e8:13:b6:c9:a6:79:
7b:2b:96:87:a0:69:71:37:45:b3:bb:87:3e:bb:e4:
75:73:80:1f:13:c3:14:74:b6:94:e5:4b:a5:7d:a1:
86:a0:a2:3e:87:32:9b:2f:87:1e:25:62:26:d2:6f:
fb:38:3e:d6:62:08:83:2f:5a:bb:27:33:b1:16:9d:
fb:48:08:23:db:9f:62:b0:c7:d3:91:99:ad:4b:fb:
e0:9e:e7:eb:10:fc:37:92:b3:b1:95:b2:58:e7:bf:
31:69:e2:5f:7b:e6:d6:37:29:3b:b8:63:cf:6d:ac:
ab:f0:7a:7f:b2:90:d5:47:1b:d0:bd:52:ae:e6:74:
11:2c:2e:36:2e:e4:d4:be:4c:fc:f9:38:80:b3:91:
52:c9:72:10:aa:04:0e:d4:da:b0:be:3c:57:fc:8d:
69:33:3a:95:dd:56:04:f3:9a:4d:d7:f4:3e:30:d3:
75:a7:a1:dd:79:6f:29:18:1c:6f:95:53:8d:cb:0a:
47:3f:94:15:60:aa:06:b4:ce:e6:61:e2:02:d5:21:
f0:8f:16:80:a4:61:f5:3d:87:02:2c:81:42:26:7d:
08:1a:c1:7e:62:f9:97:5a:61:ad:f1:7d:71:3e:8c:
b9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CB:57:DE:A9:F1:13:CB:36:F5:B1:5F:3F:10:D6:C1:C3:8B:15:13
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/S8tX3qnxE8s29bFfPxDWwcOLFRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:f0:41:64:e3:62:33:37:22:ec:a9:ff:a7:89:0a:9a:01:87:
6e:f0:7c:b8:d2:26:0e:a5:c5:1a:e6:21:b5:29:0f:cc:4e:5d:
6c:9a:64:b2:19:18:6d:e1:4f:1e:7c:f4:14:49:1a:3a:08:47:
50:b5:16:43:6a:78:66:c4:c6:7d:2b:88:1d:9e:f6:10:5a:88:
0c:f9:f0:44:ec:17:d5:25:40:b4:81:c1:06:dc:48:e2:1f:d9:
37:28:9b:bf:85:0d:22:a7:4b:c3:5c:31:1d:71:6f:b9:b0:d9:
e2:16:86:2a:53:a2:dd:59:13:6c:38:8c:67:20:59:61:96:c5:
95:0f:b2:34:92:6d:55:c0:ba:7d:50:19:45:34:c9:3f:c4:19:
05:6d:0a:e4:c7:80:dc:d6:12:23:5c:d2:9b:ca:dc:95:06:de:
2d:8a:0b:e3:e3:db:c7:9b:97:fc:aa:37:b5:8a:e1:21:9c:67:
c6:b0:96:52:2a:c2:ec:dc:e7:70:66:eb:4b:9f:c8:1a:c8:72:
ee:5b:13:e8:a6:b2:a7:f3:89:f3:88:06:f1:53:ed:f6:b5:3b:
70:71:91:37:0d:66:f3:1e:75:c9:c0:6e:f9:2a:fa:98:1e:0a:
d8:67:63:74:26:2b:66:f5:52:b3:7d:2e:eb:3b:05:c8:45:93:
1e:24:65:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBnVxRfm+gghW8NstjmwepEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjMwMDQxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNiNTdkZWE5ZjExM2NiMzZmNWIxNWYzZjEwZDZjMWMzOGIxNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmOeB0woc9oHEBd0L16g1+0iN/FS
wPzoE7bJpnl7K5aHoGlxN0Wzu4c+u+R1c4AfE8MUdLaU5UulfaGGoKI+hzKbL4ce
JWIm0m/7OD7WYgiDL1q7JzOxFp37SAgj259isMfTkZmtS/vgnufrEPw3krOxlbJY
578xaeJfe+bWNyk7uGPPbayr8Hp/spDVRxvQvVKu5nQRLC42LuTUvkz8+TiAs5FS
yXIQqgQO1NqwvjxX/I1pMzqV3VYE85pN1/Q+MNN1p6HdeW8pGBxvlVONywpHP5QV
YKoGtM7mYeIC1SHwjxaApGH1PYcCLIFCJn0IGsF+YvmXWmGt8X1xPoy5ZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEvLV96p8RPLNvWxXz8Q1sHDixUTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUzh0WDNxbnhFOHMyOWJGZlB4RFd3Y09MRlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADzwQWTjYjM3Iuyp/6eJ
CpoBh27wfLjSJg6lxRrmIbUpD8xOXWyaZLIZGG3hTx589BRJGjoIR1C1FkNqeGbE
xn0riB2e9hBaiAz58ETsF9UlQLSBwQbcSOIf2Tcom7+FDSKnS8NcMR1xb7mw2eIW
hipTot1ZE2w4jGcgWWGWxZUPsjSSbVXAun1QGUU0yT/EGQVtCuTHgNzWEiNc0pvK
3JUG3i2KC+Pj28ebl/yqN7WK4SGcZ8awllIqwuzc53Bm60ufyBrIcu5bE+imsqfz
ifOIBvFT7fa1O3BxkTcNZvMedcnAbvkq+pgeCthnY3QmK2b1UrN9Lus7BchFkx4k
ZWg=
Generated at Sun Jun 30 06:35:41 2024 by rpki-client on console-fra.rpki-client.org