Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TCFUM7MRmRn8qm6vTF-00Z3kEVM.roa
File: TCFUM7MRmRn8qm6vTF-00Z3kEVM.roa (raw, json)
Hash identifier: ZZhESqbiEEfPgjmCpbupQHf8aJHlx6EUqpx775bqePg=
Subject key identifier: 4C:21:54:33:B3:11:99:19:FC:AA:6E:AF:4C:5F:B4:D1:9D:E4:11:53
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC668B77D70C4830294C4D48108375DDE
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TCFUM7MRmRn8qm6vTF-00Z3kEVM.roa
Signing time: Wed 29 May 2024 22:11:42 +0000
ROA not before: Wed 29 May 2024 22:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 23:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c6:68:b7:7d:70:c4:83:02:94:c4:d4:81:08:37:5d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 29 22:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c215433b3119919fcaa6eaf4c5fb4d19de41153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:be:7f:f7:9f:5e:e8:7c:06:36:35:e8:db:88:
81:19:9b:13:ff:f7:21:1b:f3:56:92:a3:d1:2d:d0:
f8:06:2d:23:54:5d:89:07:99:e7:de:2d:49:6b:c6:
ad:1c:3c:33:ae:89:ab:a6:f2:c0:25:62:b5:02:bd:
bd:d1:d9:a9:91:70:df:88:59:09:9f:4a:88:be:09:
b1:4f:e6:41:37:c9:31:f5:58:e7:16:36:aa:44:9a:
63:55:01:25:2d:4d:3d:6d:70:ed:e0:88:7c:d7:47:
cd:80:19:cb:1a:94:34:97:ad:e3:d4:02:29:86:9b:
1b:8b:6f:2f:17:fa:cf:0b:87:6c:a1:b7:b0:7b:6c:
f3:0e:f9:e9:e8:b7:a3:bc:f3:37:05:06:f1:65:cf:
d2:0e:86:46:8f:63:5b:aa:a6:fe:b0:ee:f9:1c:f6:
1b:a7:39:da:e4:38:16:de:c1:88:84:ad:b0:94:e8:
ba:56:ff:78:aa:7a:41:5e:e3:d3:c1:cc:5f:7e:2f:
63:6b:86:40:0d:32:c1:ed:ad:69:d5:32:67:62:89:
a5:d1:be:58:ce:8e:58:eb:d7:79:94:a2:a8:86:4d:
b6:7a:31:1d:d3:d6:15:44:cc:68:33:70:4e:15:cd:
94:4f:e6:4e:f0:82:fc:53:85:5e:70:0c:f9:02:d1:
08:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:21:54:33:B3:11:99:19:FC:AA:6E:AF:4C:5F:B4:D1:9D:E4:11:53
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TCFUM7MRmRn8qm6vTF-00Z3kEVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:57:a0:09:37:be:1f:09:be:7a:31:5c:cc:b1:26:58:80:9c:
cc:2f:d7:7b:8e:db:3c:c8:de:a8:2c:c1:7a:12:00:24:b7:83:
a8:30:61:ae:00:02:db:78:c9:6c:3c:e6:a6:b0:41:91:67:f7:
b1:9c:1e:d1:12:53:b9:83:3b:97:eb:64:d4:08:06:bc:a3:ff:
9e:7f:ae:cc:4a:27:b4:7f:3c:58:4b:a3:e3:a9:21:79:2c:72:
9d:0e:40:b1:77:fb:42:89:d7:14:32:fb:f5:e2:ae:d6:40:81:
60:80:1c:b4:33:30:e8:dd:20:3a:85:e8:d7:2b:fa:7c:a1:e5:
d4:49:b1:96:c2:96:d7:43:c4:f4:d8:c9:2e:b7:c7:09:db:e0:
87:4c:8c:42:57:d4:f3:e8:6c:59:21:c0:f5:0d:b2:39:40:cf:
63:0d:b5:d7:b9:10:80:0f:a6:55:58:c9:41:7f:73:d9:64:bc:
ee:00:cb:4f:ef:7f:09:78:1c:42:b3:d1:78:b4:93:d9:0f:f5:
26:8e:89:1e:72:fb:10:c9:68:df:13:8f:35:67:8f:c7:ac:57:
98:f8:91:86:89:85:e7:ac:b4:43:a6:87:fd:cd:07:e6:8d:6c:
cc:a9:8b:4c:ce:3a:64:b5:2e:4d:a6:2e:ef:30:f6:cd:ec:8b:
cb:bb:86:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/GaLd9cMSDApTE1IEIN13eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI5MjIxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzIxNTQzM2IzMTE5OTE5ZmNhYTZlYWY0YzVmYjRkMTlkZTQxMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8L5/959e6HwGNjXo24iBGZsT//ch
G/NWkqPRLdD4Bi0jVF2JB5nn3i1Ja8atHDwzromrpvLAJWK1Ar290dmpkXDfiFkJ
n0qIvgmxT+ZBN8kx9VjnFjaqRJpjVQElLU09bXDt4Ih810fNgBnLGpQ0l63j1AIp
hpsbi28vF/rPC4dsobewe2zzDvnp6LejvPM3BQbxZc/SDoZGj2Nbqqb+sO75HPYb
pzna5DgW3sGIhK2wlOi6Vv94qnpBXuPTwcxffi9ja4ZADTLB7a1p1TJnYoml0b5Y
zo5Y69d5lKKohk22ejEd09YVRMxoM3BOFc2UT+ZO8IL8U4VecAz5AtEIzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEwhVDOzEZkZ/Kpur0xftNGd5BFTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVENGVU03TVJtUm44cW02dlRGLTAwWjNrRVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJVXoAk3vh8JvnoxXMyx
JliAnMwv13uO2zzI3qgswXoSACS3g6gwYa4AAtt4yWw85qawQZFn97GcHtESU7mD
O5frZNQIBryj/55/rsxKJ7R/PFhLo+OpIXkscp0OQLF3+0KJ1xQy+/XirtZAgWCA
HLQzMOjdIDqF6Ncr+nyh5dRJsZbCltdDxPTYyS63xwnb4IdMjEJX1PPobFkhwPUN
sjlAz2MNtde5EIAPplVYyUF/c9lkvO4Ay0/vfwl4HEKz0Xi0k9kP9SaOiR5y+xDJ
aN8TjzVnj8esV5j4kYaJheestEOmh/3NB+aNbMypi0zOOmS1Lk2mLu8w9s3si8u7
hog=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org