Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UF09SDzutaH8xjetIVG2447ThI8.roa
File: UF09SDzutaH8xjetIVG2447ThI8.roa (raw, json)
Hash identifier: ZNJ3BwE7Y1b8dR0gFE1yNYkU7LQOm7BsGb+fwBFBTQY=
Subject key identifier: 50:5D:3D:48:3C:EE:B5:A1:FC:C6:37:AD:21:51:B6:E3:8E:D3:84:8F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FCE211CEAAB8F4D4F1EB5D20FC8A83689
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UF09SDzutaH8xjetIVG2447ThI8.roa
Signing time: Fri 31 May 2024 10:10:27 +0000
ROA not before: Fri 31 May 2024 10:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 May 2024 11:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:21:1c:ea:ab:8f:4d:4f:1e:b5:d2:0f:c8:a8:36:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 31 10:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=505d3d483ceeb5a1fcc637ad2151b6e38ed3848f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f6:a5:14:bf:ed:bd:57:7e:ec:2b:a2:78:9b:
5c:b6:0d:f9:5a:87:88:c8:23:51:1e:a0:bd:a4:f1:
58:58:01:8b:ca:4a:93:41:0b:22:35:98:0e:d0:a3:
60:53:17:03:0a:91:89:5c:5f:d8:a7:0c:b1:08:46:
f7:20:c6:96:53:74:15:6f:82:74:82:84:dc:1e:d1:
ac:98:f8:f2:25:44:06:68:99:b4:c3:a2:8e:f3:48:
fb:fa:51:9d:7d:7c:d9:73:65:c8:11:20:b6:19:b0:
4f:41:45:c5:2f:03:7e:85:29:69:e9:06:ac:6a:35:
08:58:4e:9b:36:fa:a4:1f:5a:db:52:27:09:08:4d:
2b:dc:2c:b5:f2:cf:04:7c:a2:05:37:e7:9f:df:48:
ed:8f:cc:86:38:ce:e0:c4:f5:44:ad:c7:44:11:cc:
d8:a0:b6:62:fc:75:55:70:b9:80:17:fc:13:d8:df:
43:28:e1:cb:1d:97:96:33:21:a6:82:00:70:e9:55:
9d:5f:81:ed:48:81:f4:2b:be:0a:ef:9d:d4:6d:55:
c1:c4:11:b8:e5:e4:e5:9f:8b:d8:90:0f:25:fd:3f:
97:ac:a4:24:41:0c:e7:12:77:ee:cc:ba:d2:36:53:
d4:78:6e:0b:11:b8:76:37:2d:cd:93:d4:c9:b8:80:
8e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5D:3D:48:3C:EE:B5:A1:FC:C6:37:AD:21:51:B6:E3:8E:D3:84:8F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UF09SDzutaH8xjetIVG2447ThI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:63:fd:ea:47:f1:65:9c:3a:b7:3a:fd:88:c2:b3:5a:86:08:
1e:2a:c5:87:0f:56:1c:67:24:b9:ab:0d:1b:f2:35:04:c2:8c:
36:ad:dd:00:48:64:ea:e0:26:b0:76:ae:da:fe:23:14:48:ee:
fc:8a:54:d3:1c:1e:19:80:7d:f4:1b:77:08:b7:d9:0d:60:8c:
c4:b3:1d:33:3a:ea:3b:1a:54:23:35:4c:59:ab:30:b5:22:a4:
c9:8c:fc:c5:75:67:e1:2e:f5:8b:0d:cb:af:b8:09:92:ce:60:
67:c7:25:d3:af:0f:e1:57:9e:0e:03:e4:f8:42:ab:fd:eb:b7:
01:89:05:88:6a:79:18:65:1b:8f:23:e2:18:45:c8:a7:f7:ef:
b8:ff:52:3f:fc:34:da:e6:39:81:29:e6:8f:c7:19:a8:9b:bc:
e1:af:7e:b9:a3:20:d0:61:36:32:28:f6:35:ed:41:bf:cc:a8:
00:23:3c:cc:a9:72:1c:43:43:1b:6d:dd:63:9d:85:c4:f4:e9:
4b:78:b9:6b:13:cb:8d:39:a2:0d:ce:1b:55:b4:0d:44:0b:10:
c0:0d:cc:02:60:e2:51:74:82:7b:8b:64:e6:29:d2:9c:0d:c0:
ca:c0:41:1a:9f:8e:28:99:77:23:02:30:d6:9d:88:00:9d:05:
42:10:4a:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/OIRzqq49NTx610g/IqDaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMxMTAxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDVkM2Q0ODNjZWViNWExZmNjNjM3YWQyMTUxYjZlMzhlZDM4NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/alFL/tvVd+7CuieJtctg35WoeI
yCNRHqC9pPFYWAGLykqTQQsiNZgO0KNgUxcDCpGJXF/YpwyxCEb3IMaWU3QVb4J0
goTcHtGsmPjyJUQGaJm0w6KO80j7+lGdfXzZc2XIESC2GbBPQUXFLwN+hSlp6Qas
ajUIWE6bNvqkH1rbUicJCE0r3Cy18s8EfKIFN+ef30jtj8yGOM7gxPVErcdEEczY
oLZi/HVVcLmAF/wT2N9DKOHLHZeWMyGmggBw6VWdX4HtSIH0K74K753UbVXBxBG4
5eTln4vYkA8l/T+XrKQkQQznEnfuzLrSNlPUeG4LEbh2Ny3Nk9TJuICONQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFBdPUg87rWh/MY3rSFRtuOO04SPMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVUYwOVNEenV0YUg4eGpldElWRzI0NDdUaEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEFj/epH8WWcOrc6/YjC
s1qGCB4qxYcPVhxnJLmrDRvyNQTCjDat3QBIZOrgJrB2rtr+IxRI7vyKVNMcHhmA
ffQbdwi32Q1gjMSzHTM66jsaVCM1TFmrMLUipMmM/MV1Z+Eu9YsNy6+4CZLOYGfH
JdOvD+FXng4D5PhCq/3rtwGJBYhqeRhlG48j4hhFyKf377j/Uj/8NNrmOYEp5o/H
GaibvOGvfrmjINBhNjIo9jXtQb/MqAAjPMypchxDQxtt3WOdhcT06Ut4uWsTy405
og3OG1W0DUQLEMANzAJg4lF0gnuLZOYp0pwNwMrAQRqfjiiZdyMCMNadiACdBUIQ
SnY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org