Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bJQ30hd_SgaTJVaKa261t82qhSw.roa
File: bJQ30hd_SgaTJVaKa261t82qhSw.roa (raw, json)
Hash identifier: NBEIjTFNngzMBqPHYc6vP/DgjyKpeFN0RwKGeNiRkuY=
Subject key identifier: 6C:94:37:D2:17:7F:4A:06:93:25:56:8A:6B:6E:B5:B7:CD:AA:85:2C
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190407FC97530B7582ADBA2488A931F605E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bJQ30hd_SgaTJVaKa261t82qhSw.roa
Signing time: Sat 22 Jun 2024 15:10:34 +0000
ROA not before: Sat 22 Jun 2024 15:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Jun 2024 16:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:40:7f:c9:75:30:b7:58:2a:db:a2:48:8a:93:1f:60:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 22 15:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c9437d2177f4a069325568a6b6eb5b7cdaa852c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0c:57:56:3b:c9:20:75:2e:ce:c5:1b:a6:a9:
a1:dd:fc:bd:f4:fc:c0:b9:f1:e1:7f:c0:44:50:9d:
89:b4:cc:6d:ed:db:a7:da:6f:28:43:1c:dd:c9:82:
c9:58:0f:a4:45:8a:ec:91:41:a7:8a:8d:40:7d:43:
66:9d:aa:f1:6b:38:a8:ae:16:f3:22:9c:06:f7:b8:
85:d4:38:ed:9e:48:0c:9d:8c:44:a2:e1:bc:32:a4:
64:af:3d:2d:6b:03:15:43:75:07:ef:cb:30:db:9e:
3d:0e:f6:1b:0e:b7:23:ce:31:7e:db:ea:a6:1a:d2:
fe:e6:ed:4e:70:a2:fe:32:79:e5:69:ae:a8:64:64:
dd:87:d0:b5:a2:fd:d6:c5:a1:16:7a:e8:a0:31:0f:
d7:c2:70:cd:07:4a:cb:29:67:4a:74:58:de:bf:b8:
96:cd:ea:3b:a4:01:67:c2:21:b9:42:ff:34:e8:45:
b5:a0:42:8a:96:71:99:ff:ce:d6:af:30:86:a7:08:
f2:8b:af:4b:86:e1:2f:bd:57:c3:86:2e:0c:4c:78:
87:57:4d:f4:14:6d:9f:ce:b9:fe:1f:b2:63:26:8c:
fa:8d:6d:99:ee:a6:fc:c6:c4:90:8a:bc:c5:da:04:
ca:b3:ed:47:68:f9:00:32:ad:b7:d8:d0:29:3b:e0:
8c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:94:37:D2:17:7F:4A:06:93:25:56:8A:6B:6E:B5:B7:CD:AA:85:2C
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bJQ30hd_SgaTJVaKa261t82qhSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:75:ab:f0:38:e9:aa:28:ff:74:41:93:9c:b1:8f:d7:ee:6c:
81:49:33:73:cd:9c:74:2b:ae:5a:02:54:a4:8e:0d:ec:b2:43:
7b:29:ed:4c:b1:95:8f:0d:27:b9:ec:30:9e:f3:9b:2b:6e:92:
f2:e1:da:6f:f5:4c:5e:4e:e3:30:9d:dd:6b:cd:d1:af:4a:a2:
de:24:d2:0f:a8:6b:31:57:a0:c1:33:3c:05:00:6d:7b:68:58:
53:4d:9a:8d:19:06:05:19:04:9d:62:67:73:59:71:81:81:52:
05:eb:72:ad:63:0c:dd:0e:72:a8:20:a9:cd:f1:71:51:f1:94:
6e:56:6c:66:62:2a:0f:db:15:b0:31:d1:07:66:99:13:89:92:
ea:da:09:67:23:93:34:35:8b:54:18:2d:e0:e3:98:d9:3a:29:
d4:44:12:42:9d:2a:53:9e:20:62:c2:0f:82:5d:48:be:8f:7e:
11:ce:de:95:c7:51:52:b8:04:57:f8:52:08:5b:d7:59:f9:2b:
09:4a:38:44:66:fa:ba:10:e3:f8:be:01:02:3d:7c:20:11:8f:
02:cd:dd:92:e1:12:b6:5f:5f:4d:93:5b:ba:23:dc:7b:c2:ff:
a9:84:0c:50:e9:69:db:c3:68:38:d9:bb:fd:23:33:28:54:5b:
94:59:91:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBAf8l1MLdYKtuiSIqTH2BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIyMTUxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk0MzdkMjE3N2Y0YTA2OTMyNTU2OGE2YjZlYjViN2NkYWE4NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugxXVjvJIHUuzsUbpqmh3fy99PzA
ufHhf8BEUJ2JtMxt7dun2m8oQxzdyYLJWA+kRYrskUGnio1AfUNmnarxaziorhbz
IpwG97iF1DjtnkgMnYxEouG8MqRkrz0tawMVQ3UH78sw2549DvYbDrcjzjF+2+qm
GtL+5u1OcKL+Mnnlaa6oZGTdh9C1ov3WxaEWeuigMQ/XwnDNB0rLKWdKdFjev7iW
zeo7pAFnwiG5Qv806EW1oEKKlnGZ/87WrzCGpwjyi69LhuEvvVfDhi4MTHiHV030
FG2fzrn+H7JjJoz6jW2Z7qb8xsSQirzF2gTKs+1HaPkAMq232NApO+CM2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGyUN9IXf0oGkyVWimtutbfNqoUsMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYkpRMzBoZF9TZ2FUSlZhS2EyNjF0ODJxaFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEt1q/A46aoo/3RBk5yx
j9fubIFJM3PNnHQrrloCVKSODeyyQ3sp7UyxlY8NJ7nsMJ7zmytukvLh2m/1TF5O
4zCd3WvN0a9Kot4k0g+oazFXoMEzPAUAbXtoWFNNmo0ZBgUZBJ1iZ3NZcYGBUgXr
cq1jDN0Ocqggqc3xcVHxlG5WbGZiKg/bFbAx0QdmmROJkuraCWcjkzQ1i1QYLeDj
mNk6KdREEkKdKlOeIGLCD4JdSL6PfhHO3pXHUVK4BFf4Ughb11n5KwlKOERm+roQ
4/i+AQI9fCARjwLN3ZLhErZfX02TW7oj3HvC/6mEDFDpadvDaDjZu/0jMyhUW5RZ
kTc=
-----END CERTIFICATE-----
Generated at Sat Jun 22 18:54:43 2024 by rpki-client on console-fra.rpki-client.org