Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TkpToXOpSD_C6OxqJd4GR7NGAHU.roa
File: TkpToXOpSD_C6OxqJd4GR7NGAHU.roa (raw, json)
Hash identifier: OiMowMVL21bHBYSmz4Ha0UF55oxfVYcIvCcdp+yYYuE=
Subject key identifier: 4E:4A:53:A1:73:A9:48:3F:C2:E8:EC:6A:25:DE:06:47:B3:46:00:75
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FADBB9411C7E5C6C463D79B9BBFB75DA2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TkpToXOpSD_C6OxqJd4GR7NGAHU.roa
Signing time: Sat 25 May 2024 03:11:42 +0000
ROA not before: Sat 25 May 2024 03:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 May 2024 04:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ad:bb:94:11:c7:e5:c6:c4:63:d7:9b:9b:bf:b7:5d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 25 03:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e4a53a173a9483fc2e8ec6a25de0647b3460075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c7:96:85:46:0c:4c:6d:47:57:4f:83:da:b1:
37:bf:4f:3e:0a:93:37:d3:45:16:1c:a2:60:58:76:
3a:8d:f8:87:be:40:f2:ba:0c:1c:db:74:37:b2:71:
c9:70:d4:64:bd:46:15:43:98:7f:4f:90:88:bf:39:
89:0c:6c:04:33:95:50:35:d4:2c:b1:34:20:9b:2c:
b7:3a:d0:8d:e0:2a:f3:54:4f:22:91:1c:09:5c:cc:
db:e2:d9:0c:16:8e:e6:79:3b:81:bd:fe:76:1d:4c:
77:38:5d:99:25:a7:36:84:fc:10:be:c8:52:1a:9d:
fd:fa:b9:74:9e:4a:5a:31:c1:63:83:8e:57:c8:8d:
35:91:c5:23:c9:3b:43:37:80:de:fe:3b:70:f5:37:
81:07:f0:0f:30:14:a1:9e:dc:cc:26:8d:82:cc:06:
56:0e:fa:21:d4:e2:24:08:e1:02:7b:96:61:32:e1:
6f:6c:3f:12:f6:de:26:c9:8e:8e:96:f7:f7:78:da:
7a:e9:2a:09:f5:90:80:9f:65:27:44:17:0f:96:d0:
9b:2d:bb:64:40:5f:af:8d:41:c6:ef:07:6b:ed:28:
47:25:8d:9d:be:37:09:f7:71:b5:c0:96:9e:e8:ed:
bf:0d:3b:93:d3:a9:bf:31:b1:fc:df:16:53:7d:72:
87:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4A:53:A1:73:A9:48:3F:C2:E8:EC:6A:25:DE:06:47:B3:46:00:75
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/TkpToXOpSD_C6OxqJd4GR7NGAHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:86:83:03:12:1b:b0:54:c3:0a:00:8a:4c:fa:b0:7d:0f:a2:
25:d1:d3:21:8b:99:96:08:f7:5d:b9:24:d2:82:1a:0c:dc:70:
d8:f2:67:a8:93:3a:ce:c2:33:8e:74:b6:84:61:38:74:f2:ee:
33:e0:ea:f2:15:c0:5a:ac:12:8e:ff:dc:72:17:c8:c3:f4:4c:
9d:c9:ff:a5:17:f6:d4:c2:fd:23:fd:be:c6:e9:d7:b6:0b:97:
96:67:22:e8:4c:32:5a:4e:97:f4:1a:ee:75:1a:13:bc:fc:83:
88:74:c3:c3:b2:d0:49:2f:39:be:58:f2:85:d0:77:96:38:a7:
14:20:79:72:50:a0:3d:f5:b3:4a:91:df:2e:17:7e:d4:f3:b9:
5b:02:bd:13:aa:eb:f1:aa:24:58:61:62:c1:fe:ac:80:04:46:
f5:08:b2:60:65:64:aa:c2:7e:ae:1f:69:f6:52:45:cc:b1:f4:
c9:fa:b3:67:fb:7b:f5:ff:78:0b:fa:0a:59:e3:a5:5e:54:a8:
a9:db:5f:34:18:a3:67:3f:3d:c7:87:e2:74:a9:9b:fe:73:06:
4c:2c:5e:22:2c:e4:fa:0d:ae:7a:67:c5:04:f3:fc:14:55:35:
b9:5d:03:69:1e:7c:ae:5b:a3:64:d2:4c:d2:bc:a6:92:6b:31:
ed:16:03:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+tu5QRx+XGxGPXm5u/t12iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI1MDMxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTRhNTNhMTczYTk0ODNmYzJlOGVjNmEyNWRlMDY0N2IzNDYwMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8eWhUYMTG1HV0+D2rE3v08+CpM3
00UWHKJgWHY6jfiHvkDyugwc23Q3snHJcNRkvUYVQ5h/T5CIvzmJDGwEM5VQNdQs
sTQgmyy3OtCN4CrzVE8ikRwJXMzb4tkMFo7meTuBvf52HUx3OF2ZJac2hPwQvshS
Gp39+rl0nkpaMcFjg45XyI01kcUjyTtDN4De/jtw9TeBB/APMBShntzMJo2CzAZW
Dvoh1OIkCOECe5ZhMuFvbD8S9t4myY6Olvf3eNp66SoJ9ZCAn2UnRBcPltCbLbtk
QF+vjUHG7wdr7ShHJY2dvjcJ93G1wJae6O2/DTuT06m/MbH83xZTfXKHDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE5KU6FzqUg/wujsaiXeBkezRgB1MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVGtwVG9YT3BTRF9DNk94cUpkNEdSN05HQUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIWGgwMSG7BUwwoAikz6
sH0PoiXR0yGLmZYI9125JNKCGgzccNjyZ6iTOs7CM450toRhOHTy7jPg6vIVwFqs
Eo7/3HIXyMP0TJ3J/6UX9tTC/SP9vsbp17YLl5ZnIuhMMlpOl/Qa7nUaE7z8g4h0
w8Oy0EkvOb5Y8oXQd5Y4pxQgeXJQoD31s0qR3y4XftTzuVsCvROq6/GqJFhhYsH+
rIAERvUIsmBlZKrCfq4fafZSRcyx9Mn6s2f7e/X/eAv6ClnjpV5UqKnbXzQYo2c/
PceH4nSpm/5zBkwsXiIs5PoNrnpnxQTz/BRVNbldA2kefK5bo2TSTNK8ppJrMe0W
A9k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org