Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WSiQlOKVXshgmtd5YZciRrput_8.roa
File: WSiQlOKVXshgmtd5YZciRrput_8.roa (raw, json)
Hash identifier: s6+N8QsqeaiPyTKo5PfxB15kZxz6gpQFJBHCH548HK4=
Subject key identifier: 59:28:90:94:E2:95:5E:C8:60:9A:D7:79:61:97:22:46:BA:6E:B7:FF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01907C9550458071C074A8EE98ACB6545C32
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WSiQlOKVXshgmtd5YZciRrput_8.roa
Signing time: Thu 04 Jul 2024 07:11:18 +0000
ROA not before: Thu 04 Jul 2024 07:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 Jul 2024 08:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7c:95:50:45:80:71:c0:74:a8:ee:98:ac:b6:54:5c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 4 07:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59289094e2955ec8609ad77961972246ba6eb7ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fc:78:c4:fb:96:16:01:ba:69:08:50:9d:81:
97:ad:c1:f4:96:7c:cb:5b:7d:73:a1:1a:40:f6:9b:
76:18:c8:e6:e6:6c:85:5e:24:47:a7:8e:37:86:fc:
32:24:44:e7:7f:e1:2a:3e:b5:84:bf:14:81:69:1d:
64:87:46:49:7c:39:d3:7a:46:37:ac:30:37:2c:96:
4b:8e:4a:ff:b1:dc:fb:d7:ca:70:be:5e:e7:30:05:
a8:b1:5f:8a:27:08:f3:c6:47:77:de:2e:58:ad:dd:
b6:82:9a:8b:23:a1:fe:d5:4d:ba:dd:14:46:2d:e8:
16:9c:47:97:e6:04:27:3c:bc:62:9d:97:92:4f:a1:
8f:86:75:aa:53:44:72:dc:6d:b8:a5:1b:46:32:10:
54:0c:4f:4e:da:31:90:0a:c0:03:bf:5e:4f:90:f6:
26:39:0e:ea:70:a2:9e:88:f6:49:d7:65:1a:8b:4d:
64:7d:01:15:33:df:16:7a:b6:8a:e6:4f:97:51:6e:
fb:55:8e:4a:a6:35:68:95:66:6d:48:0f:64:4a:4d:
7a:8f:dd:6b:32:88:a1:95:a4:bc:7d:4b:61:be:79:
92:96:2f:2f:7e:95:53:cf:9f:bc:a9:2e:68:06:d7:
3e:11:69:40:1c:5b:e7:ae:ba:d8:f1:3b:dd:34:78:
ce:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:28:90:94:E2:95:5E:C8:60:9A:D7:79:61:97:22:46:BA:6E:B7:FF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WSiQlOKVXshgmtd5YZciRrput_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:7a:19:eb:ce:28:15:2f:04:aa:64:70:70:41:7b:5a:d3:eb:
6d:76:9d:c9:c8:52:f6:8c:07:58:a4:54:aa:9f:d9:4c:ce:36:
de:eb:9b:e6:ef:1e:2b:e6:63:ce:c6:25:ff:1b:da:f4:15:12:
c0:ad:f7:5a:09:84:0c:52:7a:10:79:bf:46:6a:a8:bc:f7:4f:
c8:79:6b:dd:f6:63:5b:f8:53:69:a8:17:2a:33:ec:ae:87:d4:
c8:5e:ba:a5:9f:ec:5f:9b:41:dd:aa:74:3b:f7:40:e6:3a:fc:
62:d5:20:e7:a9:0d:9a:1a:4d:8f:a0:75:2b:e7:df:26:d2:f4:
f2:e3:8e:47:d0:e9:a9:fa:3b:6e:8d:a2:19:2f:ea:26:22:33:
78:e3:b3:bc:c6:ba:f5:01:50:da:14:af:f0:80:e0:0d:5e:c8:
13:50:44:92:2d:b8:c5:49:7d:eb:a8:8a:fc:1d:a2:c5:dc:6f:
bd:5f:cc:9a:93:92:b7:d4:86:3f:69:cc:0f:ba:34:23:eb:1a:
7f:71:1b:a7:ed:67:a6:4f:16:c5:d8:4a:65:a1:bb:74:f3:36:
71:6e:f1:b8:4b:db:08:f9:ce:ea:d4:ee:0f:bf:6e:f4:fd:59:
a2:4d:f7:f0:b4:48:1c:1f:d1:70:50:b6:08:78:a9:ec:4a:44:
25:c4:cc:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZB8lVBFgHHAdKjumKy2VFwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA0MDcxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTI4OTA5NGUyOTU1ZWM4NjA5YWQ3Nzk2MTk3MjI0NmJhNmViN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvx4xPuWFgG6aQhQnYGXrcH0lnzL
W31zoRpA9pt2GMjm5myFXiRHp443hvwyJETnf+EqPrWEvxSBaR1kh0ZJfDnTekY3
rDA3LJZLjkr/sdz718pwvl7nMAWosV+KJwjzxkd33i5Yrd22gpqLI6H+1U263RRG
LegWnEeX5gQnPLxinZeST6GPhnWqU0Ry3G24pRtGMhBUDE9O2jGQCsADv15PkPYm
OQ7qcKKeiPZJ12Uai01kfQEVM98WeraK5k+XUW77VY5KpjVolWZtSA9kSk16j91r
MoihlaS8fUthvnmSli8vfpVTz5+8qS5oBtc+EWlAHFvnrrrY8TvdNHjOSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFkokJTilV7IYJrXeWGXIka6brf/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV1NpUWxPS1ZYc2hnbXRkNVlaY2lScnB1dF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEt6GevOKBUvBKpkcHBB
e1rT6212ncnIUvaMB1ikVKqf2UzONt7rm+bvHivmY87GJf8b2vQVEsCt91oJhAxS
ehB5v0ZqqLz3T8h5a932Y1v4U2moFyoz7K6H1MheuqWf7F+bQd2qdDv3QOY6/GLV
IOepDZoaTY+gdSvn3ybS9PLjjkfQ6an6O26Nohkv6iYiM3jjs7zGuvUBUNoUr/CA
4A1eyBNQRJItuMVJfeuoivwdosXcb71fzJqTkrfUhj9pzA+6NCPrGn9xG6ftZ6ZP
FsXYSmWhu3TzNnFu8bhL2wj5zurU7g+/bvT9WaJN9/C0SBwf0XBQtgh4qexKRCXE
zFg=
-----END CERTIFICATE-----
Generated at Thu Jul 4 09:46:54 2024 by rpki-client on console-fra.rpki-client.org