Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X_nwuEciGxVGEKOs8EGy-set5IU.roa
File: X_nwuEciGxVGEKOs8EGy-set5IU.roa (raw, json)
Hash identifier: QvvIPK755sQ4Sewf4kQwAbb4suiq8MErlitLqFM9ZCM=
Subject key identifier: 5F:F9:F0:B8:47:22:1B:15:46:10:A3:AC:F0:41:B2:FA:C7:AD:E4:85
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019048DE1D85B4C4B59A773A31A47383F26D
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X_nwuEciGxVGEKOs8EGy-set5IU.roa
Signing time: Mon 24 Jun 2024 06:10:34 +0000
ROA not before: Mon 24 Jun 2024 06:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 07:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:48:de:1d:85:b4:c4:b5:9a:77:3a:31:a4:73:83:f2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 24 06:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ff9f0b847221b154610a3acf041b2fac7ade485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:c7:cd:f3:95:10:72:e5:24:e4:96:d0:21:
68:36:f1:42:44:46:e8:b0:65:6e:63:bf:dc:ce:be:
87:61:c8:66:3d:3c:bb:8f:ca:8f:1a:6d:75:2f:94:
67:2f:50:ab:26:fa:00:7f:07:94:c3:56:01:01:a7:
65:ca:80:99:85:b9:3f:e7:23:c0:b5:c3:17:b3:2f:
b2:45:8b:2e:19:43:e7:44:16:7c:fb:3f:fc:a6:ea:
6b:f2:77:94:e1:82:05:e2:0c:ed:c8:4e:11:07:71:
c5:b5:aa:f1:9f:54:3f:b2:28:04:86:bd:6e:77:50:
a8:50:a9:d0:e7:40:3e:e8:d6:7d:48:5d:e1:f5:f9:
8b:d5:b8:dc:9e:f9:eb:d0:c0:4c:21:94:25:a1:c5:
bf:0b:8f:4e:47:c0:1d:d5:f0:6d:d7:3b:3f:b9:d2:
5e:2d:7c:f2:f0:b6:ce:88:1c:3c:be:61:93:d8:c5:
e8:2b:04:5c:77:d1:83:38:75:c2:c9:a2:f4:65:56:
6f:b5:f4:b0:cb:61:79:49:84:23:96:fe:11:c3:f2:
d0:1a:78:48:be:fb:93:c1:c5:e8:47:12:c7:cf:5f:
a6:8c:35:68:8e:0a:4a:3c:44:b6:5d:38:67:31:84:
d2:58:6f:8e:2c:ab:d8:65:b4:85:d5:f7:70:51:5d:
11:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F9:F0:B8:47:22:1B:15:46:10:A3:AC:F0:41:B2:FA:C7:AD:E4:85
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/X_nwuEciGxVGEKOs8EGy-set5IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:c7:c5:2b:cb:fd:ea:df:5d:f7:9b:86:07:ce:ff:23:76:67:
dc:53:51:2c:51:41:bc:fa:b8:49:56:7b:66:3f:a8:7c:03:b2:
c2:6a:a0:f3:f4:5f:e4:b7:de:9b:7d:76:a7:44:1f:8b:6a:f4:
a0:94:43:c8:32:a3:77:a4:76:3e:4a:28:57:7d:fc:8d:16:5a:
bd:9a:d9:fe:75:76:5a:ed:42:f0:20:d2:ba:17:43:b3:ee:c7:
6f:db:de:07:4b:a7:8e:49:0e:f1:e7:2f:c4:bb:e6:1f:4d:88:
ef:6e:0b:ab:37:64:6d:85:99:b9:94:3a:3f:eb:35:b0:22:00:
b2:e6:bd:f3:04:61:f2:6c:87:54:cc:80:51:c4:96:e2:e5:ee:
e2:7d:a8:99:ca:65:1c:0f:14:bf:54:b1:87:8d:4b:18:73:29:
c4:6e:f5:1c:44:9e:fb:56:b1:a4:cc:ce:8e:d2:57:ee:e4:52:
9c:e2:75:5e:a4:ad:51:87:94:0a:9d:40:60:07:b8:15:8f:4c:
c1:e6:33:24:f0:b9:41:0e:4b:c2:09:f6:e4:fa:ac:95:49:3c:
bb:87:c4:26:fe:d8:81:4a:03:34:f1:05:07:36:f8:95:a5:ea:
dd:c6:49:5c:4e:81:7b:fb:e2:fd:6f:2e:5a:9c:91:b1:f6:ad:
a1:cf:d1:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBI3h2FtMS1mnc6MaRzg/JtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI0MDYxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY5ZjBiODQ3MjIxYjE1NDYxMGEzYWNmMDQxYjJmYWM3YWRlNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl7HzfOVEHLlJOSW0CFoNvFCREbo
sGVuY7/czr6HYchmPTy7j8qPGm11L5RnL1CrJvoAfweUw1YBAadlyoCZhbk/5yPA
tcMXsy+yRYsuGUPnRBZ8+z/8pupr8neU4YIF4gztyE4RB3HFtarxn1Q/sigEhr1u
d1CoUKnQ50A+6NZ9SF3h9fmL1bjcnvnr0MBMIZQlocW/C49OR8Ad1fBt1zs/udJe
LXzy8LbOiBw8vmGT2MXoKwRcd9GDOHXCyaL0ZVZvtfSwy2F5SYQjlv4Rw/LQGnhI
vvuTwcXoRxLHz1+mjDVojgpKPES2XThnMYTSWG+OLKvYZbSF1fdwUV0RaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF/58LhHIhsVRhCjrPBBsvrHreSFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWF9ud3VFY2lHeFZHRUtPczhFR3ktc2V0NUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABvHxSvL/erfXfebhgfO
/yN2Z9xTUSxRQbz6uElWe2Y/qHwDssJqoPP0X+S33pt9dqdEH4tq9KCUQ8gyo3ek
dj5KKFd9/I0WWr2a2f51dlrtQvAg0roXQ7Pux2/b3gdLp45JDvHnL8S75h9NiO9u
C6s3ZG2FmbmUOj/rNbAiALLmvfMEYfJsh1TMgFHEluLl7uJ9qJnKZRwPFL9UsYeN
SxhzKcRu9RxEnvtWsaTMzo7SV+7kUpzidV6krVGHlAqdQGAHuBWPTMHmMyTwuUEO
S8IJ9uT6rJVJPLuHxCb+2IFKAzTxBQc2+JWl6t3GSVxOgXv74v1vLlqckbH2raHP
0eg=
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:44:44 2024 by rpki-client on console-fra.rpki-client.org