Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bDAnZclLe6hlU1GvmDDG5zYLCv8.roa
File: bDAnZclLe6hlU1GvmDDG5zYLCv8.roa (raw, json)
Hash identifier: 8IVSCfjTRlsqOS9jpOvAS8wp0jGR+QTMohAbIF0qWVE=
Subject key identifier: 6C:30:27:65:C9:4B:7B:A8:65:53:51:AF:98:30:C6:E7:36:0B:0A:FF
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190702346FECF322D62C97453678D92E3D0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bDAnZclLe6hlU1GvmDDG5zYLCv8.roa
Signing time: Mon 01 Jul 2024 21:11:18 +0000
ROA not before: Mon 01 Jul 2024 21:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 22:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:70:23:46:fe:cf:32:2d:62:c9:74:53:67:8d:92:e3:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 21:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c302765c94b7ba8655351af9830c6e7360b0aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:75:a3:ca:98:c5:1c:a1:93:6a:7a:8e:b1:a2:
92:21:5c:5e:1f:fc:b6:4a:71:2f:d0:d4:c9:c9:c0:
9e:b6:e9:a1:5e:f4:7f:b5:56:77:e0:d4:83:4a:17:
07:8b:1a:dc:da:a0:bc:51:62:12:b8:ee:03:a9:15:
06:82:6f:72:e1:a5:b6:34:2e:69:5b:95:83:d2:71:
83:7e:07:73:c1:5f:16:c2:24:f9:52:cd:07:f6:77:
42:2a:b6:77:de:8c:07:1c:fb:ee:9f:bb:4d:64:7e:
5c:4d:cc:1e:f5:bb:33:d2:ef:ae:14:a9:af:78:c9:
84:06:9b:b3:07:d7:13:84:b6:ea:f8:f5:31:5f:1e:
db:16:12:ac:de:b3:d2:c3:c2:60:d8:c5:bd:b0:dd:
18:57:fc:e4:0d:10:2f:cf:f9:34:0c:53:2a:72:b9:
c6:92:25:15:ad:bc:b1:39:02:75:4d:a9:fb:02:58:
77:bb:58:ee:d6:f0:f3:15:92:27:58:a0:e4:7e:ef:
9b:93:8c:ce:56:dd:d9:ca:e2:63:6e:ce:4c:b6:73:
bd:b0:39:6e:9c:54:94:34:a8:3b:99:c8:e8:d0:95:
8e:b5:b2:1a:11:a1:52:7c:46:b9:1e:07:1b:41:f0:
2d:b8:cc:79:46:1d:61:15:f7:a1:ea:b7:15:ff:4e:
df:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:30:27:65:C9:4B:7B:A8:65:53:51:AF:98:30:C6:E7:36:0B:0A:FF
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bDAnZclLe6hlU1GvmDDG5zYLCv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:f3:f5:94:4a:89:31:0e:fa:aa:35:01:39:29:c7:8b:48:ee:
1a:39:e3:28:60:0f:b1:39:34:0e:81:96:59:e8:dc:3a:21:0e:
61:68:15:88:be:08:6f:cd:c6:a9:fb:22:b7:8a:dd:a3:63:04:
f7:df:bf:eb:48:98:c1:c4:32:4b:b9:cd:35:15:4f:f9:11:f2:
85:8b:b4:9c:87:26:0e:69:bf:af:4d:03:c9:4a:da:b6:78:0a:
39:4d:be:8e:f8:b2:3f:52:ae:72:61:f9:b6:0d:f7:39:5a:9a:
a4:a9:81:e4:14:2a:57:5c:aa:40:07:60:fd:a3:9f:1c:b6:d1:
04:61:b4:b4:eb:36:3e:8b:15:4c:68:c4:a7:cb:89:cb:73:ee:
2f:a5:0a:52:00:79:ba:9f:ea:a2:c1:c6:6d:9b:b9:96:0a:a9:
10:d6:a1:33:9a:e3:cb:54:94:94:50:14:18:5d:1f:27:ff:1a:
fd:2a:95:d5:1d:0c:db:bd:7e:81:12:47:e5:d2:7c:6a:db:80:
f3:98:e7:40:9d:8d:46:92:48:f3:05:83:aa:bd:c6:1e:24:52:
1c:2f:14:d0:45:76:de:e2:08:34:16:c2:6d:74:7a:2d:5f:55:
69:5f:c4:b7:36:bf:7e:54:2c:85:65:c1:3d:be:11:5f:f9:99:
9d:6e:e2:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBwI0b+zzItYsl0U2eNkuPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMjExMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMwMjc2NWM5NGI3YmE4NjU1MzUxYWY5ODMwYzZlNzM2MGIwYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3WjypjFHKGTanqOsaKSIVxeH/y2
SnEv0NTJycCetumhXvR/tVZ34NSDShcHixrc2qC8UWISuO4DqRUGgm9y4aW2NC5p
W5WD0nGDfgdzwV8WwiT5Us0H9ndCKrZ33owHHPvun7tNZH5cTcwe9bsz0u+uFKmv
eMmEBpuzB9cThLbq+PUxXx7bFhKs3rPSw8Jg2MW9sN0YV/zkDRAvz/k0DFMqcrnG
kiUVrbyxOQJ1Tan7Alh3u1ju1vDzFZInWKDkfu+bk4zOVt3ZyuJjbs5MtnO9sDlu
nFSUNKg7mcjo0JWOtbIaEaFSfEa5HgcbQfAtuMx5Rh1hFfeh6rcV/07fWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGwwJ2XJS3uoZVNRr5gwxuc2Cwr/MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYkRBblpjbExlNmhsVTFHdm1EREc1ellMQ3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI/z9ZRKiTEO+qo1ATkp
x4tI7ho54yhgD7E5NA6Bllno3DohDmFoFYi+CG/Nxqn7IreK3aNjBPffv+tImMHE
Mku5zTUVT/kR8oWLtJyHJg5pv69NA8lK2rZ4CjlNvo74sj9SrnJh+bYN9zlamqSp
geQUKldcqkAHYP2jnxy20QRhtLTrNj6LFUxoxKfLictz7i+lClIAebqf6qLBxm2b
uZYKqRDWoTOa48tUlJRQFBhdHyf/Gv0qldUdDNu9foESR+XSfGrbgPOY50CdjUaS
SPMFg6q9xh4kUhwvFNBFdt7iCDQWwm10ei1fVWlfxLc2v35ULIVlwT2+EV/5mZ1u
4iQ=
-----END CERTIFICATE-----
Generated at Mon Jul 1 23:35:53 2024 by rpki-client on console-ams.rpki-client.org