Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_k40vqG-lXoC4GqSuWFSlzzxY2s.roa
File: _k40vqG-lXoC4GqSuWFSlzzxY2s.roa (raw, json)
Hash identifier: +uP/sMtMver4mPPa8ePlSHd0WuMJ4sKyMaHKsexD0cA=
Subject key identifier: FE:4E:34:BE:A1:BE:95:7A:02:E0:6A:92:B9:61:52:97:3C:F1:63:6B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906CE88FEBD25F41D2381BBB63F7B76CD7
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_k40vqG-lXoC4GqSuWFSlzzxY2s.roa
Signing time: Mon 01 Jul 2024 06:08:18 +0000
ROA not before: Mon 01 Jul 2024 06:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 07:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6c:e8:8f:eb:d2:5f:41:d2:38:1b:bb:63:f7:b7:6c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 06:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe4e34bea1be957a02e06a92b96152973cf1636b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:63:a7:09:7a:c2:04:af:2a:4d:43:dc:d3:33:
46:0b:ff:13:5b:b7:eb:93:ba:a9:81:47:ed:79:68:
c1:fe:8b:04:92:da:fb:d0:29:4d:8d:9d:a6:0b:82:
28:86:95:f6:92:9e:77:13:fc:65:01:1c:0b:ed:c7:
cf:8b:a8:93:83:bf:b0:8f:6d:b2:62:a2:21:eb:6c:
54:a7:bb:36:9d:7b:d1:12:aa:c2:f8:47:7a:80:ad:
90:05:29:f5:88:1d:c7:61:14:13:81:a4:5c:d2:cf:
c0:b4:48:86:fa:8a:fb:c2:44:e7:a3:c5:ce:d3:0c:
1d:a3:32:78:56:ab:70:ea:08:9c:03:ec:74:b3:c4:
32:1a:d6:bc:4f:5f:4d:16:7c:f0:40:df:a9:69:e8:
cb:9f:13:5d:85:d6:65:e4:99:3b:90:d0:16:e6:9e:
25:5e:67:aa:64:53:7c:4a:21:b0:83:8b:a4:bf:b4:
a4:a4:40:71:d7:4f:18:9e:58:3e:b3:a0:bb:1a:54:
63:d3:77:35:7f:56:89:28:24:01:4e:1c:29:ef:df:
36:95:5b:77:fe:1b:c9:ac:5b:8e:3f:98:bf:28:28:
31:0d:62:36:3a:c3:fe:c2:49:97:2c:a1:62:01:d6:
a6:1f:89:06:8d:88:52:f4:1b:08:48:0e:32:ab:1b:
06:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4E:34:BE:A1:BE:95:7A:02:E0:6A:92:B9:61:52:97:3C:F1:63:6B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_k40vqG-lXoC4GqSuWFSlzzxY2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:47:e8:be:77:ee:ed:ac:c1:20:09:cc:e7:4b:57:16:33:42:
f3:b6:0c:22:5c:91:c8:51:ad:34:5d:fd:47:e0:fe:a7:3f:6e:
35:07:df:0a:61:b1:45:b9:5b:26:e6:c7:ea:9b:29:4e:6a:f9:
4e:29:16:fc:ae:5c:21:43:d7:73:b8:d0:e4:85:f8:2a:dc:59:
87:17:81:7d:4b:ad:57:54:3f:a5:54:f3:2b:72:0d:03:39:61:
01:9e:b6:57:65:1f:4a:70:3c:b9:93:78:3c:54:88:94:93:d8:
a8:e0:f3:33:f2:12:55:2c:88:92:b5:74:93:7c:fd:c8:e9:6c:
4a:11:6b:a0:2c:6b:3a:37:38:86:e6:df:42:26:42:18:99:b4:
39:8f:18:75:7c:83:f0:f7:82:70:1d:52:b8:b4:04:09:00:cd:
f8:77:ab:0f:5b:ab:a1:c8:5a:12:5b:ac:50:e1:e4:77:e2:f8:
a7:7b:e7:52:b0:8d:2a:2d:cc:c6:e2:26:f0:86:b7:ed:63:09:
56:7a:fc:59:cd:f0:b9:80:9b:87:a4:37:83:4e:48:9b:d4:1f:
e0:f8:e8:77:fc:3d:e1:48:c4:2b:6f:17:45:6c:c8:2c:0c:29:
5b:04:fc:3a:72:77:da:6e:f5:46:e3:73:2c:85:aa:ce:e9:84:
a1:3d:39:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBs6I/r0l9B0jgbu2P3t2zXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMDYwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTRlMzRiZWExYmU5NTdhMDJlMDZhOTJiOTYxNTI5NzNjZjE2MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GOnCXrCBK8qTUPc0zNGC/8TW7fr
k7qpgUfteWjB/osEktr70ClNjZ2mC4IohpX2kp53E/xlARwL7cfPi6iTg7+wj22y
YqIh62xUp7s2nXvREqrC+Ed6gK2QBSn1iB3HYRQTgaRc0s/AtEiG+or7wkTno8XO
0wwdozJ4Vqtw6gicA+x0s8QyGta8T19NFnzwQN+paejLnxNdhdZl5Jk7kNAW5p4l
XmeqZFN8SiGwg4ukv7SkpEBx108Ynlg+s6C7GlRj03c1f1aJKCQBThwp7982lVt3
/hvJrFuOP5i/KCgxDWI2OsP+wkmXLKFiAdamH4kGjYhS9BsISA4yqxsGNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP5ONL6hvpV6AuBqkrlhUpc88WNrMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX2s0MHZxRy1sWG9DNEdxU3VXRlNsenp4WTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHlH6L537u2swSAJzOdL
VxYzQvO2DCJckchRrTRd/Ufg/qc/bjUH3wphsUW5Wybmx+qbKU5q+U4pFvyuXCFD
13O40OSF+CrcWYcXgX1LrVdUP6VU8ytyDQM5YQGetldlH0pwPLmTeDxUiJST2Kjg
8zPyElUsiJK1dJN8/cjpbEoRa6Asazo3OIbm30ImQhiZtDmPGHV8g/D3gnAdUri0
BAkAzfh3qw9bq6HIWhJbrFDh5Hfi+Kd751KwjSotzMbiJvCGt+1jCVZ6/FnN8LmA
m4ekN4NOSJvUH+D46Hf8PeFIxCtvF0VsyCwMKVsE/Dpyd9pu9UbjcyyFqs7phKE9
OZA=
-----END CERTIFICATE-----
Generated at Mon Jul 1 09:08:13 2024 by rpki-client on console-fra.rpki-client.org