Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_pxqh67eqzv3o87WthPXeEp_iGQ.roa
File: _pxqh67eqzv3o87WthPXeEp_iGQ.roa (raw, json)
Hash identifier: nyb0b+xkafqcLfoM80t82SoQiB7biFItQJSyzZtHpLw=
Subject key identifier: FE:9C:6A:87:AE:DE:AB:3B:F7:A3:CE:D6:B6:13:D7:78:4A:7F:88:64
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019005E5F2EDF150D597FB17F16936BC1E3F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_pxqh67eqzv3o87WthPXeEp_iGQ.roa
Signing time: Tue 11 Jun 2024 06:04:34 +0000
ROA not before: Tue 11 Jun 2024 06:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:5e5:af79/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 11 Jun 2024 06:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:05:e5:f2:ed:f1:50:d5:97:fb:17:f1:69:36:bc:1e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 11 06:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe9c6a87aedeab3bf7a3ced6b613d7784a7f8864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0e:1d:32:9d:88:50:00:fc:df:80:a4:3b:14:
96:a9:47:10:ce:4b:d3:67:47:50:75:0c:fa:95:34:
4a:ba:a9:9c:12:9b:46:75:11:f3:96:39:00:ef:6a:
df:1e:bd:8d:da:5b:f1:3d:60:51:47:78:91:ac:7d:
c0:f2:9a:bd:79:de:6c:56:01:51:73:18:df:c4:a4:
68:79:94:fe:97:15:c5:b8:6e:00:8d:09:3e:97:ae:
29:76:2c:c8:73:d5:6f:c0:c2:5d:c0:75:3f:e6:4e:
22:25:83:ef:63:8f:97:c6:2b:be:e1:09:6e:aa:7f:
c1:93:e4:98:92:65:d6:28:02:a4:66:4d:06:66:c4:
57:c8:17:b4:35:e0:d2:82:ce:25:b0:e6:5d:f3:81:
8f:d8:32:52:01:c1:17:cb:3c:43:b7:0e:5d:5d:b9:
b0:28:ab:c0:6d:44:56:d2:14:16:58:61:25:8e:f6:
b3:fa:5c:ee:24:b5:53:0c:7a:d1:69:ee:28:fa:12:
63:0b:23:fe:76:71:bf:3d:ff:48:17:cf:6e:f8:8f:
dc:a5:f3:bc:34:0e:67:06:b3:6c:58:57:bc:08:6b:
49:9a:35:8f:43:05:0a:c6:a1:74:b8:0b:58:22:d4:
62:da:09:07:33:8c:c2:59:fb:d7:90:00:d6:d9:b6:
2c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9C:6A:87:AE:DE:AB:3B:F7:A3:CE:D6:B6:13:D7:78:4A:7F:88:64
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/_pxqh67eqzv3o87WthPXeEp_iGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:44:22:04:68:a7:7e:46:c5:07:59:9d:ea:47:b4:d8:ff:4e:
bd:0b:c8:ed:d5:71:bc:a0:b9:22:0b:b7:1b:56:12:fc:8e:8f:
a4:08:c3:0e:22:2d:bd:08:46:2b:ae:07:a0:b1:64:d2:98:b3:
b6:1a:b5:95:4b:87:29:22:8e:8c:e0:61:a0:5e:de:97:85:20:
b5:c6:3c:26:83:e4:9e:89:41:46:3a:8b:48:41:05:ec:25:ea:
6b:c2:66:30:90:e8:26:48:80:ab:87:8e:fb:1f:61:21:37:d9:
78:1b:df:ec:75:6e:07:45:25:fd:46:da:5b:52:7a:2a:36:e1:
d8:0e:5c:ff:ff:c0:0c:95:ef:65:69:d6:a3:ad:b4:45:7a:21:
54:c3:a3:0d:77:02:e9:5c:b7:45:6b:05:67:2d:29:fa:93:d6:
07:b4:6d:61:93:ea:67:07:20:18:db:76:b6:ba:a8:51:60:1b:
43:c6:e7:7a:7e:05:7c:b6:02:14:78:1a:71:eb:16:e0:cb:28:
7b:7f:d6:e9:29:cf:e9:96:b1:6c:b0:7c:71:dd:b3:f4:32:e2:
20:1f:a4:4e:1b:3d:40:7d:9f:41:6e:7b:40:ab:e8:36:28:c9:
09:af:aa:35:02:2f:f3:48:ea:5d:64:e7:21:e9:91:e0:5c:da:
3f:64:4c:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAF5fLt8VDVl/sX8Wk2vB4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjExMDYwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTljNmE4N2FlZGVhYjNiZjdhM2NlZDZiNjEzZDc3ODRhN2Y4ODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw4dMp2IUAD834CkOxSWqUcQzkvT
Z0dQdQz6lTRKuqmcEptGdRHzljkA72rfHr2N2lvxPWBRR3iRrH3A8pq9ed5sVgFR
cxjfxKRoeZT+lxXFuG4AjQk+l64pdizIc9VvwMJdwHU/5k4iJYPvY4+Xxiu+4Qlu
qn/Bk+SYkmXWKAKkZk0GZsRXyBe0NeDSgs4lsOZd84GP2DJSAcEXyzxDtw5dXbmw
KKvAbURW0hQWWGEljvaz+lzuJLVTDHrRae4o+hJjCyP+dnG/Pf9IF89u+I/cpfO8
NA5nBrNsWFe8CGtJmjWPQwUKxqF0uAtYItRi2gkHM4zCWfvXkADW2bYsqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP6caoeu3qs796PO1rYT13hKf4hkMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvX3B4cWg2N2VxenYzbzg3V3RoUFhlRXBfaUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIpEIgRop35GxQdZnepH
tNj/Tr0LyO3VcbyguSILtxtWEvyOj6QIww4iLb0IRiuuB6CxZNKYs7YatZVLhyki
jozgYaBe3peFILXGPCaD5J6JQUY6i0hBBewl6mvCZjCQ6CZIgKuHjvsfYSE32Xgb
3+x1bgdFJf1G2ltSeio24dgOXP//wAyV72Vp1qOttEV6IVTDow13Aulct0VrBWct
KfqT1ge0bWGT6mcHIBjbdra6qFFgG0PG53p+BXy2AhR4GnHrFuDLKHt/1ukpz+mW
sWywfHHds/Qy4iAfpE4bPUB9n0Fue0Cr6DYoyQmvqjUCL/NI6l1k5yHpkeBc2j9k
TKw=
-----END CERTIFICATE-----
Generated at Tue Jun 11 08:48:12 2024 by rpki-client on console-fra.rpki-client.org