Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TWiHm8TIX7qG75bCMUMS9_AY8lA.roa
File: TWiHm8TIX7qG75bCMUMS9_AY8lA.roa (raw, json)
Hash identifier: buADBlseEK5/fqjGOIKl6sxXZjBIOeHKcYT2oykLipA=
Subject key identifier: 4D:68:87:9B:C4:C8:5F:BA:86:EF:96:C2:31:43:12:F7:F0:18:F2:50
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB016E90FBC4C56329A18A4E4B8FDEB81
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TWiHm8TIX7qG75bCMUMS9_AY8lA.roa
Signing time: Sat 25 May 2024 14:10:42 +0000
ROA not before: Sat 25 May 2024 14:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 May 2024 15:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b0:16:e9:0f:bc:4c:56:32:9a:18:a4:e4:b8:fd:eb:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 14:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d68879bc4c85fba86ef96c2314312f7f018f250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:22:10:7f:b1:ce:3b:41:eb:e3:24:18:ed:f9:
bb:37:77:9f:7f:29:92:54:aa:af:4c:f1:65:5c:80:
e6:30:73:89:0b:cc:e9:ca:c3:94:da:78:d0:bf:e6:
3a:79:2a:34:2d:57:a2:ab:f0:11:dc:48:7f:62:de:
ae:ea:47:bf:3e:34:bd:76:cb:2a:bf:06:eb:8e:62:
42:00:42:22:e3:69:24:1e:55:4c:6e:cb:4b:50:7b:
89:6b:b0:46:f1:b7:75:f1:37:23:f6:64:1f:2e:08:
e3:c2:ec:3f:89:23:1d:10:17:8a:d6:07:6e:b6:23:
a2:27:b1:00:26:e2:04:0e:d5:e1:c9:e8:ff:09:a4:
9b:9a:46:56:e2:8a:98:31:a9:71:44:49:84:b4:c6:
70:61:c5:e9:79:40:23:65:be:70:8f:cc:da:6c:fb:
ab:26:35:23:6b:97:c7:3e:e1:69:ec:1e:04:a2:29:
a5:34:85:5a:30:64:54:20:a6:f4:2e:e6:bb:f2:61:
36:13:1e:d7:a2:fa:8c:fc:2a:5c:21:94:4a:cb:26:
5d:64:bb:fe:95:7e:e4:6e:e2:be:40:f7:6c:2a:c3:
20:93:50:d3:24:c1:5e:de:b1:7c:fc:10:37:25:b4:
b7:1e:2f:c5:3a:c5:96:a7:72:23:9a:96:b0:74:9f:
41:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:68:87:9B:C4:C8:5F:BA:86:EF:96:C2:31:43:12:F7:F0:18:F2:50
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TWiHm8TIX7qG75bCMUMS9_AY8lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:61:95:4e:9a:05:48:47:5d:d1:5d:12:e5:32:b1:e4:79:b8:
26:80:5e:e2:8e:50:49:19:f1:16:51:c2:ce:a2:6d:3f:b6:27:
a3:71:89:61:ec:6e:c0:0b:e0:8b:c7:01:15:30:63:fe:69:8b:
94:f6:a5:64:b4:4c:75:ea:14:10:64:a3:bd:ef:06:8a:e7:33:
6e:a0:4a:79:ba:ae:7c:a1:38:51:12:8c:5d:38:76:3b:29:86:
1c:9e:17:11:dd:46:fe:ae:9f:cc:5e:37:23:85:fd:13:49:17:
30:2a:0f:da:67:47:a7:6c:01:4f:45:6f:17:64:45:30:07:2c:
41:13:d4:5b:7e:ab:e1:13:4d:e6:3e:da:6d:9e:dc:f7:0e:6d:
bd:05:60:c4:af:fe:fb:d4:05:21:93:77:8b:23:7e:1c:a9:3b:
f3:9c:f1:31:a9:7b:40:41:01:f9:4c:29:fa:34:b0:4f:7d:f7:
a7:58:f2:13:40:48:a8:f1:78:fe:60:69:00:02:9c:87:d2:21:
a8:a2:f0:b3:0a:c2:66:6b:a5:51:0e:78:49:3c:7e:af:7c:c9:
51:bc:e7:33:10:85:7f:30:4f:e1:f9:5d:79:62:0b:e6:f5:be:
63:e6:89:4f:42:8e:62:30:f2:d9:2d:19:6e:fb:17:84:9e:c0:
d4:d6:c1:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+wFukPvExWMpoYpOS4/euBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MTQxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY4ODc5YmM0Yzg1ZmJhODZlZjk2YzIzMTQzMTJmN2YwMThmMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviIQf7HOO0Hr4yQY7fm7N3effymS
VKqvTPFlXIDmMHOJC8zpysOU2njQv+Y6eSo0LVeiq/AR3Eh/Yt6u6ke/PjS9dssq
vwbrjmJCAEIi42kkHlVMbstLUHuJa7BG8bd18Tcj9mQfLgjjwuw/iSMdEBeK1gdu
tiOiJ7EAJuIEDtXhyej/CaSbmkZW4oqYMalxREmEtMZwYcXpeUAjZb5wj8zabPur
JjUja5fHPuFp7B4EoimlNIVaMGRUIKb0Lua78mE2Ex7XovqM/CpcIZRKyyZdZLv+
lX7kbuK+QPdsKsMgk1DTJMFe3rF8/BA3JbS3Hi/FOsWWp3IjmpawdJ9B0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE1oh5vEyF+6hu+WwjFDEvfwGPJQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVFdpSG04VElYN3FHNzViQ01VTVM5X0FZOGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGFhlU6aBUhHXdFdEuUy
seR5uCaAXuKOUEkZ8RZRws6ibT+2J6NxiWHsbsAL4IvHARUwY/5pi5T2pWS0THXq
FBBko73vBornM26gSnm6rnyhOFESjF04djsphhyeFxHdRv6un8xeNyOF/RNJFzAq
D9pnR6dsAU9FbxdkRTAHLEET1Ft+q+ETTeY+2m2e3PcObb0FYMSv/vvUBSGTd4sj
fhypO/Oc8TGpe0BBAflMKfo0sE9996dY8hNASKjxeP5gaQACnIfSIaii8LMKwmZr
pVEOeEk8fq98yVG85zMQhX8wT+H5XXliC+b1vmPmiU9CjmIw8tktGW77F4SewNTW
wfI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:15 2024 by rpki-client on console-ams.rpki-client.org